auth.savings.workingadvantage.com Open in urlscan Pro
104.18.16.216 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://e.email.workingadvantage.com/click?EZGFuaWVsLmxhd3JlbmNlZ3Jlc3NpZXJAaXZhbnRpLmNvbQ/CeyJtaWQiOiIxNzIxOTQ3NTM1MDM0NDY2NjM2ZTMyO...
Effective URL:
https://auth.savings.workingadvantage.com/auth/authorize?subdomain=ivanti&response_type=code&client_id=9ezalirn45mF43imJTdf53&utm_source=e...
Submission: On July 25 via manual (July 25th 2024, 11:46:18 pm UTC) from AU — Scanned from AU

Summary HTTP 49 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 10 domains to perform 49 HTTP transactions. The main IP is 104.18.16.216, located in and belongs to CLOUDFLARENET, US. The main domain is auth.savings.workingadvantage.com. The Cisco Umbrella rank of the primary domain is 348872.
TLS certificate: Issued by GTS CA 1P5 on June 3rd 2024. Valid for: 3 months.

This is the only time auth.savings.workingadvantage.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	96.47.20.26 96.47.20.26	46263 (EDIALOG) (EDIALOG)
1 26	104.18.16.216 104.18.16.216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	23.55.11.47 23.55.11.47	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
2	172.217.167.74 172.217.167.74	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.24.40 172.217.24.40	15169 (GOOGLE) (GOOGLE)
1	142.251.222.195 142.251.222.195	15169 (GOOGLE) (GOOGLE)
1 7	142.250.66.110 142.250.66.110	15169 (GOOGLE) (GOOGLE)
1	162.247.243.39 162.247.243.39	54113 (FASTLY) (FASTLY)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
1	104.18.95.41 104.18.95.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.94.41 104.18.94.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
49	13

1 96.47.20.26 (United States) 1 redirects

ASN46263 (EDIALOG, US)
PTR: qa8.newcooldeal.com.mx2.bm16.maas.zetaglobal.net

e.email.workingadvantage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 104.18.16.216 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ivanti.savings.workingadvantage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wag3.savings.workingadvantage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
auth.savings.workingadvantage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.55.11.47 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-11-47.deploy.static.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.167.74 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.24.40 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f40.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.222.195 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s55-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.66.110 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: hkg12s28-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.95.41 (None, )

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.94.41 (None, )

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	workingadvantage.com 2 redirects e.email.workingadvantage.com — Cisco Umbrella Rank: 373136 ivanti.savings.workingadvantage.com wag3.savings.workingadvantage.com auth.savings.workingadvantage.com — Cisco Umbrella Rank: 348872	1 MB
7	google-analytics.com 1 redirects www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	284 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336 challenges.cloudflare.com — Cisco Umbrella Rank: 3877	29 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 521	172 KB
2	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 567	80 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 441	680 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 1453	24 KB
1	gstatic.com fonts.gstatic.com	14 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	30 KB
49	10

	Domain	Requested by
19	ivanti.savings.workingadvantage.com	1 redirects ivanti.savings.workingadvantage.com
7	www.google-analytics.com	1 redirects ivanti.savings.workingadvantage.com
5	auth.savings.workingadvantage.com	ivanti.savings.workingadvantage.com auth.savings.workingadvantage.com
3	www.googletagmanager.com	ivanti.savings.workingadvantage.com
3	assets.adobedtm.com	ivanti.savings.workingadvantage.com assets.adobedtm.com
2	challenges.cloudflare.com	auth.savings.workingadvantage.com challenges.cloudflare.com
2	wag3.savings.workingadvantage.com
2	maps.googleapis.com	ivanti.savings.workingadvantage.com
1	bam.nr-data.net	ivanti.savings.workingadvantage.com
1	js-agent.newrelic.com	ivanti.savings.workingadvantage.com
1	fonts.gstatic.com	ivanti.savings.workingadvantage.com
1	cdnjs.cloudflare.com	ivanti.savings.workingadvantage.com
1	cdn.jsdelivr.net	ivanti.savings.workingadvantage.com
1	e.email.workingadvantage.com	1 redirects
49	14

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
workingadvantage.com GTS CA 1P5	`2024-06-03` - `2024-09-02`	3 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh
challenges.cloudflare.com E5	`2024-07-17` - `2024-10-15`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://auth.savings.workingadvantage.com/auth/authorize?subdomain=ivanti&response_type=code&client_id=9ezalirn45mF43imJTdf53&utm_source=email&utm_medium=July-25-2024-Samsung&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&redirect_uri=https%3A%2F%2Fivanti.savings.workingadvantage.com%2Foffers%2F6SZ6y4C0jZhifkn9VakBi5%3Febldr_form%3D2.01%26DLK%3Dcirq6qg2zgxvnkpwrjhm0x49r%26utm_campaign%3Dsamsung-hero-cta%26utm_content%3Dsamsung-hero-cta%26utm_medium%3DJuly-25-2024-Samsung%26utm_source%3Demail%26conv_source%3Dzeta
Frame ID: C8101523036DAB746930F7B71A8607E0
Requests: 47 HTTP requests in this frame

Frame: https://ivanti.savings.workingadvantage.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/2db5e1cc2adc/main.js
Frame ID: 235B26A8DC937C2985C26B5429E330D3
Requests: 2 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8810i/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Frame ID: DD76C9F5CB04FD8EA631D96B154D6CA9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

https://e.email.workingadvantage.com/click?EZGFuaWVsLmxhd3JlbmNlZ3Jlc3NpZXJAaXZhbnRpLmNvbQ/CeyJtaWQiOiIxNzIxOTQ3N... HTTP 302
https://ivanti.savings.workingadvantage.com/offers/6SZ6y4C0jZhifkn9VakBi5?ebldr_form=2.01&DLK=cirq6qg2zgxvnkpwrjhm0x49r&... Page URL
https://auth.savings.workingadvantage.com/auth/authorize?subdomain=ivanti&response_type=code&client_id=9ezalirn45mF43i... Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

