urlscan.io logo urlscan.io
SecurityTrails logo

auth.savings.workingadvantage.com Open in urlscan Pro
104.18.39.111  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://crowdstrike.savings.workingadvantage.com/
Effective URL: https://auth.savings.workingadvantage.com/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F...
Submission: On January 29 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 4 countries across 22 domains to perform 110 HTTP transactions. The main IP is 104.18.39.111, located in and belongs to CLOUDFLARENET, US. The main domain is auth.savings.workingadvantage.com. The Cisco Umbrella rank of the primary domain is 242054.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 6th 2023. Valid for: a year.
This is the only time auth.savings.workingadvantage.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.64.148.145 13335 (CLOUDFLAR...)
2 27 104.18.39.111 13335 (CLOUDFLAR...)
12 23.198.63.128 16625 (AKAMAI-AS)
2 151.101.129.229 54113 (FASTLY)
6 142.250.71.74 15169 (GOOGLE)
2 104.17.24.14 13335 (CLOUDFLAR...)
9 142.250.204.8 15169 (GOOGLE)
2 35.173.67.179 14618 (AMAZON-AES)
2 63.140.56.177 15224 (OMNITURE)
4 142.250.71.67 15169 (GOOGLE)
11 142.250.66.206 15169 (GOOGLE)
1 64.233.170.156 15169 (GOOGLE)
1 18.238.192.40 16509 (AMAZON-02)
1 13.224.181.71 16509 (AMAZON-02)
2 199.38.167.54 54312 (ROCKETFUEL)
2 2 172.217.167.102 15169 (GOOGLE)
1 2 142.250.204.2 15169 (GOOGLE)
1 2 103.43.90.179 29990 (ASN-APPNEX)
1 52.45.70.255 14618 (AMAZON-AES)
1 34.193.104.27 14618 (AMAZON-AES)
2 104.18.27.50 13335 (CLOUDFLAR...)
3 192.96.202.199 30633 (LEASEWEB-...)
11 172.64.150.236 13335 (CLOUDFLAR...)
1 151.101.2.137 54113 (FASTLY)
2 162.247.243.29 54113 (FASTLY)
1 63.140.38.112 14618 (AMAZON-AES)
3 151.101.30.208 54113 (FASTLY)
110 26
1    172.64.148.145 (United States)

ASN13335 (CLOUDFLARENET, US)
crowdstrike.savings.workingadvantage.com
27    104.18.39.111 (None, )

ASN13335 (CLOUDFLARENET, US)
crowdstrike.savings.workingadvantage.com
auth.savings.workingadvantage.com
12    23.198.63.128 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-63-128.deploy.static.akamaitechnologies.com
assets.adobedtm.com
2    151.101.129.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
6    142.250.71.74 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f10.1e100.net
maps.googleapis.com
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
9    142.250.204.8 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f8.1e100.net
www.googletagmanager.com
2    35.173.67.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-67-179.compute-1.amazonaws.com
dpm.demdex.net
2    63.140.56.177 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-56-177.data.adobedc.net
smetrics.workingadvantage.com
4    142.250.71.67 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f3.1e100.net
fonts.gstatic.com
11    142.250.66.206 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f14.1e100.net
www.google-analytics.com
1    64.233.170.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f156.1e100.net
stats.g.doubleclick.net
1    18.238.192.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-192-40.sfo53.r.cloudfront.net
live.rezync.com
1    13.224.181.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-71.syd1.r.cloudfront.net
cdn.boomtrain.com
2    199.38.167.54 (United States)

ASN54312 (ROCKETFUEL, US)
com-wag3.netmng.com
2    172.217.167.102 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f6.1e100.net
ad.doubleclick.net
2    142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net
adservice.google.com
adservice.google.com.au
2    103.43.90.179 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
secure.adnxs.com
1    52.45.70.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-70-255.compute-1.amazonaws.com
people.api.boomtrain.com
1    34.193.104.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-104-27.compute-1.amazonaws.com
events.api.boomtrain.com
2    104.18.27.50 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.mouseflow.com
3    192.96.202.199 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
n2.mouseflow.com
11    172.64.150.236 (United States)

ASN13335 (CLOUDFLARENET, US)
crowdstrike.savings.beneplace.com
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
1    63.140.38.112 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-112.data.adobedc.net
entertainmentbenefit.tt.omtrdc.net
3    151.101.30.208 (Sydney, Australia)

ASN54113 (FASTLY, US)
g3i.imgix.net
Apex Domain
Subdomains		 Transfer
30 workingadvantage.com
crowdstrike.savings.workingadvantage.com
smetrics.workingadvantage.com — Cisco Umbrella Rank: 187168
auth.savings.workingadvantage.com — Cisco Umbrella Rank: 242054
2 MB
12 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 460
343 KB
11 beneplace.com
crowdstrike.savings.beneplace.com
21 KB
11 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
42 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
728 KB
6 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 362
235 KB
5 mouseflow.com
cdn.mouseflow.com — Cisco Umbrella Rank: 7068
n2.mouseflow.com — Cisco Umbrella Rank: 20697
116 KB
4 gstatic.com
fonts.gstatic.com
55 KB
3 imgix.net
g3i.imgix.net — Cisco Umbrella Rank: 131131
346 KB
3 boomtrain.com
cdn.boomtrain.com — Cisco Umbrella Rank: 5754
people.api.boomtrain.com — Cisco Umbrella Rank: 6199
events.api.boomtrain.com — Cisco Umbrella Rank: 8976
31 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
ad.doubleclick.net — Cisco Umbrella Rank: 163
2 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 236
776 B
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 490
2 KB
2 netmng.com
com-wag3.netmng.com — Cisco Umbrella Rank: 133940
5 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 239
1 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
28 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
52 KB
1 omtrdc.net
entertainmentbenefit.tt.omtrdc.net — Cisco Umbrella Rank: 154643
949 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 600
26 KB
1 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 147332
231 B
1 google.com
adservice.google.com — Cisco Umbrella Rank: 98
697 B
1 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1645
6 KB
110 22
Domain Requested by
18 crowdstrike.savings.workingadvantage.com 2 redirects crowdstrike.savings.workingadvantage.com
12 assets.adobedtm.com crowdstrike.savings.workingadvantage.com
assets.adobedtm.com
auth.savings.workingadvantage.com
11 crowdstrike.savings.beneplace.com auth.savings.workingadvantage.com
11 www.google-analytics.com crowdstrike.savings.workingadvantage.com
www.googletagmanager.com
auth.savings.workingadvantage.com
10 auth.savings.workingadvantage.com 1 redirects crowdstrike.savings.workingadvantage.com
auth.savings.workingadvantage.com
9 www.googletagmanager.com crowdstrike.savings.workingadvantage.com
auth.savings.workingadvantage.com
6 maps.googleapis.com crowdstrike.savings.workingadvantage.com
auth.savings.workingadvantage.com
4 fonts.gstatic.com crowdstrike.savings.workingadvantage.com
auth.savings.workingadvantage.com
3 g3i.imgix.net
3 n2.mouseflow.com crowdstrike.savings.workingadvantage.com
auth.savings.workingadvantage.com
2 bam.nr-data.net auth.savings.workingadvantage.com
2 cdn.mouseflow.com crowdstrike.savings.workingadvantage.com
auth.savings.workingadvantage.com
2 secure.adnxs.com 1 redirects crowdstrike.savings.workingadvantage.com
2 ad.doubleclick.net 2 redirects
2 com-wag3.netmng.com crowdstrike.savings.workingadvantage.com
2 smetrics.workingadvantage.com assets.adobedtm.com
auth.savings.workingadvantage.com
2 dpm.demdex.net assets.adobedtm.com
auth.savings.workingadvantage.com
2 cdnjs.cloudflare.com crowdstrike.savings.workingadvantage.com
auth.savings.workingadvantage.com
2 cdn.jsdelivr.net crowdstrike.savings.workingadvantage.com
auth.savings.workingadvantage.com
1 entertainmentbenefit.tt.omtrdc.net auth.savings.workingadvantage.com
1 js-agent.newrelic.com auth.savings.workingadvantage.com
1 events.api.boomtrain.com crowdstrike.savings.workingadvantage.com
1 people.api.boomtrain.com crowdstrike.savings.workingadvantage.com
1 adservice.google.com.au crowdstrike.savings.workingadvantage.com
1 adservice.google.com 1 redirects
1 cdn.boomtrain.com crowdstrike.savings.workingadvantage.com
1 live.rezync.com crowdstrike.savings.workingadvantage.com
1 stats.g.doubleclick.net crowdstrike.savings.workingadvantage.com
110 28

This site contains links to these domains. Also see Links.

Domain
crowdstrike.savings.beneplace.com
Subject Issuer Validity Valid
workingadvantage.com
Cloudflare Inc ECC CA-3		 2023-07-06 -
2024-07-04		 a year crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-08-10		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
smetrics.workingadvantage.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-09 -
2024-08-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.rezync.com
Amazon RSA 2048 M02		 2023-10-25 -
2024-11-21		 a year crt.sh
*.boomtrain.com
Amazon RSA 2048 M02		 2024-01-10 -
2025-02-07		 a year crt.sh
*.netmng.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-09 -
2025-02-04		 a year crt.sh
*.api.boomtrain.com
Amazon RSA 2048 M03		 2023-09-16 -
2024-10-14		 a year crt.sh
cdn.mouseflow.com
Cloudflare Inc ECC CA-3		 2023-10-25 -
2024-10-23		 a year crt.sh
*.mouseflow.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-28 -
2024-09-27		 a year crt.sh
beneplace.com
Cloudflare Inc ECC CA-3		 2023-12-01 -
2024-11-30		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-01-15 -
2025-02-15		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-22 -
2024-09-21		 a year crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-12-07 -
2025-01-07		 a year crt.sh

This page contains 2 frames:

Primary Page: https://auth.savings.workingadvantage.com/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F
Frame ID: 703BC27AD7D07ACC7A245B6AA374DBEE
Requests: 109 HTTP requests in this frame

Frame: https://crowdstrike.savings.workingadvantage.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Frame ID: 9667AC4608CAF55BD617A93AEEA8D645
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Crowdstrike Savings Marketplace

Page URL History Show full URLs

  1. http://crowdstrike.savings.workingadvantage.com/ HTTP 301
    https://crowdstrike.savings.workingadvantage.com/ Page URL
  2. https://auth.savings.workingadvantage.com/auth/authorize?subdomain=crowdstrike&response_type=code&client_id=9ezalirn45... HTTP 302
    https://auth.savings.workingadvantage.com/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redi... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • cdn\.mouseflow\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

110
Requests

95 %
HTTPS

0 %
IPv6

22
Domains

28
Subdomains

26
IPs

4
Countries

3862 kB
Transfer

13692 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://crowdstrike.savings.workingadvantage.com/ HTTP 301
    https://crowdstrike.savings.workingadvantage.com/ Page URL
  2. https://auth.savings.workingadvantage.com/auth/authorize?subdomain=crowdstrike&response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F HTTP 302
    https://auth.savings.workingadvantage.com/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://crowdstrike.savings.workingadvantage.com/ HTTP 301
  • https://crowdstrike.savings.workingadvantage.com/
Request Chain 29
  • https://crowdstrike.savings.workingadvantage.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://crowdstrike.savings.workingadvantage.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Request Chain 36
  • https://ad.doubleclick.net/ddm/activity/src=12084042;type=unive0;cat=unive0;u1=;u2=;u3=;u4=;u5=;u6=;u7=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u18=;u19=;u20=;u22=;u23=;u28=;u29=https://crowdstrike.savings.workingadvantage.com/;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1706571081.9960885 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=12084042;dc_pre=CKXPkdngg4QDFQJtDwIdLgULdA;type=unive0;cat=unive0;u1=;u2=;u3=;u4=;u5=;u6=;u7=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u18=;u19=;u20=;u22=;u23=;u28=;u29=https://crowdstrike.savings.workingadvantage.com/;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1706571081.9960885 HTTP 302
  • https://adservice.google.com/ddm/fls/p/src=12084042;dc_pre=CKXPkdngg4QDFQJtDwIdLgULdA;type=unive0;cat=unive0;u1=;u2=;u3=;u4=;u5=;u6=;u7=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u18=;u19=;u20=;u22=;u23=;u28=;u29=https://crowdstrike.savings.workingadvantage.com/;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1706571081.9960885;~oref=https://crowdstrike.savings.workingadvantage.com/ HTTP 302
  • https://adservice.google.com.au/ddm/fls/p/src=12084042;dc_pre=CKXPkdngg4QDFQJtDwIdLgULdA;type=unive0;cat=unive0;u1=;u2=;u3=;u4=;u5=;u6=;u7=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u18=;u19=;u20=;u22=;u23=;u28=;u29=https://crowdstrike.savings.workingadvantage.com/;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1706571081.9960885;~oref=https://crowdstrike.savings.workingadvantage.com/
Request Chain 37
  • https://secure.adnxs.com/seg?add=32509374&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D32509374%26t%3D2