49
Requests

90 %
HTTPS

0 %
IPv6

10
Domains

14
Subdomains

13
IPs

3
Countries

2004 kB
Transfer

8255 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=m
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://e.email.workingadvantage.com/click?EZGFuaWVsLmxhd3JlbmNlZ3Jlc3NpZXJAaXZhbnRpLmNvbQ/CeyJtaWQiOiIxNzIxOTQ3NTM1MDM0NDY2NjM2ZTMyOWFmIiwiY3QiOiJlYmctd2FnMy1jODJjMzEzYTJlMTkxYTMwOGUyMWE5ZmIwYzM2OTEwOS0xIiwicmQiOiJpdmFudGkuY29tIn0/VaHR0cHM6Ly9pdmFudGkuc2F2aW5ncy53b3JraW5nYWR2YW50YWdlLmNvbS9vZmZlcnMvNlNaNnk0QzBqWmhpZmtuOVZha0JpNQ/SWkhfZWJnd2FfTkRCQU0wNzI1MjAyNGMxMzQzMDE0YjE/LZWIy/qP2VibGRyX2Zvcm09Mi4wMSZETEs9Y2lycTZxZzJ6Z3h2bmtwd3JqaG0weDQ5ciZ1dG1fY2FtcGFpZ249c2Ftc3VuZy1oZXJvLWN0YSZ1dG1fY29udGVudD1zYW1zdW5nLWhlcm8tY3RhJnV0bV9tZWRpdW09SnVseS0yNS0yMDI0LVNhbXN1bmcmdXRtX3NvdXJjZT1lbWFpbCZjb252X3NvdXJjZT16ZXRh/gZqLUzw/s5vfca77cf9 HTTP 302
https://ivanti.savings.workingadvantage.com/offers/6SZ6y4C0jZhifkn9VakBi5?ebldr_form=2.01&DLK=cirq6qg2zgxvnkpwrjhm0x49r&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&utm_medium=July-25-2024-Samsung&utm_source=email&conv_source=zeta Page URL
https://auth.savings.workingadvantage.com/auth/authorize?subdomain=ivanti&response_type=code&client_id=9ezalirn45mF43imJTdf53&utm_source=email&utm_medium=July-25-2024-Samsung&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&redirect_uri=https%3A%2F%2Fivanti.savings.workingadvantage.com%2Foffers%2F6SZ6y4C0jZhifkn9VakBi5%3Febldr_form%3D2.01%26DLK%3Dcirq6qg2zgxvnkpwrjhm0x49r%26utm_campaign%3Dsamsung-hero-cta%26utm_content%3Dsamsung-hero-cta%26utm_medium%3DJuly-25-2024-Samsung%26utm_source%3Demail%26conv_source%3Dzeta Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://e.email.workingadvantage.com/click?EZGFuaWVsLmxhd3JlbmNlZ3Jlc3NpZXJAaXZhbnRpLmNvbQ/CeyJtaWQiOiIxNzIxOTQ3NTM1MDM0NDY2NjM2ZTMyOWFmIiwiY3QiOiJlYmctd2FnMy1jODJjMzEzYTJlMTkxYTMwOGUyMWE5ZmIwYzM2OTEwOS0xIiwicmQiOiJpdmFudGkuY29tIn0/VaHR0cHM6Ly9pdmFudGkuc2F2aW5ncy53b3JraW5nYWR2YW50YWdlLmNvbS9vZmZlcnMvNlNaNnk0QzBqWmhpZmtuOVZha0JpNQ/SWkhfZWJnd2FfTkRCQU0wNzI1MjAyNGMxMzQzMDE0YjE/LZWIy/qP2VibGRyX2Zvcm09Mi4wMSZETEs9Y2lycTZxZzJ6Z3h2bmtwd3JqaG0weDQ5ciZ1dG1fY2FtcGFpZ249c2Ftc3VuZy1oZXJvLWN0YSZ1dG1fY29udGVudD1zYW1zdW5nLWhlcm8tY3RhJnV0bV9tZWRpdW09SnVseS0yNS0yMDI0LVNhbXN1bmcmdXRtX3NvdXJjZT1lbWFpbCZjb252X3NvdXJjZT16ZXRh/gZqLUzw/s5vfca77cf9 HTTP 302
https://ivanti.savings.workingadvantage.com/offers/6SZ6y4C0jZhifkn9VakBi5?ebldr_form=2.01&DLK=cirq6qg2zgxvnkpwrjhm0x49r&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&utm_medium=July-25-2024-Samsung&utm_source=email&conv_source=zeta

Request Chain 23

https://ivanti.savings.workingadvantage.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://ivanti.savings.workingadvantage.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/2db5e1cc2adc/main.js

Request Chain 32

https://www.google-analytics.com/g/collect?v=2&tid=G-2K753Z6D0L&gtm=45je47o0v9126564266za200&_p=1721951171439&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=95250753&ul=en-au&sr=1600x1200&cid=2047781431.1721951172&are=1&frm=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABgI&_s=2&dl=https%3A%2F%2Fivanti.savings.workingadvantage.com%2Foffers%2F6SZ6y4C0jZhifkn9VakBi5%3Febldr_form%3D2.01%26DLK%3Dcirq6qg2zgxvnkpwrjhm0x49r%26utm_campaign%3Dsamsung-hero-cta%26utm_content%3Dsamsung-hero-cta%26utm_medium%3DJuly-25-2024-Samsung%26utm_source%3Demail%26conv_source%3Dzeta&dt=Beneplace%20Team%20Discounts&sid=1721951173&sct=1&seg=0&en=offer_page_viewed&_c=1&epn.value=0&_et=3&tfd=3282 HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=2047781431.1721951172&dbk=4011491630313697110&dma=0&en=offer_page_viewed&gtm=45je47o0v9126564266za200&npa=0&tid=G-2K753Z6D0L&dl=https%3A%2F%2Fivanti.savings.workingadvantage.com%3F

49 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

6SZ6y4C0jZhifkn9VakBi5 Show response
ivanti.savings.workingadvantage.com/offers/
Redirect Chain

https://e.email.workingadvantage.com/click?EZGFuaWVsLmxhd3JlbmNlZ3Jlc3NpZXJAaXZhbnRpLmNvbQ/CeyJtaWQiOiIxNzIxOTQ3NTM1MDM0NDY2NjM2ZTMyOWFmIiwiY3QiOiJlYmctd2FnMy1jODJjMzEzYTJlMTkxYTMwOGUyMWE5ZmIwYzM2O...
https://ivanti.savings.workingadvantage.com/offers/6SZ6y4C0jZhifkn9VakBi5?ebldr_form=2.01&DLK=cirq6qg2zgxvnkpwrjhm0x49r&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&utm_medium=July-25...

10 KB
4 KB

255ms
234ms

Document
text/html

104.18.16.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ivanti.savings.workingadvantage.com/offers/6SZ6y4C0jZhifkn9VakBi5?ebldr_form=2.01&DLK=cirq6qg2zgxvnkpwrjhm0x49r&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&utm_medium=July-25-2024-Samsung&utm_source=email&conv_source=zeta

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dca642b6c28a854ba1614e67bc09527468b0fb563f7cfd41d215d7142a363eb5

Security Headers

Name	Value
Content-Security-Policy	frame-src .beneplace.com: .workingadvantage.com: .ebgsolutions.com: .demdex.net: .everesttech.net: .adobedtm.com .sc.omtrdc.net .omtrdc.net .qualtrics.com .adobe.com .keen.io .youtube.com .kaltura.com .libertymutual.com challenges.cloudflare.com 'unsafe-inline' 'unsafe-eval' frame-ancestors 'self' .beneplace.com:* .workingadvantage.com: .ebgsolutions.com: .demdex.net: .everesttech.net: .adobedtm.com .sc.omtrdc.net .omtrdc.net .qualtrics.com .adobe.com .keen.io .youtube.com .kaltura.com *.libertymutual.com
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a900723db4b550f-SYD
content-encoding: br
content-security-policy: frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com challenges.cloudflare.com 'unsafe-inline' 'unsafe-eval' frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
content-type: text/html; charset=utf-8
date: Thu, 25 Jul 2024 23:46:11 GMT
last-modified: Thu, 18 Jul 2024 10:47:28 GMT
server: cloudflare
strict-transport-security: max-age=5184000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Thu, 25 Jul 2024 23:46:11 GMT
Keep-Alive: timeout=1, max=100
Location: https://ivanti.savings.workingadvantage.com/offers/6SZ6y4C0jZhifkn9VakBi5?ebldr_form=2.01&DLK=cirq6qg2zgxvnkpwrjhm0x49r&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&utm_medium=July-25-2024-Samsung&utm_source=email&conv_source=zeta
Server: Apache
X-Powered-By: PHP/8.2.8

GET
H2 200 launch-a0e5cece2585.min.js Show response
assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/ 678 KB
158 KB 25ms
3ms Script
application/x-javascript 23.55.11.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/launch-a0e5cece2585.min.js
Requested by: Host: ivanti.savings.workingadvantage.com
URL: https://ivanti.savings.workingadvantage.com/offers/6SZ6y4C0jZhifkn9VakBi5?ebldr_form=2.01&DLK=cirq6qg2zgxvnkpwrjhm0x49r&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&utm_medium=July-25-2024-Samsung&utm_source=email&conv_source=zeta
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.11.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-11-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 90e76d97d19465bb3b2bd5fbdaa93518630280f5f64d785b90a96014aa6cd7b3

Request headers

Referer: https://ivanti.savings.workingadvantage.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 23:46:11 GMT
content-encoding: gzip
last-modified: Thu, 11 Jul 2024 18:43:50 GMT
server: AkamaiNetStorage
etag: "02171df11e91f5ac03f2f6af3c794a0b:1720723430.040336"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://ivanti.savings.workingadvantage.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 161226
expires: Fri, 26 Jul 2024 00:46:11 GMT

GET
H3 200 new-relic-integration.js Show response
ivanti.savings.workingadvantage.com/assets/new-relic/ 51 KB
18 KB 234ms
231ms Script
application/javascript 104.18.16.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ivanti.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js

Requested by

Host: ivanti.savings.workingadvantage.com
URL: https://ivanti.savings.workingadvantage.com/offers/6SZ6y4C0jZhifkn9VakBi5?ebldr_form=2.01&DLK=cirq6qg2zgxvnkpwrjhm0x49r&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&utm_medium=July-25-2024-Samsung&utm_source=email&conv_source=zeta

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc49c009b33e66a59f057cf4ada682b80d4401d919ddf0f8d3ef2bb0415f0b23

Security Headers

Name	Value
Content-Security-Policy	frame-src .beneplace.com: .workingadvantage.com: .ebgsolutions.com: .demdex.net: .everesttech.net: .adobedtm.com .sc.omtrdc.net .omtrdc.net .qualtrics.com .adobe.com .keen.io .youtube.com .kaltura.com .libertymutual.com challenges.cloudflare.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' .beneplace.com:* .workingadvantage.com: .ebgsolutions.com: .demdex.net: .everesttech.net: .adobedtm.com .sc.omtrdc.net .omtrdc.net .qualtrics.com .adobe.com .keen.io .youtube.com .kaltura.com *.libertymutual.com
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ivanti.savings.workingadvantage.com/offers/6SZ6y4C0jZhifkn9VakBi5?ebldr_form=2.01&DLK=cirq6qg2zgxvnkpwrjhm0x49r&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&utm_medium=July-25-2024-Samsung&utm_source=email&conv_source=zeta
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 23:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=5184000; includeSubDomains
last-modified: Thu, 18 Jul 2024 10:47:27 GMT
server: cloudflare
content-security-policy: frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com challenges.cloudflare.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
etag: W/"6698f2bf-ccde"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
cf-cache-status: DYNAMIC
cf-ray: 8a9007256c5e550f-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ 190 KB
30 KB 17ms
2ms Stylesheet
text/css 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ivanti.savings.workingadvantage.com/
Origin: https://ivanti.savings.workingadvantage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jul 2024 23:46:11 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6209261
x-jsd-version: 5.2.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30336
x-served-by: cache-fra-eddf8230122-FRA, cache-syd10137-SYD
x-jsd-version-type: version
etag: W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 245 KB
80 KB 554ms
144ms Script
text/javascript 172.217.167.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?client=gme-entertainmentbenefits&libraries=places

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

74effdf41f41c2986e2cc4763417d3831076632357e4e2cb60c2e0f0dd7e3c29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ivanti.savings.workingadvantage.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 23:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81706
x-xss-protection: 0

GET
H3 200 web-animations.min.js Show response
cdnjs.cloudflare.com/ajax/libs/web-animations/2.3.1/ 47 KB
14 KB 23ms
12ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/web-animations/2.3.1/web-animations.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbb3c795fd44c83a1200149b18e0df050fe228df4b5b03891373029117d8bd6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ivanti.savings.workingadvantage.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 23:46:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1298440
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13763
last-modified: Mon, 04 May 2020 16:17:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0402f-bad6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R7fd7JJhU53%2Bx5JglFa4XrADF62Ch%2Bq5qpJeJHdgGdctZngJT%2Fx%2BbN8TnzAZqBH38Tpyq39rJ45izJ6RwlGnEZShtK7EnslTUo1GrbIvVTXYb%2FSj2MRA7DdvnalfuT6%2BpIlz6Rfc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a9007257b78a81f-SYD
expires: Tue, 15 Jul 2025 23:46:11 GMT

GET
H3 200 runtime.14127d64f6127f80.js Show response
ivanti.savings.workingadvantage.com/ 4 KB
2 KB 219ms
217ms Script
application/javascript 104.18.16.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ivanti.savings.workingadvantage.com/runtime.14127d64f6127f80.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00facad439dc5713052a85c97ea462ffd397305fe876ecec1e7c2b6045081677