110 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
crowdstrike.savings.workingadvantage.com/
Redirect Chain
  • http://crowdstrike.savings.workingadvantage.com/
  • https://crowdstrike.savings.workingadvantage.com/
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.workingadvantage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1b3cb38e26fb5d03f479f8c458de4a196783518bd4573ac1baa6c390e1d1981
Security Headers
Name Value
Content-Security-Policy frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com 'unsafe-inline' 'unsafe-eval' frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84d54495b8f8a959-SYD
content-encoding
br
content-security-policy
frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com 'unsafe-inline' 'unsafe-eval' frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 23:31:18 GMT
last-modified
Thu, 18 Jan 2024 11:47:09 GMT
server
cloudflare
strict-transport-security
max-age=5184000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

CF-RAY
84d544951edf5593-SYD
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 29 Jan 2024 23:31:18 GMT
Expires
Tue, 30 Jan 2024 00:31:18 GMT
Location
https://crowdstrike.savings.workingadvantage.com/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
alt-svc
h3=":443"; ma=86400
launch-a0e5cece2585.min.js
assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/ 		652 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/launch-a0e5cece2585.min.js
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-63-128.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bc83c7ec22a67fb4f4f9da76257b42c5329c0367f497ae5ffd532f4d065d3df2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:19 GMT
content-encoding
gzip
last-modified
Mon, 29 Jan 2024 22:13:11 GMT
server
AkamaiNetStorage
etag
"e37f005cad3c18d25ff3743eeea3b5f2:1706566391.826699"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://crowdstrike.savings.workingadvantage.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
158908
expires
Tue, 30 Jan 2024 00:31:19 GMT
new-relic-integration.js
crowdstrike.savings.workingadvantage.com/assets/new-relic/ 		51 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc49c009b33e66a59f057cf4ada682b80d4401d919ddf0f8d3ef2bb0415f0b23
Security Headers
Name Value
Content-Security-Policy frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:20 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
last-modified
Thu, 18 Jan 2024 11:47:07 GMT
server
cloudflare
cf-cache-status
DYNAMIC
content-encoding
br
etag
W/"65a90fbb-ccde"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=utf-8
cf-ray
84d5449b6e9ca959-SYD
alt-svc
h3=":443"; ma=86400
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ 		157 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://crowdstrike.savings.workingadvantage.com/
Origin
https://crowdstrike.savings.workingadvantage.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 29 Jan 2024 23:31:18 GMT
x-content-type-options
nosniff
content-encoding
br
age
26884789
x-jsd-version
4.5.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26099
x-served-by
cache-fra-eddf8230071-FRA, cache-bne12520-BNE
x-jsd-version-type
version
etag
W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
js
maps.googleapis.com/maps/api/ 		192 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?client=gme-entertainmentbenefits&libraries=places
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
e9abbbe4ec51b8c87498f8848bab87a7f6ce0de68b8baf84efe7f5a45f14a3ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65947
x-xss-protection
0
web-animations.min.js
cdnjs.cloudflare.com/ajax/libs/web-animations/2.3.1/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/web-animations/2.3.1/web-animations.min.js
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbb3c795fd44c83a1200149b18e0df050fe228df4b5b03891373029117d8bd6b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5198992
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13763
last-modified
Mon, 04 May 2020 16:17:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0402f-bad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsgu%2FzcRlb8Dep6Uq9FB7AEPpANeD5RezFD%2Bf6Bb4eO2bNSB5PGjwGQlnqHza4bZq4KdRiq%2FumemnJ2XR%2Fn%2BGDolXkoihRFroDNKKyhg3aUcD1t%2BvdDZ4uuOabOdDEImUM3Ldori"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84d5449b693c79cf-SYD
expires
Sat, 18 Jan 2025 23:31:18 GMT
runtime.7a44192ec7795934.js
crowdstrike.savings.workingadvantage.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.workingadvantage.com/runtime.7a44192ec7795934.js
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92598de2d31f86547a73877fbbe8a510a42895e1f0ba3a6ab14a83d5df07a0c8
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://crowdstrike.savings.workingadvantage.com/
Origin
https://crowdstrike.savings.workingadvantage.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:19 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Thu, 18 Jan 2024 11:46:58 GMT
server
cloudflare
content-encoding
br
etag
W/"65a90fb2-cc9"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://crowdstrike.savings.workingadvantage.com, https://crowdstrike.savings.workingadvantage.com
access-control-allow-credentials
true, true
cf-ray
84d5449b6e9da959-SYD
alt-svc
h3=":443"; ma=86400
polyfills.0f88da5fdbf95761.js
crowdstrike.savings.workingadvantage.com/ 		141 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.workingadvantage.com/polyfills.0f88da5fdbf95761.js
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46f16c323557a318dd6604bab3ebe8dbd9d23bc318b55eec33b0b0a4502c0bd1
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://crowdstrike.savings.workingadvantage.com/
Origin
https://crowdstrike.savings.workingadvantage.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:19 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Thu, 18 Jan 2024 11:46:58 GMT
server
cloudflare
content-encoding
br
etag
W/"65a90fb2-234ab"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://crowdstrike.savings.workingadvantage.com, https://crowdstrike.savings.workingadvantage.com
access-control-allow-credentials
true, true
cf-ray
84d5449b6e9fa959-SYD
alt-svc
h3=":443"; ma=86400
scripts.b785e07ef29de485.js
crowdstrike.savings.workingadvantage.com/ 		166 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.workingadvantage.com/scripts.b785e07ef29de485.js
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.39.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac3e5cf9dbf7e7d8afbde8193602e353a531e05ea3ed89990432248a8c73ee18
Security Headers
Name Value
Content-Security-Policy frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:21 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
last-modified
Thu, 18 Jan 2024 11:46:58 GMT
server
cloudflare
cf-cache-status
DYNAMIC
content-encoding
br
etag
W/"65a90fb2-29710"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=utf-8
cf-ray
84d544a25a3fa80d-SYD
alt-svc
h3=":443"; ma=86400
main.21d8066a1ba27670.js
crowdstrike.savings.workingadvantage.com/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.workingadvantage.com/main.21d8066a1ba27670.js
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d159e233af5ec9cd87085dcb05d4212e0d28c5def84fb236bafb38a6c005518
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://crowdstrike.savings.workingadvantage.com/
Origin
https://crowdstrike.savings.workingadvantage.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:20 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Thu, 18 Jan 2024 11:46:58 GMT
server
cloudflare
content-encoding
br
etag
W/"65a90fb2-512710"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://crowdstrike.savings.workingadvantage.com, https://crowdstrike.savings.workingadvantage.com
access-control-allow-credentials
true, true
cf-ray
84d5449b6ea0a959-SYD
alt-svc
h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		237 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5QN8HWM
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
a456bad5f1a8c6a94f441be5f0820eb5d6d393ccfc0e841df5096dc2241651b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80421
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 22:18:43 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 29 Jan 2024 23:31:20 GMT
id
dpm.demdex.net/ 		185 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&d_nsid=0&d_coppa=true&ts=1706571079297
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/launch-a0e5cece2585.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.67.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-67-179.compute-1.amazonaws.com
Software
/
Resource Hash
abc3fc6553c6064c8aca78b2bb4a41b52fff089d624352d6deb7da083b2de43e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://crowdstrike.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-va6-1-v053-06604e8c4.edge-va6.demdex.com 8 ms
pragma
no-cache
date
Mon, 29 Jan 2024 23:31:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
9ftLsBN7Sfw=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://crowdstrike.savings.workingadvantage.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
186
expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/launch-a0e5cece2585.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-63-128.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:20 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 16:35:31 GMT
server
AkamaiNetStorage
etag
"d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://crowdstrike.savings.workingadvantage.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12163
expires
Tue, 30 Jan 2024 00:31:20 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/launch-a0e5cece2585.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-63-128.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:20 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 16:35:31 GMT
server
AkamaiNetStorage
etag
"2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://crowdstrike.savings.workingadvantage.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1597
expires
Tue, 30 Jan 2024 00:31:20 GMT
id
smetrics.workingadvantage.com/ 		48 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.workingadvantage.com/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&mid=76184695164029330974126073447393978728&cl=157680000&d_coppa=true&ts=1706571079968
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/launch-a0e5cece2585.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.56.177 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-56-177.data.adobedc.net
Software
jag /
Resource Hash
0f753e5149f3ba265fb7aa3fca98fe2aec96558244945c19398bef94ed750570
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://crowdstrike.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 29 Jan 2024 23:31:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://crowdstrike.savings.workingadvantage.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
styles.470895e6035d0005.css
crowdstrike.savings.workingadvantage.com/ 		98 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.workingadvantage.com/styles.470895e6035d0005.css
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.39.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7678fff11f92c598d89035e7f1e5ae839902925df05059daa23901b914765975
Security Headers
Name Value
Content-Security-Policy frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:20 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
last-modified
Thu, 18 Jan 2024 11:46:58 GMT
server
cloudflare
cf-cache-status
DYNAMIC
content-encoding
br
etag
W/"65a90fb2-187ec"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
cf-ray
84d544a25a40a80d-SYD
alt-svc
h3=":443"; ma=86400
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v24/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f3.1e100.net
Software
sffe /
Resource Hash
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crowdstrike.savings.workingadvantage.com/
Origin
https://crowdstrike.savings.workingadvantage.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 03:27:37 GMT
x-content-type-options
nosniff
age
331423
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13980
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 03:27:37 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://crowdstrike.savings.workingadvantage.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		277 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FD2X5ZMELR&l=dataLayer&cx=c
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1a568372258312f561f44652104c9d6728bcf8e537c66a2ebb449fcf6917f98d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93740
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 29 Jan 2024 23:31:20 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 Jan 2024 23:16:39 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
882
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 30 Jan 2024 01:16:39 GMT
collect
www.google-analytics.com/g/ 		0
189 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FD2X5ZMELR&gtm=45je41o0v9112553684z878847533&_p=1706571078953&gcd=11l1l1l1l1&dma=0&cid=1947758468.1706571081&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706571081&sct=1&seg=0&dl=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F&dt=Beneplace%20Team%20Discounts&en=page_view&_fv=1&_nsi=1&_ss=1&ep.userId=&up.data_stream_name=G-FD2X5ZMELR&up.site_name=Non%20Cruises&up.url_name=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F&up.pb_site_name=crowdstrike&up.page_path=%2F&up.user_id_value=&up.zip_code=NaN&tfd=3116
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FD2X5ZMELR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 23:31:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://crowdstrike.savings.workingadvantage.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		16 B
107 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=888629802&t=pageview&_s=1&dl=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F&ul=en-us&de=UTF-8&dt=Beneplace%20Team%20Discounts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=200868566&gjid=1896170651&cid=1947758468.1706571081&tid=UA-2876877-9&_gid=1521305536.1706571081&_r=1&_slc=1&gtm=45He41o0n815QN8HWMv78847533&gcd=11l1l1l1l1&dma=0&z=1519796425
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1da6ad9dfce9466037ec92e1f7699158c9a9347c669333c724f5cf6f3a7c0634
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://crowdstrike.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 23:31:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://crowdstrike.savings.workingadvantage.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2876877-9&cid=1947758468.1706571081&jid=200868566&gjid=1896170651&_gid=1521305536.1706571081&_u=YADAAEAAAAAAACAAI~&z=572974257
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://crowdstrike.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 29 Jan 2024 23:31:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://crowdstrike.savings.workingadvantage.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		257 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2K753Z6D0L&cx=c&_slc=1
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
35e31a2cd7fbbafdbf76a463161dba6191e30669194f2dccc17027629bde1dff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88053
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 29 Jan 2024 23:31:21 GMT
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/webp
info
crowdstrike.savings.workingadvantage.com/api/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.workingadvantage.com/api/info
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.39.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5ef31b4cb23119d8bb2c42c879de067b04fccc5b8cd21b21f3b83962dfea111
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://crowdstrike.savings.workingadvantage.com/
tracestate
88831@nr=0-1-2647367-1120218725-d84aab28e96a7b57----1706571081542
traceparent
00-c747d3d22b02b34c0b09d9b3587ac900-d84aab28e96a7b57-01
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI2NDczNjciLCJhcCI6IjExMjAyMTg3MjUiLCJpZCI6ImQ4NGFhYjI4ZTk2YTdiNTciLCJ0ciI6ImM3NDdkM2QyMmIwMmIzNGMwYjA5ZDliMzU4N2FjOTAwIiwidGkiOjE3MDY1NzEwODE1NDIsInRrIjoiODg4MzEifX0=