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://ivanti.savings.workingadvantage.com/offers/6SZ6y4C0jZhifkn9VakBi5?ebldr_form=2.01&DLK=cirq6qg2zgxvnkpwrjhm0x49r&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&utm_medium=July-25-2024-Samsung&utm_source=email&conv_source=zeta
Origin: https://ivanti.savings.workingadvantage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 23:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Thu, 18 Jul 2024 10:47:18 GMT
server: cloudflare
strict-transport-security: max-age=5184000; includeSubDomains
etag: W/"6698f2b6-e4f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://ivanti.savings.workingadvantage.com, https://ivanti.savings.workingadvantage.com
access-control-allow-credentials: true, true
cf-ray: 8a9007256c5f550f-SYD
alt-svc: h3=":443"; ma=86400

GET
H3 200 polyfills.b3ca5e0491f9957c.js Show response
ivanti.savings.workingadvantage.com/ 142 KB
47 KB 885ms
883ms Script
application/javascript 104.18.16.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ivanti.savings.workingadvantage.com/polyfills.b3ca5e0491f9957c.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f38141aa44e94f18b8a6169d2dace200f71c72f822456b2c8fa2d7d80c5fbaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://ivanti.savings.workingadvantage.com/offers/6SZ6y4C0jZhifkn9VakBi5?ebldr_form=2.01&DLK=cirq6qg2zgxvnkpwrjhm0x49r&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&utm_medium=July-25-2024-Samsung&utm_source=email&conv_source=zeta
Origin: https://ivanti.savings.workingadvantage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 23:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Thu, 18 Jul 2024 10:47:18 GMT
server: cloudflare
strict-transport-security: max-age=5184000; includeSubDomains
etag: W/"6698f2b6-2386c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://ivanti.savings.workingadvantage.com, https://ivanti.savings.workingadvantage.com
access-control-allow-credentials: true, true
cf-ray: 8a9007256c60550f-SYD
alt-svc: h3=":443"; ma=86400

GET
H3 200 scripts.7a1741d36aa82235.js Show response
ivanti.savings.workingadvantage.com/ 163 KB
54 KB 226ms
224ms Script
application/javascript 104.18.16.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ivanti.savings.workingadvantage.com/scripts.7a1741d36aa82235.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5135057d3089a6b70e2655bb8474152f126ba812de365a75f09263cac572412

Security Headers

Name	Value
Content-Security-Policy	frame-src .beneplace.com: .workingadvantage.com: .ebgsolutions.com: .demdex.net: .everesttech.net: .adobedtm.com .sc.omtrdc.net .omtrdc.net .qualtrics.com .adobe.com .keen.io .youtube.com .kaltura.com .libertymutual.com challenges.cloudflare.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' .beneplace.com:* .workingadvantage.com: .ebgsolutions.com: .demdex.net: .everesttech.net: .adobedtm.com .sc.omtrdc.net .omtrdc.net .qualtrics.com .adobe.com .keen.io .youtube.com .kaltura.com *.libertymutual.com
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ivanti.savings.workingadvantage.com/offers/6SZ6y4C0jZhifkn9VakBi5?ebldr_form=2.01&DLK=cirq6qg2zgxvnkpwrjhm0x49r&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&utm_medium=July-25-2024-Samsung&utm_source=email&conv_source=zeta
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 23:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=5184000; includeSubDomains
last-modified: Thu, 18 Jul 2024 10:47:18 GMT
server: cloudflare
content-security-policy: frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com challenges.cloudflare.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
etag: W/"6698f2b6-28d5e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
cf-cache-status: DYNAMIC
cf-ray: 8a900726fd68550f-SYD
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.70fb8f563f51f0cb.js Show response
ivanti.savings.workingadvantage.com/ 5 MB
1 MB 231ms
230ms Script
application/javascript 104.18.16.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ivanti.savings.workingadvantage.com/main.70fb8f563f51f0cb.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3375cf40316f4f32450a821eea1df64bf0de1ac4a9304828a89c38e455e226

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://ivanti.savings.workingadvantage.com/offers/6SZ6y4C0jZhifkn9VakBi5?ebldr_form=2.01&DLK=cirq6qg2zgxvnkpwrjhm0x49r&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&utm_medium=July-25-2024-Samsung&utm_source=email&conv_source=zeta
Origin: https://ivanti.savings.workingadvantage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 23:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Thu, 18 Jul 2024 10:47:18 GMT
server: cloudflare
strict-transport-security: max-age=5184000; includeSubDomains
etag: W/"6698f2b6-4d4259"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://ivanti.savings.workingadvantage.com, https://ivanti.savings.workingadvantage.com
access-control-allow-credentials: true, true
cf-ray: 8a9007256c63550f-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 261 KB
87 KB 225ms
122ms Script
application/javascript 172.217.24.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5QN8HWM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f40.1e100.net

Software

Google Tag Manager /

Resource Hash

fe3908a6d2b7668530e1bec0afcf8e8173d3c4fa50eb2bf0af7848766917a344

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ivanti.savings.workingadvantage.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 23:46:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000
content-length: 88246
x-xss-protection: 0
last-modified: Thu, 25 Jul 2024 21:48:40 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Jul 2024 23:46:11 GMT

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 33 KB
12 KB 25ms
22ms Script
application/x-javascript 23.55.11.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/launch-a0e5cece2585.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.11.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-11-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

Referer: https://ivanti.savings.workingadvantage.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 23:46:11 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://ivanti.savings.workingadvantage.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12163
expires: Fri, 26 Jul 2024 00:46:11 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 3 KB
2 KB 6ms
4ms Script
application/x-javascript 23.55.11.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/launch-a0e5cece2585.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.11.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-11-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575

Request headers

Referer: https://ivanti.savings.workingadvantage.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 23:46:11 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://ivanti.savings.workingadvantage.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1597
expires: Fri, 26 Jul 2024 00:46:11 GMT

GET
H3 200 styles.8c6bd9ec4e9f57b5.css
ivanti.savings.workingadvantage.com/ 96 KB
16 KB 223ms
222ms Stylesheet
text/css 104.18.16.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ivanti.savings.workingadvantage.com/styles.8c6bd9ec4e9f57b5.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cfc3f3713b33443b41b23c86118231cfd4d92829c1e6ca39ac9b323b1b170c1