Response headers

date
Mon, 29 Jan 2024 23:31:21 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-powered-by
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
http://crowdstrike.savings.workingadvantage.com
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray
84d544ababdea80d-SYD
access-control-allow-headers
Origin, Referer, X-Requested-With, Content-Type, Authorization
expires
Mon, 29 Jan 2024 23:31:20 GMT
marketplace-styles.css
crowdstrike.savings.workingadvantage.com/api/crowdstrike/ 		32 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.workingadvantage.com/api/crowdstrike/marketplace-styles.css
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.39.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e21dd0740a65950d73d1106d973989a6f925ce86332545bfa41c088b8fb01365
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://crowdstrike.savings.workingadvantage.com/
tracestate
88831@nr=0-1-2647367-1120218725-a8e212424ef4c6ef----1706571081543
traceparent
00-bb0c899cfabb45f0c84d16e4d17abd00-a8e212424ef4c6ef-01
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI2NDczNjciLCJhcCI6IjExMjAyMTg3MjUiLCJpZCI6ImE4ZTIxMjQyNGVmNGM2ZWYiLCJ0ciI6ImJiMGM4OTljZmFiYjQ1ZjBjODRkMTZlNGQxN2FiZDAwIiwidGkiOjE3MDY1NzEwODE1NDMsInRrIjoiODg4MzEifX0=

Response headers

date
Mon, 29 Jan 2024 23:31:22 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-powered-by
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"8083-HrfH2eh6wU6Kae6Oz8yYACp1RKM"
vary
Origin
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
http://crowdstrike.savings.workingadvantage.com
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray
84d544ababe2a80d-SYD
access-control-allow-headers
Origin, Referer, X-Requested-With, Content-Type, Authorization
expires
Mon, 29 Jan 2024 23:31:21 GMT
colors.css
crowdstrike.savings.workingadvantage.com/api/crowdstrike/ 		3 KB
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.workingadvantage.com/api/crowdstrike/colors.css?scope=:root,app-logged-in,ngb-modal-window
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.39.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ade8daaa7f25612d141c67b731c21865009ba6899b692b70843ec8b18d1a464f
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://crowdstrike.savings.workingadvantage.com/
tracestate
88831@nr=0-1-2647367-1120218725-9a711fbd13b2bde8----1706571081544
traceparent
00-9c82d94ea392ba8baa9b59a967760900-9a711fbd13b2bde8-01
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI2NDczNjciLCJhcCI6IjExMjAyMTg3MjUiLCJpZCI6IjlhNzExZmJkMTNiMmJkZTgiLCJ0ciI6IjljODJkOTRlYTM5MmJhOGJhYTliNTlhOTY3NzYwOTAwIiwidGkiOjE3MDY1NzEwODE1NDQsInRrIjoiODg4MzEifX0=

Response headers

date
Mon, 29 Jan 2024 23:31:22 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-powered-by
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"a61-kqcvvuM2nyOIk5CR0XozTBZ4pgs"
vary
Origin
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
http://crowdstrike.savings.workingadvantage.com
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray
84d544ababe3a80d-SYD
access-control-allow-headers
Origin, Referer, X-Requested-With, Content-Type, Authorization
expires
Mon, 29 Jan 2024 23:31:21 GMT
RCea9d317d3a374e44b3f0f8711e38765e-source.min.js
assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/99b0d340b49c/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/99b0d340b49c/RCea9d317d3a374e44b3f0f8711e38765e-source.min.js
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-63-128.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8b78f6c2694ded95d29e65bb8299cd7817d76feaf57363c4eee7fc27faea9624

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:21 GMT
content-encoding
gzip
last-modified
Mon, 29 Jan 2024 22:13:13 GMT
server
AkamaiNetStorage
etag
"90173797179737fc4da75b6ef78d798b:1706566393.859241"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://crowdstrike.savings.workingadvantage.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
751
expires
Tue, 30 Jan 2024 00:31:21 GMT
main.js
crowdstrike.savings.workingadvantage.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/ Frame 9667
Redirect Chain
  • https://crowdstrike.savings.workingadvantage.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://crowdstrike.savings.workingadvantage.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.workingadvantage.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/
Protocol
H3
Server
104.18.39.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0deba937d5b12867312311162621afc77c25339ee06c07a80beafb541dea784d
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:21 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
84d544abdc07a80d-SYD
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 29 Jan 2024 23:31:21 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
cache-control
max-age=300, public
cf-ray
84d544abcbf7a80d-SYD
alt-svc
h3=":443"; ma=86400
sync
live.rezync.com/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=5ef4f9c1e806678f2ab0275df01d5ff4&zmpID=ebg-wag3&cache_buster=1706571081566&k=ebg-wag3-pixel-0988
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.192.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-192-40.sfo53.r.cloudfront.net
Software
lighttpd/1.4.69 /
Resource Hash
cebb9ab9910fe6cfcabcea49ed7307ea92ef70dfdd37c99c6d039548d648c800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:21 GMT
via
1.1 8cd8685b0adba2bf9ff8d080d6463d56.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
SFO53-P5
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
5464
x-amz-cf-id
fYniW7bsyidrFJGkCC5G5-Hl8pjzzsr3CWvIDlNTzyqQCFnT7zWwcw==
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2K753Z6D0L&gtm=45je41o0v9126564266&_p=1706571078953&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=1947758468.1706571081&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F&dt=Beneplace%20Team%20Discounts&sid=1706571081&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3699
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2K753Z6D0L&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 23:31:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://crowdstrike.savings.workingadvantage.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
84d54495b8f8a959
crowdstrike.savings.workingadvantage.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 9667 		0
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.workingadvantage.com/cdn-cgi/challenge-platform/h/g/jsd/r/84d54495b8f8a959
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.39.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 29 Jan 2024 23:31:21 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
84d544acacd5a80d-SYD
alt-svc
h3=":443"; ma=86400
crowdstrike
crowdstrike.savings.workingadvantage.com/api/controls/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.workingadvantage.com/api/controls/crowdstrike
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.39.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
341083bce636014fe77945e54a94e8cce5c1a34cfe400bffe146af1e78e73cae
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://crowdstrike.savings.workingadvantage.com/
tracestate
88831@nr=0-1-2647367-1120218725-e417363bf6241ee7----1706571081828
traceparent
00-32236075aa77e09fbd85fbb98f13a800-e417363bf6241ee7-01
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI2NDczNjciLCJhcCI6IjExMjAyMTg3MjUiLCJpZCI6ImU0MTczNjNiZjYyNDFlZTciLCJ0ciI6IjMyMjM2MDc1YWE3N2UwOWZiZDg1ZmJiOThmMTNhODAwIiwidGkiOjE3MDY1NzEwODE4MjgsInRrIjoiODg4MzEifX0=

Response headers

date
Mon, 29 Jan 2024 23:31:22 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-powered-by
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"802-l2JAubNJ9M1/PrRHP+sqZphELc4"
vary
Origin
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
http://crowdstrike.savings.workingadvantage.com
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray
84d544ad7d5fa80d-SYD
access-control-allow-headers
Origin, Referer, X-Requested-With, Content-Type, Authorization
expires
Mon, 29 Jan 2024 23:31:21 GMT
p13n.min.js
cdn.boomtrain.com/p13n/ebg-wag3/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.boomtrain.com/p13n/ebg-wag3/p13n.min.js
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-71.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd6c50080cda668d0e858886b870ff15124d16be997d5b0d43e97d4788a20879

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
MoP_VascEW3gFlsLB8BcaQwZyTTX2BCI
Content-Encoding
gzip
Via
1.1 e91a1a5479163989c489fc34ab5e2c78.cloudfront.net (CloudFront)
Date
Mon, 29 Jan 2024 22:42:19 GMT
X-Amz-Cf-Pop
SYD1-C2
Age
2944
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Sun, 28 Jan 2024 04:33:41 GMT
Server
AmazonS3
ETag
W/"7e025917ec081cb179b24e9b42269588"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=3600
X-Amz-Cf-Id
Ggq3gufyCe95WLyPYomTo2MfgeZzQnFnrbUxDEO2SjQOqj04E0F78g==
/
com-wag3.netmng.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://com-wag3.netmng.com/?aid=6366&siclientid=105368&url=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F&p5=&p6=&p7=&p8=&p9=&p10=&p11=&p12=&p13=&p14=&p15=&p16=&p17=&p18=&p19=&p20=&p26=&p27=&p28=
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.38.167.54 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 23:31:23 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Jan 2024 23:31:23 GMT
Server
openresty
Transfer-Encoding
chunked
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Content-Type
text/javascript; charset=UTF-8
X-Cnection
close
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires
Sat, 27 Jan 2024 23:31:23 GMT
/
adservice.google.com.au/ddm/fls/p/src=12084042;dc_pre=CKXPkdngg4QDFQJtDwIdLgULdA;type=unive0;cat=unive0;u1=;u2=;u3=;u4=;u5=;u6=;u7=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u18=;u19=;u20=;u22=;u23=;u28=;u2...
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=12084042;type=unive0;cat=unive0;u1=;u2=;u3=;u4=;u5=;u6=;u7=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u18=;u19=;u20=;u22=;u23=;u28=;u29=https://crowdstrike.saving...
  • https://ad.doubleclick.net/ddm/activity/src=12084042;dc_pre=CKXPkdngg4QDFQJtDwIdLgULdA;type=unive0;cat=unive0;u1=;u2=;u3=;u4=;u5=;u6=;u7=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u18=;u19=;u20=;u22=;u23=;u...
  • https://adservice.google.com/ddm/fls/p/src=12084042;dc_pre=CKXPkdngg4QDFQJtDwIdLgULdA;type=unive0;cat=unive0;u1=;u2=;u3=;u4=;u5=;u6=;u7=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u18=;u19=;u20=;u22=;u23=;u2...
  • https://adservice.google.com.au/ddm/fls/p/src=12084042;dc_pre=CKXPkdngg4QDFQJtDwIdLgULdA;type=unive0;cat=unive0;u1=;u2=;u3=;u4=;u5=;u6=;u7=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u18=;u19=;u20=;u22=;u23=...
42 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com.au/ddm/fls/p/src=12084042;dc_pre=CKXPkdngg4QDFQJtDwIdLgULdA;type=unive0;cat=unive0;u1=;u2=;u3=;u4=;u5=;u6=;u7=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u18=;u19=;u20=;u22=;u23=;u28=;u29=https://crowdstrike.savings.workingadvantage.com/;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1706571081.9960885;~oref=https://crowdstrike.savings.workingadvantage.com/
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/
Protocol
H2
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 23:31:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 23:31:22 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://adservice.google.com.au/ddm/fls/p/src=12084042;dc_pre=CKXPkdngg4QDFQJtDwIdLgULdA;type=unive0;cat=unive0;u1=;u2=;u3=;u4=;u5=;u6=;u7=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u18=;u19=;u20=;u22=;u23=;u28=;u29=https://crowdstrike.savings.workingadvantage.com/;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1706571081.9960885;~oref=https://crowdstrike.savings.workingadvantage.com/
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=32509374&t=2
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D32509374%26t%3D2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D32509374%26t%3D2
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/
Protocol
H2
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 23:31:22 GMT
an-x-request-uuid
70d54196-61fe-4f9b-ad0d-1dc5fdc24b74
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
66.203.112.167; 66.203.112.167; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jan 2024 23:31:22 GMT
an-x-request-uuid
548d4f94-8c9c-4d05-bb83-d7e01d6a86ca
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D32509374%26t%3D2
x-proxy-origin
66.203.112.167; 66.203.112.167; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
resolve
people.api.boomtrain.com/identify/ 		142 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiMzc5OWM5Y2YtNzRlMi00YjhkLTg1MWItZTI0MTcxYmI1MmU5OjE3MDY1NzEwODEuOTkzMzYxNSJ9fQ%3D%3D&site_id=ebg-wag3
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.70.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-70-255.compute-1.amazonaws.com
Software
nginx /
Resource Hash
aaf3ed5ac90cd541613365216f047f0376505c9abb98ccf61134e595b6dde23a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 23:31:22 GMT
Server
nginx
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length
142
RC6b40217ba8b34b5c95f7ac097beadf09-source.min.js
assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/99b0d340b49c/ 		451 B
560 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/99b0d340b49c/RC6b40217ba8b34b5c95f7ac097beadf09-source.min.js
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-63-128.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0f8ebc30899eb40dc08bb4de7e68953c83206792c3ec200f60464bed04966c52

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:22 GMT
content-encoding
gzip
last-modified
Mon, 29 Jan 2024 22:13:13 GMT
server
AkamaiNetStorage
etag
"90173797179737fc4da75b6ef78d798b:1706566393.859241"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://crowdstrike.savings.workingadvantage.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
285
expires
Tue, 30 Jan 2024 00:31:22 GMT
RC668a267ca36c45b5acca38f3e4360a76-source.min.js
assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/99b0d340b49c/ 		340 B
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/99b0d340b49c/RC668a267ca36c45b5acca38f3e4360a76-source.min.js
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-63-128.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85e38bc08194b20e1a64cf3e9f1266dbb8498f72312bb2543b3314f05ad415dd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:22 GMT
content-encoding
gzip
last-modified
Mon, 29 Jan 2024 22:13:13 GMT
server
AkamaiNetStorage
etag
"90173797179737fc4da75b6ef78d798b:1706566393.859241"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://crowdstrike.savings.workingadvantage.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
215
expires
Tue, 30 Jan 2024 00:31:22 GMT
onetrust
crowdstrike.savings.workingadvantage.com/api/platform/options/ 		501 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.workingadvantage.com/api/platform/options/onetrust
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.39.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05f687735d78286be14d4e10a1fb29138cddcf927835e5441b61406512db7c8e
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://crowdstrike.savings.workingadvantage.com/
tracestate
88831@nr=0-1-2647367-1120218725-e35252f90be28ccb----1706571082813
traceparent
00-810bb7c298e47a4c027d5df53e9d8f00-e35252f90be28ccb-01
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI2NDczNjciLCJhcCI6IjExMjAyMTg3MjUiLCJpZCI6ImUzNTI1MmY5MGJlMjhjY2IiLCJ0ciI6IjgxMGJiN2MyOThlNDdhNGMwMjdkNWRmNTNlOWQ4ZjAwIiwidGkiOjE3MDY1NzEwODI4MTMsInRrIjoiODg4MzEifX0=

Response headers

date
Mon, 29 Jan 2024 23:31:23 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-powered-by
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"1f5-7p9slVTH/yNu6/xY0Gl0Ekd5Wds"
vary
Origin
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
http://crowdstrike.savings.workingadvantage.com
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray
84d544b39b04a80d-SYD
access-control-allow-headers
Origin, Referer, X-Requested-With, Content-Type, Authorization
expires
Mon, 29 Jan 2024 23:31:21 GMT
info
crowdstrike.savings.workingadvantage.com/api/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.workingadvantage.com/api/info?authInfo=true
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.39.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://crowdstrike.savings.workingadvantage.com/
tracestate
88831@nr=0-1-2647367-1120218725-ab41d502d5d58c1f----1706571082816
traceparent
00-2cac68d29adfeefcfcdd8eb9c7f3ee00-ab41d502d5d58c1f-01
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI2NDczNjciLCJhcCI6IjExMjAyMTg3MjUiLCJpZCI6ImFiNDFkNTAyZDVkNThjMWYiLCJ0ciI6IjJjYWM2OGQyOWFkZmVlZmNmY2RkOGViOWM3ZjNlZTAwIiwidGkiOjE3MDY1NzEwODI4MTYsInRrIjoiODg4MzEifX0=

Response headers

date
Mon, 29 Jan 2024 23:31:23 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-powered-by
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
http://crowdstrike.savings.workingadvantage.com
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray
84d544b39b0ba80d-SYD
access-control-allow-headers
Origin, Referer, X-Requested-With, Content-Type, Authorization
expires
Mon, 29 Jan 2024 23:31:21 GMT
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=888629802&t=pageview&_s=1&dl=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F&ul=en-us&de=UTF-8&dt=Crowdstrike%20Savings%20Marketplace&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=1947758468.1706571081&tid=UA-2876877-9&_gid=1521305536.1706571081&gtm=45He41o0n815QN8HWMv78847533&gcd=11l1l1l1l1&dma=0&z=2121599436
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 16:09:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
26494
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
track
events.api.boomtrain.com/event/ 		2 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.api.boomtrain.com/event/track
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.104.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-104-27.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://crowdstrike.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 23:31:23 GMT
server
nginx
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, x-app-id
content-length
2
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
text/plain
js
www.googletagmanager.com/gtag/ 		189 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-2876877-9
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69623
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 22:53:10 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 29 Jan 2024 23:31:23 GMT
mouseflow
crowdstrike.savings.workingadvantage.com/api/platform/options/ 		94 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.workingadvantage.com/api/platform/options/mouseflow?name=workingadvantage_mouseflow_script_id
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.39.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://crowdstrike.savings.workingadvantage.com/
tracestate
88831@nr=0-1-2647367-1120218725-536714aec2e6c8d6----1706571083061
traceparent
00-5270c5d734425f4216384d639e523a00-536714aec2e6c8d6-01
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI2NDczNjciLCJhcCI6IjExMjAyMTg3MjUiLCJpZCI6IjUzNjcxNGFlYzJlNmM4ZDYiLCJ0ciI6IjUyNzBjNWQ3MzQ0MjVmNDIxNjM4NGQ2MzllNTIzYTAwIiwidGkiOjE3MDY1NzEwODMwNjEsInRrIjoiODg4MzEifX0=

Response headers

date
Mon, 29 Jan 2024 23:31:23 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-powered-by
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"5e-xWERRy+8FVp8nFwecehLclRX7Go"
vary
Origin
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
http://crowdstrike.savings.workingadvantage.com
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray
84d544b52c68a80d-SYD
access-control-allow-headers
Origin, Referer, X-Requested-With, Content-Type, Authorization
expires
Mon, 29 Jan 2024 23:31:22 GMT
Primary Request sign-in
auth.savings.workingadvantage.com/crowdstrike/
Redirect Chain
  • https://auth.savings.workingadvantage.com/auth/authorize?subdomain=crowdstrike&response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.co...
  • https://auth.savings.workingadvantage.com/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.savings.workingadvantage.com/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/main.21d8066a1ba27670.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.39.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
344b9da468a57699647926d59aabffb3abc9f3ef7d26c50fe10f2aeb97a56a76
Security Headers
Name Value
Content-Security-Policy frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com 'unsafe-inline' 'unsafe-eval' frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://crowdstrike.savings.workingadvantage.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84d544bb59a0a80d-SYD
content-encoding
br
content-security-policy
frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com 'unsafe-inline' 'unsafe-eval' frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 23:31:24 GMT
last-modified
Thu, 18 Jan 2024 11:53:07 GMT
server
cloudflare
strict-transport-security
max-age=5184000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