Security Headers

Name	Value
Content-Security-Policy	frame-src .beneplace.com: .workingadvantage.com: .ebgsolutions.com: .demdex.net: .everesttech.net: .adobedtm.com .sc.omtrdc.net .omtrdc.net .qualtrics.com .adobe.com .keen.io .youtube.com .kaltura.com .libertymutual.com challenges.cloudflare.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' .beneplace.com:* .workingadvantage.com: .ebgsolutions.com: .demdex.net: .everesttech.net: .adobedtm.com .sc.omtrdc.net .omtrdc.net .qualtrics.com .adobe.com .keen.io .youtube.com .kaltura.com *.libertymutual.com
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ivanti.savings.workingadvantage.com/offers/6SZ6y4C0jZhifkn9VakBi5?ebldr_form=2.01&DLK=cirq6qg2zgxvnkpwrjhm0x49r&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&utm_medium=July-25-2024-Samsung&utm_source=email&conv_source=zeta
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 23:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=5184000; includeSubDomains
last-modified: Thu, 18 Jul 2024 10:47:18 GMT
server: cloudflare
content-security-policy: frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com challenges.cloudflare.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
etag: W/"6698f2b6-17ffe"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
cf-cache-status: DYNAMIC
cf-ray: 8a900726fd6c550f-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v24/ 14 KB
14 KB 750ms
145ms Font
font/woff2 142.251.222.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.195 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s55-in-f3.1e100.net

Software

sffe /

Resource Hash

d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ivanti.savings.workingadvantage.com/
Origin: https://ivanti.savings.workingadvantage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 07:54:28 GMT
x-content-type-options: nosniff
age: 229904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13980
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 07:54:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 305 KB
101 KB 122ms
121ms Script
application/javascript 172.217.24.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FD2X5ZMELR&l=dataLayer&cx=c

Requested by

Host: ivanti.savings.workingadvantage.com
URL: https://ivanti.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f40.1e100.net

Software

Google Tag Manager /

Resource Hash

9af85b217a4af6f4e39d1de22bc6fbafa56266e715e02ae3ad8901c9b1235574

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ivanti.savings.workingadvantage.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 23:46:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103732
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000
expires: Thu, 25 Jul 2024 23:46:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 752ms
146ms Script
text/javascript 142.250.66.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ivanti.savings.workingadvantage.com
URL: https://ivanti.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg12s28-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ivanti.savings.workingadvantage.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 25 Jul 2024 23:10:19 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2153
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 26 Jul 2024 01:10:19 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 317ms
220ms XHR
application/json 172.217.167.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: ivanti.savings.workingadvantage.com
URL: https://ivanti.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ivanti.savings.workingadvantage.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 23:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://ivanti.savings.workingadvantage.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 410ms
196ms Fetch
text/plain 142.250.66.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-FD2X5ZMELR&gtm=45je47o0v9112553684z878847533za200zb78847533&_p=1721951171439&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=2047781431.1721951172&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721951172&sct=1&seg=0&dl=https%3A%2F%2Fivanti.savings.workingadvantage.com%2Foffers%2F6SZ6y4C0jZhifkn9VakBi5%3Febldr_form%3D2.01%26DLK%3Dcirq6qg2zgxvnkpwrjhm0x49r%26utm_campaign%3Dsamsung-hero-cta%26utm_content%3Dsamsung-hero-cta%26utm_medium%3DJuly-25-2024-Samsung%26utm_source%3Demail%26conv_source%3Dzeta&dt=Beneplace%20Team%20Discounts&en=page_view&_fv=1&_nsi=1&_ss=1&ep.userId=&up.data_stream_name=G-FD2X5ZMELR&up.site_name=Non%20Cruises&up.url_name=https%3A%2F%2Fivanti.savings.workingadvantage.com%2Foffers%2F6SZ6y4C0jZhifkn9VakBi5%3Febldr_form%3D2.01%26DLK%3Dcirq6qg2zgxvnkpwrjhm0x49r%26utm_campaign%3Dsamsung-hero-cta%26utm_content%3Dsamsung-hero-cta%26utm_medium%3DJuly-25-2024-Samsung%26utm_source%3Demail%26conv_source%3Dzeta&up.pb_site_name=ivanti&up.page_path=%2Foffers%2F6SZ6y4C0jZhifkn9VakBi5&up.user_id_value=&up.zip_code=NaN&tfd=2241
Requested by: Host: ivanti.savings.workingadvantage.com
URL: https://ivanti.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.66.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: hkg12s28-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://ivanti.savings.workingadvantage.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 23:46:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ivanti.savings.workingadvantage.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 info Show response
ivanti.savings.workingadvantage.com/api/ 8 KB
3 KB 260ms
260ms XHR
application/json 104.18.16.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ivanti.savings.workingadvantage.com/api/info

Requested by

Host: ivanti.savings.workingadvantage.com
URL: https://ivanti.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b93f425b2b4716274b4d379fa45a6ee78ecffa8a56eb73b1451a02d4c38d40a

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://ivanti.savings.workingadvantage.com/offers/6SZ6y4C0jZhifkn9VakBi5?ebldr_form=2.01&DLK=cirq6qg2zgxvnkpwrjhm0x49r&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&utm_medium=July-25-2024-Samsung&utm_source=email&conv_source=zeta
tracestate: 88831@nr=0-1-2647367-1120218725-67e58100c0f3b306----1721951172948
traceparent: 00-ac2bc0ddfa243a651b33ff1ec0282500-67e58100c0f3b306-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI2NDczNjciLCJhcCI6IjExMjAyMTg3MjUiLCJpZCI6IjY3ZTU4MTAwYzBmM2IzMDYiLCJ0ciI6ImFjMmJjMGRkZmEyNDNhNjUxYjMzZmYxZWMwMjgyNTAwIiwidGkiOjE3MjE5NTExNzI5NDgsInRrIjoiODg4MzEifX0=

Response headers

date: Thu, 25 Jul 2024 23:46:13 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-powered-by
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"1e08-PAj7CWroh4ooreFs9U9p3jGkk0I"
vary: Origin
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: http://ivanti.savings.workingadvantage.com
cache-control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray: 8a90072efb58550f-SYD
access-control-allow-headers: Origin, Referer, X-Requested-With, Content-Type, Authorization
expires: Thu, 25 Jul 2024 23:46:12 GMT

GET
H3 200 marketplace-styles.css Show response
ivanti.savings.workingadvantage.com/api/ivanti/ 26 KB
5 KB 526ms
526ms XHR
text/css 104.18.16.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ivanti.savings.workingadvantage.com/api/ivanti/marketplace-styles.css

Requested by

Host: ivanti.savings.workingadvantage.com
URL: https://ivanti.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