access-control-allow-headers
Origin, Referer, X-Requested-With, Content-Type, Authorization
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
http://auth.savings.workingadvantage.com
alt-svc
h3=":443"; ma=86400
cache-control
no-cache no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
84d544b59a50a959-SYD
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 23:31:24 GMT
expires
Mon, 29 Jan 2024 23:31:22 GMT
location
/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F
server
cloudflare
strict-transport-security
max-age=5184000; includeSubDomains
vary
Origin, Accept
x-content-type-options
nosniff
x-powered-by
RC0c16579d5c704bd0a214633d669d35f2-source.min.js
assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/99b0d340b49c/ 		1018 B
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/99b0d340b49c/RC0c16579d5c704bd0a214633d669d35f2-source.min.js
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-63-128.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:23 GMT
content-encoding
gzip
last-modified
Mon, 29 Jan 2024 22:13:13 GMT
server
AkamaiNetStorage
etag
"90173797179737fc4da75b6ef78d798b:1706566393.859241"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://crowdstrike.savings.workingadvantage.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
547
expires
Tue, 30 Jan 2024 00:31:23 GMT
07e508d2-aee2-481f-ac8e-6e200d46af80.js
cdn.mouseflow.com/projects/ 		196 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mouseflow.com/projects/07e508d2-aee2-481f-ac8e-6e200d46af80.js
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
9172
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400
x-mf-script-region
US
last-modified
Tue, 23 Jan 2024 09:20:24 GMT
server
cloudflare
etag
W/"33bd3765dd4dda1:0"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
84d544b928a1aadd-SYD
expires
Tue, 30 Jan 2024 23:31:23 GMT
/
com-wag3.netmng.com/WAG3/com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://com-wag3.netmng.com/WAG3/com/?vid=rlnbpdftygoem&referer=&browserPixelRatio=1&browserWidth=1600&browserHeight=1200&aid=6366&siclientid=105368&url=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F&p5=&p6=&p7=&p8=&p9=&p10=&p11=&p12=&p13=&p14=&p15=&p16=&p17=&p18=&p19=&p20=&p26=&p27=&p28=&function=browser_check&r=41b6a7
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.38.167.54 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://crowdstrike.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 23:31:23 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Jan 2024 23:31:23 GMT
Server
openresty
Transfer-Encoding
chunked
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Content-Type
text/javascript; charset=UTF-8
X-Cnection
close
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache, private
Expires
Sat, 27 Jan 2024 23:31:23 GMT
init
n2.mouseflow.com/ 		0
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n2.mouseflow.com/init?v=17.98&p=07e508d2-aee2-481f-ac8e-6e200d46af80&s=cef24ad8222c6939623ff52156889ded&page=013023315e1e1b27dc2c63893c1fc49c53750e65&ret=0&u=f209f6be37fc516f6badebae586f3819&href=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F&url=%2F&ref=&title=Crowdstrike%20Savings%20Marketplace&res=1600x1200&tz=-480&to=0&dnt=0&ori=&dw=1600&dh=1200&time=4796&pxr=1&gdpr=0
Requested by
Host: crowdstrike.savings.workingadvantage.com
URL: https://crowdstrike.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.96.202.199 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
Mouseflow /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://crowdstrike.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 29 Jan 2024 23:31:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
Mouseflow
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://crowdstrike.savings.workingadvantage.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/g/ 		0
0
collect
www.google-analytics.com/g/ 		0
0
collect
www.google-analytics.com/g/ 		0
0
launch-a0e5cece2585.min.js
assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/ 		652 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/launch-a0e5cece2585.min.js
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-63-128.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bc83c7ec22a67fb4f4f9da76257b42c5329c0367f497ae5ffd532f4d065d3df2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:24 GMT
content-encoding
gzip
last-modified
Mon, 29 Jan 2024 22:13:11 GMT
server
AkamaiNetStorage
etag
"e37f005cad3c18d25ff3743eeea3b5f2:1706566391.826699"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://auth.savings.workingadvantage.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
158908
expires
Tue, 30 Jan 2024 00:31:24 GMT
new-relic-integration.js
auth.savings.workingadvantage.com/assets/new-relic/ 		51 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.39.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc49c009b33e66a59f057cf4ada682b80d4401d919ddf0f8d3ef2bb0415f0b23
Security Headers
Name Value
Content-Security-Policy frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:25 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
last-modified
Thu, 18 Jan 2024 11:53:06 GMT
server
cloudflare
cf-cache-status
DYNAMIC
content-encoding
br
etag
W/"65a91122-ccde"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=utf-8
cf-ray
84d544c0ce74a80d-SYD
alt-svc
h3=":443"; ma=86400
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ 		157 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://auth.savings.workingadvantage.com/
Origin
https://auth.savings.workingadvantage.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 29 Jan 2024 23:31:24 GMT
x-content-type-options
nosniff
content-encoding
br
age
26884795
x-jsd-version
4.5.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26099
x-served-by
cache-fra-eddf8230071-FRA, cache-bne12520-BNE
x-jsd-version-type
version
etag
W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
js
maps.googleapis.com/maps/api/ 		192 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?client=gme-entertainmentbenefits&libraries=places
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
e9abbbe4ec51b8c87498f8848bab87a7f6ce0de68b8baf84efe7f5a45f14a3ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65947
x-xss-protection
0
web-animations.min.js
cdnjs.cloudflare.com/ajax/libs/web-animations/2.3.1/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/web-animations/2.3.1/web-animations.min.js
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbb3c795fd44c83a1200149b18e0df050fe228df4b5b03891373029117d8bd6b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5198998
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13763
last-modified
Mon, 04 May 2020 16:17:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0402f-bad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4vIpXiItz3tAMvudN%2Bu3o0%2FrmmiIkaYD0nMbwttNv5aLQT4Syc6FdnT0%2BFpChOz1a8Dw61bNPPkZmCK0M%2FMrq3pGVLAUYQGadsZlLmcrhKJ%2F6nCzQQd1JDcUz7RaC3b1mXQC8ye"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84d544c0cdcc79cf-SYD
expires
Sat, 18 Jan 2025 23:31:24 GMT
runtime.13338c5d9c83d0b6.js
auth.savings.workingadvantage.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.savings.workingadvantage.com/runtime.13338c5d9c83d0b6.js
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.39.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
779700103eaa215226d17491070dd24cc4e6ae6533a0f3a4071140805119b45f
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://auth.savings.workingadvantage.com/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F
Origin
https://auth.savings.workingadvantage.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:25 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Thu, 18 Jan 2024 11:53:01 GMT
server
cloudflare
content-encoding
br
etag
W/"65a9111d-488"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://auth.savings.workingadvantage.com, https://auth.savings.workingadvantage.com
access-control-allow-credentials
true, true
cf-ray
84d544c0ce75a80d-SYD
alt-svc
h3=":443"; ma=86400
polyfills.9bd4a18a68d081a1.js
auth.savings.workingadvantage.com/ 		122 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.savings.workingadvantage.com/polyfills.9bd4a18a68d081a1.js
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.39.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
040e0f83384cfe2b858b56ce6e588c85aa1f9840901d5edcb8266f65b00a68a5
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://auth.savings.workingadvantage.com/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F
Origin
https://auth.savings.workingadvantage.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:25 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Thu, 18 Jan 2024 11:53:01 GMT
server
cloudflare
content-encoding
br
etag
W/"65a9111d-1e657"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://auth.savings.workingadvantage.com, https://auth.savings.workingadvantage.com
access-control-allow-credentials
true, true
cf-ray
84d544c0ce77a80d-SYD
alt-svc
h3=":443"; ma=86400
scripts.b785e07ef29de485.js
auth.savings.workingadvantage.com/ 		166 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.savings.workingadvantage.com/scripts.b785e07ef29de485.js
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.39.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac3e5cf9dbf7e7d8afbde8193602e353a531e05ea3ed89990432248a8c73ee18
Security Headers
Name Value
Content-Security-Policy frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:25 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
last-modified
Thu, 18 Jan 2024 11:53:01 GMT
server
cloudflare
cf-cache-status
DYNAMIC
content-encoding
br
etag
W/"65a9111d-29710"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=utf-8
cf-ray
84d544c39896a80d-SYD
alt-svc
h3=":443"; ma=86400
main.6403be563902a0a4.js
auth.savings.workingadvantage.com/ 		2 MB
408 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.savings.workingadvantage.com/main.6403be563902a0a4.js
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.39.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
522de4ec41ba77fa2f57441f5bb7eb3ac276ac777d1494c65a7ca8d106cbe44e
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://auth.savings.workingadvantage.com/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F
Origin
https://auth.savings.workingadvantage.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:26 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Thu, 18 Jan 2024 11:53:01 GMT
server
cloudflare
content-encoding
br
etag
W/"65a9111d-19d346"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://auth.savings.workingadvantage.com, https://auth.savings.workingadvantage.com
access-control-allow-credentials
true, true
cf-ray
84d544c0ce78a80d-SYD
alt-svc
h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		237 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5QN8HWM
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
03d6295bc7901dc5dd01e7595256323e2e9185ac97b4cff16ed48a1cdaed73e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80455
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 22:53:10 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 29 Jan 2024 23:31:25 GMT
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/launch-a0e5cece2585.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-63-128.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:25 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 16:35:31 GMT
server
AkamaiNetStorage
etag
"d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://auth.savings.workingadvantage.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12163
expires
Tue, 30 Jan 2024 00:31:25 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/launch-a0e5cece2585.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-63-128.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:25 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 16:35:31 GMT
server
AkamaiNetStorage
etag
"2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://auth.savings.workingadvantage.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1597
expires
Tue, 30 Jan 2024 00:31:25 GMT
styles.55427553bed43367.css
auth.savings.workingadvantage.com/ 		39 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.savings.workingadvantage.com/styles.55427553bed43367.css
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.39.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d090bed5512aa42771132ca52b0a7820daafbb07375d85a19efad37508f4471
Security Headers
Name Value
Content-Security-Policy frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:26 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
last-modified
Thu, 18 Jan 2024 11:53:01 GMT
server
cloudflare
cf-cache-status
DYNAMIC
content-encoding
br
etag
W/"65a9111d-9b4b"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
cf-ray
84d544c39897a80d-SYD
alt-svc
h3=":443"; ma=86400
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v24/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f3.1e100.net
Software
sffe /
Resource Hash
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auth.savings.workingadvantage.com/
Origin
https://auth.savings.workingadvantage.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 03:27:37 GMT
x-content-type-options
nosniff
age
331428
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13980
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 03:27:37 GMT
js
www.googletagmanager.com/gtag/ 		277 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FD2X5ZMELR&l=dataLayer&cx=c
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1a568372258312f561f44652104c9d6728bcf8e537c66a2ebb449fcf6917f98d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93740
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 29 Jan 2024 23:31:25 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 Jan 2024 23:16:39 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
886
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 30 Jan 2024 01:16:39 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://auth.savings.workingadvantage.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
collect
www.google-analytics.com/j/ 		15 B
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1996589798&t=pageview&_s=1&dl=https%3A%2F%2Fauth.savings.workingadvantage.com%2Fcrowdstrike%2Fsign-in%3Fresponse_type%3Dcode%26client_id%3D9ezalirn45mF43imJTdf53%26redirect_uri%3Dhttps%253A%252F%252Fcrowdstrike.savings.workingadvantage.com%252F&dr=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F&ul=en-us&de=UTF-8&dt=Beneplace%20Team%20Discounts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEABAAAAACAAI~&jid=&gjid=&cid=1947758468.1706571081&tid=UA-2876877-9&_gid=1521305536.1706571081&_slc=1&gtm=45He41o0n815QN8HWMv78847533&gcd=11l1l1l1l1&dma=0&z=1448323748
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
b017bfb984b00d66e38ede36599b6c5650d3bed3011fc37a6ff5f041b1aa1a8b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://auth.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 23:31:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://auth.savings.workingadvantage.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		257 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2K753Z6D0L&cx=c&_slc=1
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f0f1bf9fc33d7c37e09ca764e780df84f93a34884a51cda631c3877a6bdfd999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88118
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 29 Jan 2024 23:31:25 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FD2X5ZMELR&gtm=45je41o0v9112553684z878847533&_p=1706571084931&gcd=11l1l1l1l1&dma=0&cid=1947758468.1706571081&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706571081&sct=1&seg=1&dl=https%3A%2F%2Fauth.savings.workingadvantage.com%2Fcrowdstrike%2Fsign-in%3Fresponse_type%3Dcode%26client_id%3D9ezalirn45mF43imJTdf53%26redirect_uri%3Dhttps%253A%252F%252Fcrowdstrike.savings.workingadvantage.com%252F&dr=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F&dt=Beneplace%20Team%20Discounts&en=page_view&ep.userId=&up.data_stream_name=G-FD2X5ZMELR&up.site_name=Non%20Cruises&up.url_name=https%3A%2F%2Fauth.savings.workingadvantage.com%2Fcrowdstrike%2Fsign-in%3Fresponse_type%3Dcode%26client_id%3D9ezalirn45mF43imJTdf53%26redirect_uri%3Dhttps%253A%252F%252Fcrowdstrike.savings.workingadvantage.com%252F&up.pb_site_name=auth&up.page_path=%2Fcrowdstrike%2Fsign-in&up.user_id_value=&up.zip_code=NaN&tfd=2835
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FD2X5ZMELR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 23:31:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://auth.savings.workingadvantage.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
system-wide
crowdstrike.savings.beneplace.com/api/notifications/ 		2 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.beneplace.com/api/notifications/system-wide
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://auth.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-powered-by
alt-svc
h3=":443"; ma=86400
content-length
2
server
cloudflare
etag
W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
vary
Origin
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://auth.savings.workingadvantage.com
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray
84d544ccfe3a5c0f-SYD
access-control-allow-headers
Origin, Referer, X-Requested-With, Content-Type, Authorization
expires
Mon, 29 Jan 2024 23:31:26 GMT
info
crowdstrike.savings.beneplace.com/api/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.beneplace.com/api/info?authInfo=true
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7b20f5dccee37f36c5e0ea54c725949293d72208053790209f0e16424e00ed2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://auth.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:27 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-powered-by
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"207e-Wc3JxmfDmqq+cuQ0MaL+4P4rTZ0"
vary
Origin
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://auth.savings.workingadvantage.com
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray
84d544ccfe385c0f-SYD
access-control-allow-headers
Origin, Referer, X-Requested-With, Content-Type, Authorization
expires
Mon, 29 Jan 2024 23:31:26 GMT
info
crowdstrike.savings.beneplace.com/api/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.beneplace.com/api/info?authInfo=true
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7b20f5dccee37f36c5e0ea54c725949293d72208053790209f0e16424e00ed2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://auth.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:27 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-powered-by
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://auth.savings.workingadvantage.com
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray
84d544ccfe405c0f-SYD
access-control-allow-headers
Origin, Referer, X-Requested-With, Content-Type, Authorization
expires
Mon, 29 Jan 2024 23:31:26 GMT
crowdstrike
crowdstrike.savings.beneplace.com/api/controls/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.beneplace.com/api/controls/crowdstrike
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
341083bce636014fe77945e54a94e8cce5c1a34cfe400bffe146af1e78e73cae
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://auth.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-powered-by
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"802-l2JAubNJ9M1/PrRHP+sqZphELc4"
vary
Origin
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://auth.savings.workingadvantage.com
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray
84d544ccfe365c0f-SYD
access-control-allow-headers
Origin, Referer, X-Requested-With, Content-Type, Authorization
expires
Mon, 29 Jan 2024 23:31:27 GMT
marketplace-styles.css
crowdstrike.savings.beneplace.com/api/crowdstrike/ 		32 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.beneplace.com/api/crowdstrike/marketplace-styles.css
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e21dd0740a65950d73d1106d973989a6f925ce86332545bfa41c088b8fb01365
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://auth.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-powered-by
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"8083-HrfH2eh6wU6Kae6Oz8yYACp1RKM"
vary
Origin
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
https://auth.savings.workingadvantage.com
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray
84d544ccfe375c0f-SYD
access-control-allow-headers
Origin, Referer, X-Requested-With, Content-Type, Authorization
expires
Mon, 29 Jan 2024 23:31:27 GMT
auth-v2
crowdstrike.savings.beneplace.com/api/google-experiments/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.beneplace.com/api/google-experiments/auth-v2
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83eaf590f2c078872c01c0f332037dc8fef2a3a2f925d9d8ea5425d0172cf99
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://auth.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:27 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-powered-by
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"fd8-xTrkXE581f1SQMoUGwMfCAmZvJg"
vary
Origin
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://auth.savings.workingadvantage.com
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray
84d544ccfe3e5c0f-SYD
access-control-allow-headers
Origin, Referer, X-Requested-With, Content-Type, Authorization
expires
Mon, 29 Jan 2024 23:31:26 GMT
nr-spa.142f942f-1.239.1.min.js
js-agent.newrelic.com/ 		75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa.142f942f-1.239.1.min.js
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cdaf31a1071286676944848c1e53c284a611e39473e322a75caf358b1b24e19d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
sn0IxCI.MkvNIiRAoqe.awP2R5evqDa4
content-encoding
br
via
1.1 varnish
date
Mon, 29 Jan 2024 23:31:27 GMT
strict-transport-security
max-age=300
x-amz-request-id
XH6PG2EME66SXTNH
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
25649
x-amz-id-2
OSX6s0OBFgyHI4FD97MNT5fJoRWS8r7MUJ8v6T47rl7zr89VScnthGbLEuDWOZoFzl2m8QBuFzM=
x-served-by
cache-bfi-kbfi7400083-BFI
last-modified
Wed, 18 Oct 2023 21:33:59 GMT
server
AmazonS3
x-timer
S1706571087.160623,VS0,VE0
etag
"929044c7a94ad93d4583f5b62538f46a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
4905
NRJS-2ebdf5b38afbaafd48e
bam.nr-data.net/1/ 		40 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-2ebdf5b38afbaafd48e?a=1120218725&sa=1&v=1.239.1&t=Unnamed%20Transaction&rst=4207&ck=0&s=3ac2723314157a13&ref=https://auth.savings.workingadvantage.com/crowdstrike/sign-in&af=err,xhr,stn,ins,spa&be=1839&fe=1896&dc=1893&perf=%7B%22timing%22:%7B%22of%22:1706571083073,%22n%22:0,%22r%22:0,%22re%22:980,%22f%22:980,%22dn%22:980,%22dne%22:980,%22c%22:980,%22s%22:980,%22ce%22:980,%22rq%22:981,%22rp%22:1839,%22rpe%22:1841,%22di%22:2302,%22ds%22:3731,%22de%22:3732,%22dc%22:3733,%22l%22:3733,%22le%22:3735%7D,%22navigation%22:%7B%22rc%22:1%7D%7D
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer
https://auth.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 29 Jan 2024 23:31:27 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://auth.savings.workingadvantage.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
close
Content-Length
40
x-served-by
cache-bfi-krnt7300088-BFI
auth
crowdstrike.savings.beneplace.com/api/navigation/crowdstrike/auth_footer/US/ 		959 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.beneplace.com/api/navigation/crowdstrike/auth_footer/US/auth
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f63e31ebf9b37ea9651067359238bfd61f6cd7dc7c6c0ea864e6f8c345f8f8b9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://auth.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-powered-by
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"3bf-GIZgHybzmfj3d8rGD0L3UFFjORw"
vary
Origin
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://auth.savings.workingadvantage.com
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray
84d544d28b7e5c0f-SYD
access-control-allow-headers
Origin, Referer, X-Requested-With, Content-Type, Authorization
expires
Mon, 29 Jan 2024 23:31:26 GMT
NRJS-2ebdf5b38afbaafd48e
bam.nr-data.net/events/1/ 		24 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/NRJS-2ebdf5b38afbaafd48e?a=1120218725&sa=1&v=1.239.1&t=Unnamed%20Transaction&rst=4771&ck=0&s=3ac2723314157a13&ref=https://auth.savings.workingadvantage.com/crowdstrike/sign-in
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://auth.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 29 Jan 2024 23:31:28 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
https://auth.savings.workingadvantage.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
24
x-served-by
cache-bfi-kbfi7400027-BFI
crowdstrike
crowdstrike.savings.beneplace.com/api/controls/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.beneplace.com/api/controls/crowdstrike
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.150.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
341083bce636014fe77945e54a94e8cce5c1a34cfe400bffe146af1e78e73cae
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://auth.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-powered-by
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"802-l2JAubNJ9M1/PrRHP+sqZphELc4"
vary
Origin
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://auth.savings.workingadvantage.com
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray
84d544d3da1c557b-SYD
access-control-allow-headers
Origin, Referer, X-Requested-With, Content-Type, Authorization
expires
Mon, 29 Jan 2024 23:31:27 GMT
onetrust
crowdstrike.savings.beneplace.com/api/platform/options/ 		501 B
928 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.beneplace.com/api/platform/options/onetrust
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.150.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05f687735d78286be14d4e10a1fb29138cddcf927835e5441b61406512db7c8e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://auth.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-powered-by
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"1f5-7p9slVTH/yNu6/xY0Gl0Ekd5Wds"
vary
Origin
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://auth.savings.workingadvantage.com
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray
84d544dbeee0557b-SYD
access-control-allow-headers
Origin, Referer, X-Requested-With, Content-Type, Authorization
expires
Mon, 29 Jan 2024 23:31:28 GMT
info
crowdstrike.savings.beneplace.com/api/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.beneplace.com/api/info?authInfo=true
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.150.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7b20f5dccee37f36c5e0ea54c725949293d72208053790209f0e16424e00ed2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://auth.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-powered-by
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://auth.savings.workingadvantage.com
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray
84d544dc1ef3557b-SYD
access-control-allow-headers
Origin, Referer, X-Requested-With, Content-Type, Authorization
expires
Mon, 29 Jan 2024 23:31:28 GMT
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1996589798&t=pageview&_s=1&dl=https%3A%2F%2Fauth.savings.workingadvantage.com%2Fcrowdstrike%2Fsign-in%3Fresponse_type%3Dcode%26client_id%3D9ezalirn45mF43imJTdf53%26redirect_uri%3Dhttps%3A%252F%252Fcrowdstrike.savings.workingadvantage.com%252F&dr=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F&ul=en-us&de=UTF-8&dt=Crowdstrike%20Savings%20Marketplace&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SACAAEABAAAAACAAI~&jid=&gjid=&cid=1947758468.1706571081&tid=UA-2876877-9&_gid=1521305536.1706571081&gtm=45He41o0n815QN8HWMv78847533&gcd=11l1l1l1l1&dma=0&z=1766251145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 16:09:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
26501
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
id
dpm.demdex.net/ 		185 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&d_nsid=0&d_mid=76184695164029330974126073447393978728&d_coppa=true&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=adobe_ecid%0176184695164029330974126073447393978728&d_cid_ic=ecid%0176184695164029330974126073447393978728&d_cid_ic=mcid%0176184695164029330974126073447393978728&ts=1706571089326
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.67.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-67-179.compute-1.amazonaws.com
Software
/
Resource Hash
22ebc2bc519a5c23fc5a82d8e440becf5156bc591d064b6a813e7ac166e48244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://auth.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-va6-2-v053-03564d7a1.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Mon, 29 Jan 2024 23:31:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
pf8NJsl6TB4=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://auth.savings.workingadvantage.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
x-error
300,300
content-length
186
expires
Thu, 01 Jan 1970 00:00:00 UTC
RCfc27f81c245c44b78fbb03ff4af1a6be-source.min.js
assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/99b0d340b49c/ 		343 B
483 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/99b0d340b49c/RCfc27f81c245c44b78fbb03ff4af1a6be-source.min.js
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-63-128.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
acbbd7bd1152c0cec59ee2250937f98acb59f8b58fd6238d747e10f7c8bcda2a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:29 GMT
content-encoding
gzip
last-modified
Mon, 29 Jan 2024 22:13:13 GMT
server
AkamaiNetStorage
etag
"90173797179737fc4da75b6ef78d798b:1706566393.859241"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://auth.savings.workingadvantage.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
214
expires
Tue, 30 Jan 2024 00:31:29 GMT
RC986b4d5825364bd4887033e40e20c549-source.min.js
assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/99b0d340b49c/ 		757 B
699 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/99b0d340b49c/RC986b4d5825364bd4887033e40e20c549-source.min.js
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-63-128.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6109a446b814e265e2dae4ce9aefc0da606ba6cc42e6a60bd1284be862b40092