387006aa5244bfc36ba4019bb75934c47e9666c4ff9a92e20ba21b52fba29202

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://ivanti.savings.workingadvantage.com/offers/6SZ6y4C0jZhifkn9VakBi5?ebldr_form=2.01&DLK=cirq6qg2zgxvnkpwrjhm0x49r&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&utm_medium=July-25-2024-Samsung&utm_source=email&conv_source=zeta
tracestate: 88831@nr=0-1-2647367-1120218725-e085c752058a42a0----1721951172950
traceparent: 00-c57ce5c41f65ed6de33089552b212600-e085c752058a42a0-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI2NDczNjciLCJhcCI6IjExMjAyMTg3MjUiLCJpZCI6ImUwODVjNzUyMDU4YTQyYTAiLCJ0ciI6ImM1N2NlNWM0MWY2NWVkNmRlMzMwODk1NTJiMjEyNjAwIiwidGkiOjE3MjE5NTExNzI5NTAsInRrIjoiODg4MzEifX0=

Response headers

date: Thu, 25 Jul 2024 23:46:13 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-powered-by
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"69a5-DlOXQf+SnS+z1eCtfuwYfSPqNa4"
vary: Origin
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: http://ivanti.savings.workingadvantage.com
cache-control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray: 8a90072efb5a550f-SYD
access-control-allow-headers: Origin, Referer, X-Requested-With, Content-Type, Authorization
expires: Thu, 25 Jul 2024 23:46:12 GMT

GET
H3 200 colors.css Show response
ivanti.savings.workingadvantage.com/api/ivanti/ 3 KB
819 B 249ms
249ms XHR
text/css 104.18.16.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ivanti.savings.workingadvantage.com/api/ivanti/colors.css?scope=:root,app-logged-in,ngb-modal-window

Requested by

Host: ivanti.savings.workingadvantage.com
URL: https://ivanti.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e0a80f7297b9cb7260a1ce3d02ea73fdbf048ea86ca36ee6ff5739f9d0d755

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://ivanti.savings.workingadvantage.com/offers/6SZ6y4C0jZhifkn9VakBi5?ebldr_form=2.01&DLK=cirq6qg2zgxvnkpwrjhm0x49r&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&utm_medium=July-25-2024-Samsung&utm_source=email&conv_source=zeta
tracestate: 88831@nr=0-1-2647367-1120218725-73a8e5fa1b1f8157----1721951172950
traceparent: 00-6acb296eafc4869e16b66a966f684100-73a8e5fa1b1f8157-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI2NDczNjciLCJhcCI6IjExMjAyMTg3MjUiLCJpZCI6IjczYThlNWZhMWIxZjgxNTciLCJ0ciI6IjZhY2IyOTZlYWZjNDg2OWUxNmI2NmE5NjZmNjg0MTAwIiwidGkiOjE3MjE5NTExNzI5NTAsInRrIjoiODg4MzEifX0=

Response headers

date: Thu, 25 Jul 2024 23:46:13 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-powered-by
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"ab0-B++Apb4S77RhUj9cpzZxH0JHfyk"
vary: Origin
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: http://ivanti.savings.workingadvantage.com
cache-control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray: 8a90072efb5b550f-SYD
access-control-allow-headers: Origin, Referer, X-Requested-With, Content-Type, Authorization
expires: Thu, 25 Jul 2024 23:46:12 GMT

GET
H3

200

main.js Show response
ivanti.savings.workingadvantage.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/2db5e1cc2adc/ Frame 235B
Redirect Chain

https://ivanti.savings.workingadvantage.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://ivanti.savings.workingadvantage.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/2db5e1cc2adc/main.js?

8 KB
4 KB

14ms
14ms

Script
application/javascript

104.18.16.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ivanti.savings.workingadvantage.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/2db5e1cc2adc/main.js?

Requested by

Protocol

Server

104.18.16.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d79eba9fed78c62128eb6805bfcaeab86806a795177cb8c1b581923f16c2b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 23:46:12 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8a90072f0b72550f-SYD
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 25 Jul 2024 23:46:12 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/2db5e1cc2adc/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8a90072efb5e550f-SYD
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
107 B 158ms
157ms XHR
text/plain 142.250.66.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=495856593&t=pageview&_s=1&dl=https%3A%2F%2Fivanti.savings.workingadvantage.com%2Foffers%2F6SZ6y4C0jZhifkn9VakBi5%3Febldr_form%3D2.01%26DLK%3Dcirq6qg2zgxvnkpwrjhm0x49r%26utm_campaign%3Dsamsung-hero-cta%26utm_content%3Dsamsung-hero-cta%26utm_medium%3DJuly-25-2024-Samsung%26utm_source%3Demail%26conv_source%3Dzeta&ul=en-au&de=UTF-8&dt=Beneplace%20Team%20Discounts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1472536087&gjid=280277430&cid=2047781431.1721951172&tid=UA-2876877-9&_gid=1161490962.1721951173&_r=1&_slc=1&gtm=45He47o0n815QN8HWMv78847533za200&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&z=447047037

Requested by

Host: ivanti.savings.workingadvantage.com
URL: https://ivanti.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg12s28-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

b017bfb984b00d66e38ede36599b6c5650d3bed3011fc37a6ff5f041b1aa1a8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ivanti.savings.workingadvantage.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 23:46:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ivanti.savings.workingadvantage.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-spa.142f942f-1.239.1.min.js Show response
js-agent.newrelic.com/ 75 KB
24 KB 312ms
2ms Script
application/javascript 162.247.243.39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa.142f942f-1.239.1.min.js

Requested by

Host: ivanti.savings.workingadvantage.com
URL: https://ivanti.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.247.243.39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cdaf31a1071286676944848c1e53c284a611e39473e322a75caf358b1b24e19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://ivanti.savings.workingadvantage.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: sn0IxCI.MkvNIiRAoqe.awP2R5evqDa4
content-encoding: br
via: 1.1 varnish
date: Thu, 25 Jul 2024 23:46:13 GMT
strict-transport-security: max-age=300
x-amz-request-id: 2K2J0NPSJD07NNSA
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 23581
x-amz-id-2: 5OeuVFTMZqcKmGOouUYx6Oczt6k+dfn8Yyt4YiUy6Bz/qTvcrWUIqc5m2NSLGU6wPDkbSZxgbOk=
x-served-by: cache-syd10140-SYD
last-modified: Wed, 18 Oct 2023 21:33:59 GMT
server: AmazonS3
etag: "929044c7a94ad93d4583f5b62538f46a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 1214

GET
H3 200 favicon.ico
ivanti.savings.workingadvantage.com/ 9 KB
3 KB 217ms
217ms Other
text/html 104.18.16.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ivanti.savings.workingadvantage.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8382011628070547c8c21a3b9848baf7101dd987f31d9eba0d1a833a9ca37c12