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:29 GMT
content-encoding
gzip
last-modified
Mon, 29 Jan 2024 22:13:13 GMT
server
AkamaiNetStorage
etag
"90173797179737fc4da75b6ef78d798b:1706566393.859241"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://auth.savings.workingadvantage.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
429
expires
Tue, 30 Jan 2024 00:31:29 GMT
delivery
entertainmentbenefit.tt.omtrdc.net/rest/v1/ 		781 B
949 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://entertainmentbenefit.tt.omtrdc.net/rest/v1/delivery?client=entertainmentbenefit&sessionId=46975c38a291472a904f647e0c404f89&version=2.8.2
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.112 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-112.data.adobedc.net
Software
jag /
Resource Hash
fab538100dca9c9334041bc26fd618145d59b6b332f9be3c5ab4eb00b882065e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Jan 2024 23:31:29 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server
jag
x-content-type-options
nosniff
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://auth.savings.workingadvantage.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
x-request-id
73b36c17-a107-4e1c-af92-ccba4cc94ee8
s55573169981127
smetrics.workingadvantage.com/b/ss/entbenwag3/1/JS-2.22.4-LDQM/ 		43 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.workingadvantage.com/b/ss/entbenwag3/1/JS-2.22.4-LDQM/s55573169981127
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.56.177 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-56-177.data.adobedc.net
Software
jag /
Resource Hash
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 29 Jan 2024 23:31:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 30 Jan 2024 23:31:29 GMT
server
jag
etag
3664833509609209856-4617920971678673666
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
https://auth.savings.workingadvantage.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
expires
Sun, 28 Jan 2024 23:31:29 GMT
gtm.js
www.googletagmanager.com/ 		237 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5QN8HWM
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
03d6295bc7901dc5dd01e7595256323e2e9185ac97b4cff16ed48a1cdaed73e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80455
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 22:53:10 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 29 Jan 2024 23:31:29 GMT
js
www.googletagmanager.com/gtag/ 		189 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-2876877-9
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c58897017dc276010f66d04342aeeec77f62d5b5c98f57489a859c990c12572a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69624
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 22:53:10 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 29 Jan 2024 23:31:30 GMT
mouseflow
crowdstrike.savings.beneplace.com/api/platform/options/ 		94 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://crowdstrike.savings.beneplace.com/api/platform/options/mouseflow?name=workingadvantage_mouseflow_script_id
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.150.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61b4579ddd9500f72669998271f04641a6f956554326995c3000531a9a57e4d4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://auth.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:30 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-powered-by
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"5e-xWERRy+8FVp8nFwecehLclRX7Go"
vary
Origin
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://auth.savings.workingadvantage.com
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray
84d544dff920557b-SYD
access-control-allow-headers
Origin, Referer, X-Requested-With, Content-Type, Authorization
expires
Mon, 29 Jan 2024 23:31:29 GMT
auth-bg-1.jpg
g3i.imgix.net/assets/ 		341 KB
342 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3i.imgix.net/assets/auth-bg-1.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.30.208 Sydney, Australia, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
9f0ac86eea70048edfa94223fce7b806e1bd0b0f894441a81119cdc9f02564e5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:30 GMT
x-content-type-options
nosniff
age
10226293
x-cache
HIT, HIT
x-imgix-id
92a2a906e64f58beaf07fabd7cafa24c15d0c04b
cross-origin-resource-policy
cross-origin
content-length
349370
x-served-by
cache-sjc10053-SJC, cache-syd10168-SYD
x-imgix-render-farm
01.140360
last-modified
Tue, 03 Oct 2023 14:53:16 GMT
server
imgix
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
crowdstrike_logo_wide_01.png
g3i.imgix.net/uploads/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3i.imgix.net/uploads/crowdstrike_logo_wide_01.png?w=280&h=24&crop=entropy&fit=clip&trim=color&trim-color=FFFFFF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.30.208 Sydney, Australia, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
a5e3e5d7360cc8cbd3ae31b4c77a1670e561a7640b31e613f6b38e775a94d34b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:30 GMT
x-content-type-options
nosniff
age
258959
x-cache
HIT, MISS
x-imgix-id
3800770159a06df493a926cb7037d72ebbbdfb5f
cross-origin-resource-policy
cross-origin
content-length
1789
x-served-by
cache-sjc10037-SJC, cache-syd10168-SYD
x-imgix-render-farm
01.132136
last-modified
Fri, 26 Jan 2024 23:35:31 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
crowdstrike_logo_wide_01.png
g3i.imgix.net/uploads/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g3i.imgix.net/uploads/crowdstrike_logo_wide_01.png?w=250&h=32&crop=entropy&fit=clip&trim=color&trim-color=FFFFFF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.30.208 Sydney, Australia, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
ceb35a72459f84f9a7c03e84bba38c8efc8e2decba385d2c10e73ca389377b28
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:30 GMT
x-content-type-options
nosniff
age
378979
x-cache
HIT, MISS
x-imgix-id
a30e38cf5bbaea38d8db8d7e3c5d108cf273f924
cross-origin-resource-policy
cross-origin
content-length
2403
x-served-by
cache-sjc10044-SJC, cache-syd10168-SYD
x-imgix-render-farm
02.131624
last-modified
Thu, 25 Jan 2024 14:15:11 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
wa-logo-wide.png
auth.savings.workingadvantage.com/assets/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.savings.workingadvantage.com/assets/wa-logo-wide.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.39.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99e2d1102c644111abed2ee312d1e57ed5418135c0c9905f3f2a1cd44312d3d4
Security Headers
Name Value
Content-Security-Policy frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https:%2F%2Fcrowdstrike.savings.workingadvantage.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:30 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
last-modified
Thu, 18 Jan 2024 11:53:06 GMT
server
cloudflare
cf-cache-status
DYNAMIC
etag
"65a91122-724c"
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
cf-ray
84d544e26ce7a80d-SYD
alt-svc
h3=":443"; ma=86400
content-length
29260
workingadvantage_logo_wide_inverse_01.png
auth.savings.workingadvantage.com/assets/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.savings.workingadvantage.com/assets/workingadvantage_logo_wide_inverse_01.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.39.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22de6cb47cb99a22c97982e083731cbbd79340c75261c8e68f9ddb350a11d264
Security Headers
Name Value
Content-Security-Policy frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/crowdstrike/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https:%2F%2Fcrowdstrike.savings.workingadvantage.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:30 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
last-modified
Thu, 18 Jan 2024 11:53:06 GMT
server
cloudflare
cf-cache-status
DYNAMIC
etag
"65a91122-4924"
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
cf-ray
84d544e26ce9a80d-SYD
alt-svc
h3=":443"; ma=86400
content-length
18724
07e508d2-aee2-481f-ac8e-6e200d46af80.js
cdn.mouseflow.com/projects/ 		196 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mouseflow.com/projects/07e508d2-aee2-481f-ac8e-6e200d46af80.js
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7626eba52923c65e6f7cd507d34921dd35663f9637fcd2d0b719a580569b03f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:31:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
9179
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400
x-mf-script-region
US
last-modified
Tue, 23 Jan 2024 09:20:24 GMT
server
cloudflare
etag
W/"33bd3765dd4dda1:0"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
84d544e3db62aadd-SYD
expires
Tue, 30 Jan 2024 23:31:30 GMT
init
n2.mouseflow.com/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n2.mouseflow.com/init?v=17.98&p=07e508d2-aee2-481f-ac8e-6e200d46af80&s=cef24ad8222c6939623ff52156889ded&page=013030648c6195e03ffb6d89290b9eb1beccdd60&ret=0&u=f209f6be37fc516f6badebae586f3819&href=https%3A%2F%2Fauth.savings.workingadvantage.com%2Fcrowdstrike%2Fsign-in%3Fresponse_type%3Dcode%26client_id%3D9ezalirn45mF43imJTdf53%26redirect_uri%3Dhttps%3A%252F%252Fcrowdstrike.savings.workingadvantage.com%252F&url=%2Fcrowdstrike%2Fsign-in&ref=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F&title=Crowdstrike%20Savings%20Marketplace&res=1600x1200&tz=-480&to=0&dnt=0&ori=&dw=1600&dh=1200&time=5641&pxr=1&gdpr=0
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.96.202.199 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
Mouseflow /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://auth.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 29 Jan 2024 23:31:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
Mouseflow
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://auth.savings.workingadvantage.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
content-length
0
common.js
maps.googleapis.com/maps-api-v3/api/js/54/12a/intl/en_au/ 		254 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/54/12a/intl/en_au/common.js
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f10.1e100.net
Software
sffe /
Resource Hash
7a26a8b35bfeb8822b763b677bcc4bb212915f1c23a734b33cf16bc6dd6b24f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 18:45:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
17189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57369
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 21:27:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Jan 2025 18:45:01 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/54/12a/intl/en_au/ 		155 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/54/12a/intl/en_au/util.js
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f10.1e100.net
Software
sffe /
Resource Hash
7a9676d3511f0bebf7606a7affe5a9f7c24fb4622bcad69d9b1fae46efe54b5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.savings.workingadvantage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 18:56:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
16520
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50320
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 21:27:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Jan 2025 18:56:10 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FD2X5ZMELR&gtm=45je41o0v9112553684&_p=1706571084931&gcd=11l1l1l1l1&dma=0&cid=1947758468.1706571081&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&sid=1706571081&sct=1&seg=1&dl=https%3A%2F%2Fauth.savings.workingadvantage.com%2Fcrowdstrike%2Fsign-in%3Fresponse_type%3Dcode%26client_id%3D9ezalirn45mF43imJTdf53%26redirect_uri%3Dhttps%253A%252F%252Fcrowdstrike.savings.workingadvantage.com%252F&dr=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F&dt=Beneplace%20Team%20Discounts&_s=2&tfd=7836
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FD2X5ZMELR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://auth.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 23:31:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://auth.savings.workingadvantage.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2K753Z6D0L&gtm=45je41o0v9126564266&_p=1706571084931&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=1947758468.1706571081&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&dl=https%3A%2F%2Fauth.savings.workingadvantage.com%2Fcrowdstrike%2Fsign-in%3Fresponse_type%3Dcode%26client_id%3D9ezalirn45mF43imJTdf53%26redirect_uri%3Dhttps%253A%252F%252Fcrowdstrike.savings.workingadvantage.com%252F&dr=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F&dt=Beneplace%20Team%20Discounts&sid=1706571081&sct=1&seg=1&_s=1&tfd=7971
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2K753Z6D0L&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://auth.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 23:31:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://auth.savings.workingadvantage.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v24/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f3.1e100.net
Software
sffe /
Resource Hash
7a7ce1a34f3e9944fe88fc61abbc93b6db383afa2b90815fd7ccea456fbce4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auth.savings.workingadvantage.com/
Origin
https://auth.savings.workingadvantage.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 22:03:19 GMT
x-content-type-options
nosniff
age
5292
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14168
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:29:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 22:03:19 GMT
S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v24/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f3.1e100.net
Software
sffe /
Resource Hash
bd9a6192274f8f2f3ce31cd3d2cae5ebe32e2fa86fc7c4f60a3c28556e496d56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auth.savings.workingadvantage.com/
Origin
https://auth.savings.workingadvantage.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 18:39:34 GMT
x-content-type-options
nosniff
age
17517
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13724
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:20:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 18:39:34 GMT
html
n2.mouseflow.com/ 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n2.mouseflow.com/html?website=07e508d2-aee2-481f-ac8e-6e200d46af80&session=cef24ad8222c6939623ff52156889ded&page=013030648c6195e03ffb6d89290b9eb1beccdd60&gz=1
Requested by
Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.96.202.199 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
Mouseflow /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://auth.savings.workingadvantage.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 29 Jan 2024 23:31:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
Mouseflow
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://auth.savings.workingadvantage.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FD2X5ZMELR&gtm=45je41o0v9112553684&_p=1706571078953&gcd=11l1l1l1l1&dma=0&cid=1947758468.1706571081&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1706571081&sct=1&seg=0&dl=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F&dt=Beneplace%20Team%20Discounts&en=scroll&ep.userId=&epn.percent_scrolled=90&_et=8&tfd=7007
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FD2X5ZMELR&gtm=45je41o0v9112553684&_p=1706571078953&gcd=11l1l1l1l1&dma=0&cid=1947758468.1706571081&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=3&sid=1706571081&sct=1&seg=0&dl=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F&dt=Crowdstrike%20Savings%20Marketplace&en=user_engagement&ep.userId=&_et=3878&tfd=7007
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2K753Z6D0L&gtm=45je41o0v9126564266&_p=1706571078953&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=1947758468.1706571081&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=ABAI&_s=2&dl=https%3A%2F%2Fcrowdstrike.savings.workingadvantage.com%2F&dt=Crowdstrike%20Savings%20Marketplace&sid=1706571081&sct=1&seg=1&en=page_view&_ee=1&_et=1212&tfd=7008