Security Headers

Name	Value
Content-Security-Policy	frame-src .beneplace.com: .workingadvantage.com: .ebgsolutions.com: .demdex.net: .everesttech.net: .adobedtm.com .sc.omtrdc.net .omtrdc.net .qualtrics.com .adobe.com .keen.io .youtube.com .kaltura.com .libertymutual.com challenges.cloudflare.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' .beneplace.com:* .workingadvantage.com: .ebgsolutions.com: .demdex.net: .everesttech.net: .adobedtm.com .sc.omtrdc.net .omtrdc.net .qualtrics.com .adobe.com .keen.io .youtube.com .kaltura.com *.libertymutual.com
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ivanti.savings.workingadvantage.com/offers/6SZ6y4C0jZhifkn9VakBi5?ebldr_form=2.01&DLK=cirq6qg2zgxvnkpwrjhm0x49r&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&utm_medium=July-25-2024-Samsung&utm_source=email&conv_source=zeta
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 23:46:13 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com challenges.cloudflare.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
last-modified: Thu, 18 Jul 2024 10:47:28 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/html; charset=utf-8
cf-ray: 8a90072f1b76550f-SYD
alt-svc: h3=":443"; ma=86400

POST
H3 200 8a900723db4b550f Show response
ivanti.savings.workingadvantage.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 235B 0
447 B 28ms
25ms XHR
text/plain 104.18.16.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ivanti.savings.workingadvantage.com/cdn-cgi/challenge-platform/h/g/jsd/r/8a900723db4b550f

Requested by

Host: ivanti.savings.workingadvantage.com
URL: https://ivanti.savings.workingadvantage.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 25 Jul 2024 23:46:13 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 8a90072f9bdc550f-SYD
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
96 KB 121ms
121ms Script
application/javascript 172.217.24.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2K753Z6D0L&cx=c&_slc=1

Requested by

Host: ivanti.savings.workingadvantage.com
URL: https://ivanti.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.24.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f40.1e100.net

Software

Google Tag Manager /

Resource Hash

2d01e02062c20ef3143004420c0ab5487a7e80992959c05abd7771e2b9d554ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ivanti.savings.workingadvantage.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 23:46:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98196
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000
expires: Thu, 25 Jul 2024 23:46:13 GMT

GET
H3 200 ivanti Show response
ivanti.savings.workingadvantage.com/api/controls/ 997 B
908 B 281ms
280ms XHR
application/json 104.18.16.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ivanti.savings.workingadvantage.com/api/controls/ivanti

Requested by

Host: ivanti.savings.workingadvantage.com
URL: https://ivanti.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc1632a8200468ed5c029f578c9e977251a3ea0e46c2d361d3cfe55487b8f750

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://ivanti.savings.workingadvantage.com/offers/6SZ6y4C0jZhifkn9VakBi5?ebldr_form=2.01&DLK=cirq6qg2zgxvnkpwrjhm0x49r&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&utm_medium=July-25-2024-Samsung&utm_source=email&conv_source=zeta
tracestate: 88831@nr=0-1-2647367-1120218725-1a08b797aa708dac----1721951173212
traceparent: 00-2c769a125ef533286b0cdc2c73fec900-1a08b797aa708dac-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI2NDczNjciLCJhcCI6IjExMjAyMTg3MjUiLCJpZCI6IjFhMDhiNzk3YWE3MDhkYWMiLCJ0ciI6IjJjNzY5YTEyNWVmNTMzMjg2YjBjZGMyYzczZmVjOTAwIiwidGkiOjE3MjE5NTExNzMyMTIsInRrIjoiODg4MzEifX0=

Response headers

date: Thu, 25 Jul 2024 23:46:13 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-powered-by
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"3e5-/4+gDMZIBxQ74K7O86EUHccGXBs"
vary: Origin
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: http://ivanti.savings.workingadvantage.com
cache-control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray: 8a9007309c8e550f-SYD
access-control-allow-headers: Origin, Referer, X-Requested-With, Content-Type, Authorization
expires: Thu, 25 Jul 2024 23:46:12 GMT

POST
H/1.1 200 NRJS-2ebdf5b38afbaafd48e Show response
bam.nr-data.net/1/ 151 B
680 B 921ms
911ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-2ebdf5b38afbaafd48e?a=1120218725&sa=1&v=1.239.1&t=Unnamed%20Transaction&rst=3077&ck=0&s=991d1dc0cf7071a9&ref=https://ivanti.savings.workingadvantage.com/offers/6SZ6y4C0jZhifkn9VakBi5&af=err,xhr,stn,ins,spa&be=1187&fe=1560&dc=1543&perf=%7B%22timing%22:%7B%22of%22:1721951170223,%22n%22:0,%22f%22:933,%22dn%22:933,%22dne%22:943,%22c%22:943,%22s%22:943,%22ce%22:954,%22rq%22:954,%22rp%22:1187,%22rpe%22:1190,%22di%22:1476,%22ds%22:2728,%22de%22:2730,%22dc%22:2745,%22l%22:2745,%22le%22:2747%7D,%22navigation%22:%7B%7D%7D
Requested by: Host: ivanti.savings.workingadvantage.com
URL: https://ivanti.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 889400be70a8ed911d67aa43a14fb97973de76e03724d4c82c002e25a168ecad

Request headers

Referer: https://ivanti.savings.workingadvantage.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 25 Jul 2024 23:46:13 GMT
server: envoy
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://ivanti.savings.workingadvantage.com
access-control-expose-headers: Date
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
cross-origin-resource-policy: cross-origin
Connection: keep-alive
timing-allow-origin: https://ivanti.savings.workingadvantage.com
Content-Length: 151
x-served-by: cache-syd10145-SYD

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 169ms
169ms Fetch
text/plain 142.250.66.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2K753Z6D0L&gtm=45je47o0v9126564266za200&_p=1721951171439&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=95250753&ul=en-au&sr=1600x1200&cid=2047781431.1721951172&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AhAI&_s=1&dl=https%3A%2F%2Fivanti.savings.workingadvantage.com%2Foffers%2F6SZ6y4C0jZhifkn9VakBi5%3Febldr_form%3D2.01%26DLK%3Dcirq6qg2zgxvnkpwrjhm0x49r%26utm_campaign%3Dsamsung-hero-cta%26utm_content%3Dsamsung-hero-cta%26utm_medium%3DJuly-25-2024-Samsung%26utm_source%3Demail%26conv_source%3Dzeta&dt=Beneplace%20Team%20Discounts&sid=1721951173&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3279
Requested by: Host: ivanti.savings.workingadvantage.com
URL: https://ivanti.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.66.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: hkg12s28-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://ivanti.savings.workingadvantage.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 23:46:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ivanti.savings.workingadvantage.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

204

https://www.google-analytics.com/g/collect?v=2&tid=G-2K753Z6D0L&gtm=45je47o0v9126564266za200&_p=1721951171439&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=95250753&ul=en-au&sr=1600x1200&cid=2047781431.172195...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=2047781431.1721951172&dbk=4011491630313697110&dma=0&en=offer_page_viewed&gtm=45je47o0v9126564266za200&npa=0&tid=G-2K753...