Verdicts & Comments Add Verdict or Comment

220 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| ebg object| _satellite boolean| __satelliteLoaded function| AdobePrivacy object| adobe function| Visitor object| s_c_il number| s_c_in object| _sdiToolkit number| adobe_request_count object| NREUM object| webpackChunk:NRBA-1.239.1.PROD object| newrelic boolean| skipEdgeRedirect boolean| isWindows7 boolean| isIE object| true function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google object| module$exports$mapsapi$geometry$spherical object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| gaplugins object| gaGlobal object| gaData object| webpackChunkauth_ui object| onYouTubeIframeAPIReady function| $localize object| __core-js_shared__ object| core function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__legacyPatch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononbeforetogglepatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched boolean| __zone_symbol__ononscrollendpatched boolean| __zone_symbol__ononYouTubeIframeAPIReadypatched object| global function| $ function| jQuery object| bootstrap object| __zone_symbol__loadfalse object| __zone_symbol__pagehidefalse function| Hammer object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__visibilitychangetrue object| __zone_symbol__prerenderingchangetrue object| __zone_symbol__pageshowtrue object| __zone_symbol__pagehidetrue object| __zone_symbol__keydowntrue object| __zone_symbol__clicktrue object| __zone_symbol__pageshowfalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers function| __zone_symbol__ON_PROPERTYerror object| __zone_symbol__errorfalse object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| __target_telemetry object| targetGlobalSettings object| s_i_entbenwag3 boolean| adobepageviewfired object| __zone_symbol__resizefalse object| _mfq object| mouseflowHeatmap object| __zone_symbol__beforeunloadfalse object| mouseflow function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

29 Cookies

Domain/Path Name / Value
.workingadvantage.com/ Name: __cf_bm
Value: 8a14gMIEWEAdo58ht4YQOKXTh1eAerJb8kchSOw1EXk-1706571078-1-ATsuvoJdswZ2p9ESq0VsEaIEjwn/OWwI5pj6MqzWbLtJ+hn3fqnMURYEDpKF6efGShGy0orOhUcTBtRo1+frowM=
.workingadvantage.com/ Name: AMCVS_B5F9FF2554F608410A4C98C6%40AdobeOrg
Value: 1
.workingadvantage.com/ Name: s_ecid
Value: MCMID%7C76184695164029330974126073447393978728
.workingadvantage.com/ Name: _gid
Value: GA1.2.1521305536.1706571081
.workingadvantage.com/ Name: _gat_UA-2876877-9
Value: 1
.workingadvantage.com/ Name: cf_clearance
Value: 4koNtZ5mP1RFClFtH46KnROXmRaK9om96DNgZ.Z9q2M-1706571081-1-Ab7fTXPQSNWk4NapNAEUzsnalBCjhe235FOUt2vnPW/Z2FxRspoW65FZlwB3v9etAshDCubw3R2OF6lKkGhqwe4=
.rezync.com/ Name: zync-uuid
Value: 3799c9cf-74e2-4b8d-851b-e24171bb52e9:1706571081.9933615
live.rezync.com/ Name: sd-session-id
Value: eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjoiMzc5OWM5Y2YtNzRlMi00YjhkLTg1MWItZTI0MTcxYmI1MmU5OjE3MDY1NzEwODEuOTkzMzYxNSJ9.Zbg1SQ.w52_EImQfc1Ilm6uiiAbL05BxS0
.workingadvantage.com/ Name: btIdentify
Value: c1339ac1-042b-47cc-d85b-9ccd9b99b456
.workingadvantage.com/ Name: _bts
Value: bcd1c6f1-3ba3-47f8-9214-4e624fb8e129
.adnxs.com/ Name: XANDR_PANID
Value: hQc6EtFUNmBvKDTMqBhoJShpxQRyXSKnW2zFg2mUwwefO5qQ9jsw_7ECmzHrumrqMvucv3w_Sx5X2fvdUcuTNXxYIbvT6tsQ1WDpMcAZNhw.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 4915701339693900664
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2C%wqK?7?!]tbP6j2F-XstGt!@D`3$lwaU
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.workingadvantage.com/ Name: _bti
Value: %7B%22app_id%22%3A%22ebg-wag3%22%2C%22bsin%22%3A%22es5psI22%2B6OVIKB7%2FBMlcqsct8Z4bUANjmM3AZS4%2FRq3Gjg0fHY0a4ehLVRzqP712ndEdU8riRdpS5x%2B3RNKqQ%3D%3D%22%2C%22is_identified%22%3Afalse%7D
com-wag3.netmng.com/ Name: evo5_WAG3
Value: rlnbpdftygoem%7CO%7CUXpFME9VdDZPRGt2YmxWSWNXVXJaVnBUWTIxVFQwcFZOMGhVU1U4NVJuaEZTMjFxVlZWbVZ6ZzNZMjFpVm14aE9FTkhiV2x0SzNCdGRHZDRNV2x5WVhwMlVIZExRbVppWkdZdlZ5dE1WRUp4VjAxemVtVk9hVGRNYWxFeU5Xb3lUUzh3UTIxNU4yc3pPVTVwWTNWek4wZGhRV1prUzJWT2MyNDFZek5oV25Sb1NrZHdXVTEwYVV4eU0yZFdZbWRsVTNCNlZsSjRLelZUYUM5alFUSnRhblkzZFVOSk1tbzJOVWxLYzI1RlNFVmxXRkV4WTNoamRrWXljeTluZEN0eDo1dnRKeHlJSVBmZTlpU1FVak9NRUxnPT0%3D
.workingadvantage.com/ Name: mf_user
Value: f209f6be37fc516f6badebae586f3819|
.savings.workingadvantage.com/ Name: split_test_groups
Value: {}
.workingadvantage.com/ Name: _ga
Value: GA1.2.1947758468.1706571081
.workingadvantage.com/ Name: _ga_2K753Z6D0L
Value: GS1.2.1706571081.1.1.1706571089.0.0.0
.workingadvantage.com/ Name: at_check
Value: true
.workingadvantage.com/ Name: g3refurl
Value: https%253A%252F%252Fauth.savings.workingadvantage.com%252Fcrowdstrike%252Fsign-in%253Fresponse_type%253Dcode%2526client_id%253D9ezalirn45mf43imjtdf53%2526redirect_uri%253Dhttps%253A%25252f%25252fcrowdstrike.savings.workingadvantage.com%25252f
.workingadvantage.com/ Name: prev_url_v2
Value: https%253A%252F%252Fauth.savings.workingadvantage.com%252Fcrowdstrike%252Fsign-in%253Fresponse_type%253Dcode%2526client_id%253D9ezalirn45mf43imjtdf53%2526redirect_uri%253Dhttps%253A%25252f%25252fcrowdstrike.savings.workingadvantage.com%25252f
.workingadvantage.com/ Name: s_cc
Value: true
.workingadvantage.com/ Name: AMCV_B5F9FF2554F608410A4C98C6%40AdobeOrg
Value: 1176715910%7CMCIDTS%7C19752%7CMCMID%7C76184695164029330974126073447393978728%7CMCAAMLH-1707175889%7C7%7CMCAAMB-1707175889%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1706578289s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.4.0%7CMCCIDH%7C1967249167
.workingadvantage.com/ Name: mbox
Value: session#46975c38a291472a904f647e0c404f89#1706572951|PC#46975c38a291472a904f647e0c404f89.34_0#1769815890
.workingadvantage.com/ Name: _ga_FD2X5ZMELR
Value: GS1.1.1706571081.1.1.1706571090.0.0.0
.workingadvantage.com/ Name: mf_07e508d2-aee2-481f-ac8e-6e200d46af80
Value: cef24ad8222c6939623ff52156889ded|013023315e1e1b27dc2c63893c1fc49c53750e65.47.1706571083734$013030648c6195e03ffb6d89290b9eb1beccdd60.-1205457098.1706571090566|1706571083731||0||||0|17.98|27.34609

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com 'unsafe-inline' 'unsafe-eval' frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.com.au
assets.adobedtm.com
auth.savings.workingadvantage.com
bam.nr-data.net
cdn.boomtrain.com
cdn.jsdelivr.net
cdn.mouseflow.com
cdnjs.cloudflare.com
com-wag3.netmng.com
crowdstrike.savings.beneplace.com
crowdstrike.savings.workingadvantage.com
dpm.demdex.net
entertainmentbenefit.tt.omtrdc.net
events.api.boomtrain.com
fonts.gstatic.com
g3i.imgix.net
js-agent.newrelic.com
live.rezync.com
maps.googleapis.com
n2.mouseflow.com
people.api.boomtrain.com
secure.adnxs.com
smetrics.workingadvantage.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
www.google-analytics.com
103.43.90.179
104.17.24.14
104.18.27.50
104.18.39.111
13.224.181.71
142.250.204.2
142.250.204.8
142.250.66.206
142.250.71.67
142.250.71.74
151.101.129.229
151.101.2.137
151.101.30.208
162.247.243.29
172.217.167.102
172.64.148.145
172.64.150.236
18.238.192.40
192.96.202.199
199.38.167.54
23.198.63.128
34.193.104.27
35.173.67.179
52.45.70.255
63.140.38.112
63.140.56.177
64.233.170.156
03d6295bc7901dc5dd01e7595256323e2e9185ac97b4cff16ed48a1cdaed73e6
040e0f83384cfe2b858b56ce6e588c85aa1f9840901d5edcb8266f65b00a68a5
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
05f687735d78286be14d4e10a1fb29138cddcf927835e5441b61406512db7c8e
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d090bed5512aa42771132ca52b0a7820daafbb07375d85a19efad37508f4471
0deba937d5b12867312311162621afc77c25339ee06c07a80beafb541dea784d
0f753e5149f3ba265fb7aa3fca98fe2aec96558244945c19398bef94ed750570
0f8ebc30899eb40dc08bb4de7e68953c83206792c3ec200f60464bed04966c52
1a568372258312f561f44652104c9d6728bcf8e537c66a2ebb449fcf6917f98d
1da6ad9dfce9466037ec92e1f7699158c9a9347c669333c724f5cf6f3a7c0634
22de6cb47cb99a22c97982e083731cbbd79340c75261c8e68f9ddb350a11d264
22ebc2bc519a5c23fc5a82d8e440becf5156bc591d064b6a813e7ac166e48244
341083bce636014fe77945e54a94e8cce5c1a34cfe400bffe146af1e78e73cae
344b9da468a57699647926d59aabffb3abc9f3ef7d26c50fe10f2aeb97a56a76
35e31a2cd7fbbafdbf76a463161dba6191e30669194f2dccc17027629bde1dff
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
46f16c323557a318dd6604bab3ebe8dbd9d23bc318b55eec33b0b0a4502c0bd1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
522de4ec41ba77fa2f57441f5bb7eb3ac276ac777d1494c65a7ca8d106cbe44e
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
5d159e233af5ec9cd87085dcb05d4212e0d28c5def84fb236bafb38a6c005518
6109a446b814e265e2dae4ce9aefc0da606ba6cc42e6a60bd1284be862b40092
61b4579ddd9500f72669998271f04641a6f956554326995c3000531a9a57e4d4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7678fff11f92c598d89035e7f1e5ae839902925df05059daa23901b914765975
779700103eaa215226d17491070dd24cc4e6ae6533a0f3a4071140805119b45f
7a26a8b35bfeb8822b763b677bcc4bb212915f1c23a734b33cf16bc6dd6b24f9
7a7ce1a34f3e9944fe88fc61abbc93b6db383afa2b90815fd7ccea456fbce4e5
7a9676d3511f0bebf7606a7affe5a9f7c24fb4622bcad69d9b1fae46efe54b5e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85e38bc08194b20e1a64cf3e9f1266dbb8498f72312bb2543b3314f05ad415dd
8b78f6c2694ded95d29e65bb8299cd7817d76feaf57363c4eee7fc27faea9624
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
92598de2d31f86547a73877fbbe8a510a42895e1f0ba3a6ab14a83d5df07a0c8
99e2d1102c644111abed2ee312d1e57ed5418135c0c9905f3f2a1cd44312d3d4
9f0ac86eea70048edfa94223fce7b806e1bd0b0f894441a81119cdc9f02564e5
a456bad5f1a8c6a94f441be5f0820eb5d6d393ccfc0e841df5096dc2241651b8
a5e3e5d7360cc8cbd3ae31b4c77a1670e561a7640b31e613f6b38e775a94d34b
a83eaf590f2c078872c01c0f332037dc8fef2a3a2f925d9d8ea5425d0172cf99
aaf3ed5ac90cd541613365216f047f0376505c9abb98ccf61134e595b6dde23a
abc3fc6553c6064c8aca78b2bb4a41b52fff089d624352d6deb7da083b2de43e
ac3e5cf9dbf7e7d8afbde8193602e353a531e05ea3ed89990432248a8c73ee18
acbbd7bd1152c0cec59ee2250937f98acb59f8b58fd6238d747e10f7c8bcda2a
ade8daaa7f25612d141c67b731c21865009ba6899b692b70843ec8b18d1a464f
b017bfb984b00d66e38ede36599b6c5650d3bed3011fc37a6ff5f041b1aa1a8b
b7626eba52923c65e6f7cd507d34921dd35663f9637fcd2d0b719a580569b03f
bc49c009b33e66a59f057cf4ada682b80d4401d919ddf0f8d3ef2bb0415f0b23
bc83c7ec22a67fb4f4f9da76257b42c5329c0367f497ae5ffd532f4d065d3df2
bd9a6192274f8f2f3ce31cd3d2cae5ebe32e2fa86fc7c4f60a3c28556e496d56
c58897017dc276010f66d04342aeeec77f62d5b5c98f57489a859c990c12572a
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbb3c795fd44c83a1200149b18e0df050fe228df4b5b03891373029117d8bd6b
cd6c50080cda668d0e858886b870ff15124d16be997d5b0d43e97d4788a20879
cdaf31a1071286676944848c1e53c284a611e39473e322a75caf358b1b24e19d
ceb35a72459f84f9a7c03e84bba38c8efc8e2decba385d2c10e73ca389377b28
cebb9ab9910fe6cfcabcea49ed7307ea92ef70dfdd37c99c6d039548d648c800
d1b3cb38e26fb5d03f479f8c458de4a196783518bd4573ac1baa6c390e1d1981
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0
d5ef31b4cb23119d8bb2c42c879de067b04fccc5b8cd21b21f3b83962dfea111
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e21dd0740a65950d73d1106d973989a6f925ce86332545bfa41c088b8fb01365
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9abbbe4ec51b8c87498f8848bab87a7f6ce0de68b8baf84efe7f5a45f14a3ca
f0f1bf9fc33d7c37e09ca764e780df84f93a34884a51cda631c3877a6bdfd999
f63e31ebf9b37ea9651067359238bfd61f6cd7dc7c6c0ea864e6f8c345f8f8b9
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7b20f5dccee37f36c5e0ea54c725949293d72208053790209f0e16424e00ed2
fab538100dca9c9334041bc26fd618145d59b6b332f9be3c5ab4eb00b882065e