0
0

163ms
163ms

Fetch
text/plain

142.250.66.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=2047781431.1721951172&dbk=4011491630313697110&dma=0&en=offer_page_viewed&gtm=45je47o0v9126564266za200&npa=0&tid=G-2K753Z6D0L&dl=https%3A%2F%2Fivanti.savings.workingadvantage.com%3F
Protocol: H3
Server: 142.250.66.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: hkg12s28-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://ivanti.savings.workingadvantage.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 23:46:13 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Jul 2024 23:46:13 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=2047781431.1721951172&dbk=4011491630313697110&dma=0&en=offer_page_viewed&gtm=45je47o0v9126564266za200&npa=0&tid=G-2K753Z6D0L&dl=https%3A%2F%2Fivanti.savings.workingadvantage.com%3F
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 487
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 260.0ef548da95a62a47.js Show response
ivanti.savings.workingadvantage.com/ 168 KB
32 KB 225ms
225ms Script
application/javascript 104.18.16.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ivanti.savings.workingadvantage.com/260.0ef548da95a62a47.js

Requested by

Host: ivanti.savings.workingadvantage.com
URL: https://ivanti.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9aa7e8bf3c468e0d954e14dd1fcf358bb3bf1bc43432c7592330e2a0b424c43d

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://ivanti.savings.workingadvantage.com/offers/6SZ6y4C0jZhifkn9VakBi5?ebldr_form=2.01&DLK=cirq6qg2zgxvnkpwrjhm0x49r&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&utm_medium=July-25-2024-Samsung&utm_source=email&conv_source=zeta
Origin: https://ivanti.savings.workingadvantage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 23:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Thu, 18 Jul 2024 10:47:18 GMT
server: cloudflare
strict-transport-security: max-age=5184000; includeSubDomains
etag: W/"6698f2b6-29f06"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://ivanti.savings.workingadvantage.com, https://ivanti.savings.workingadvantage.com
access-control-allow-credentials: true, true
cf-ray: 8a9007329e0f550f-SYD
alt-svc: h3=":443"; ma=86400

GET
H3 200 40.8fdcb779bb5b3e7b.js Show response
ivanti.savings.workingadvantage.com/ 239 KB
47 KB 225ms
225ms Script
application/javascript 104.18.16.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ivanti.savings.workingadvantage.com/40.8fdcb779bb5b3e7b.js

Requested by

Host: ivanti.savings.workingadvantage.com
URL: https://ivanti.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

774f8dab811e94cf77ff63f40b726c7773c49311c95723b338f473ddaec01a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://ivanti.savings.workingadvantage.com/offers/6SZ6y4C0jZhifkn9VakBi5?ebldr_form=2.01&DLK=cirq6qg2zgxvnkpwrjhm0x49r&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&utm_medium=July-25-2024-Samsung&utm_source=email&conv_source=zeta
Origin: https://ivanti.savings.workingadvantage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 23:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Thu, 18 Jul 2024 10:47:18 GMT
server: cloudflare
strict-transport-security: max-age=5184000; includeSubDomains
etag: W/"6698f2b6-3bdfe"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://ivanti.savings.workingadvantage.com, https://ivanti.savings.workingadvantage.com
access-control-allow-credentials: true, true
cf-ray: 8a9007329e13550f-SYD
alt-svc: h3=":443"; ma=86400

GET
H3 200 ivanti_favicon_01.png
wag3.savings.workingadvantage.com/uploads/ 255 B
464 B 262ms
250ms Other
image/png 104.18.16.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wag3.savings.workingadvantage.com/uploads/ivanti_favicon_01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc2a0462413435253c1d881e19031d9974b3aec9e6528fd0c74197f4bb4739c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://ivanti.savings.workingadvantage.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 23:46:13 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Thu, 29 Feb 2024 19:23:53 GMT
server: cloudflare
etag: "65e0d9c9-ff"
content-type: image/png
cache-control: public, max-age=2592000, s-maxage=600
accept-ranges: bytes
cf-ray: 8a900732be36550f-SYD
alt-svc: h3=":443"; ma=86400
content-length: 255

GET
H3 401 dlk-compare Show response
ivanti.savings.workingadvantage.com/api/known/ 182 B
516 B 434ms
434ms XHR
application/json 104.18.16.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ivanti.savings.workingadvantage.com/api/known/dlk-compare?guid=cirq6qg2zgxvnkpwrjhm0x49r

Requested by

Host: ivanti.savings.workingadvantage.com
URL: https://ivanti.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

170287bbbfc14739c9b3aa6ce30abb0669d418f01118028f4b06c198fdbdde1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://ivanti.savings.workingadvantage.com/offers/6SZ6y4C0jZhifkn9VakBi5?ebldr_form=2.01&DLK=cirq6qg2zgxvnkpwrjhm0x49r&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&utm_medium=July-25-2024-Samsung&utm_source=email&conv_source=zeta
tracestate: 88831@nr=0-1-2647367-1120218725-4062006b0a2f13e1----1721951173787
traceparent: 00-e13b10d28e3def493566f8200cc7a500-4062006b0a2f13e1-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI2NDczNjciLCJhcCI6IjExMjAyMTg3MjUiLCJpZCI6IjQwNjIwMDZiMGEyZjEzZTEiLCJ0ciI6ImUxM2IxMGQyOGUzZGVmNDkzNTY2ZjgyMDBjYzdhNTAwIiwidGkiOjE3MjE5NTExNzM3ODcsInRrIjoiODg4MzEifX0=

Response headers

date: Thu, 25 Jul 2024 23:46:14 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by
etag: W/"b6-lGFIUF59ZyAYAhOl/ILN9N2OvBU"
vary: Origin
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: http://ivanti.savings.workingadvantage.com
cf-ray: 8a9007342f80550f-SYD
access-control-allow-headers: Origin, Referer, X-Requested-With, Content-Type, Authorization
content-length: 182
alt-svc: h3=":443"; ma=86400

GET
H3 200 info
ivanti.savings.workingadvantage.com/api/ 8 KB
3 KB 432ms
432ms XHR
application/json 104.18.16.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ivanti.savings.workingadvantage.com/api/info?authInfo=true

Requested by

Host: ivanti.savings.workingadvantage.com
URL: https://ivanti.savings.workingadvantage.com/assets/new-relic/new-relic-integration.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://ivanti.savings.workingadvantage.com/offers/6SZ6y4C0jZhifkn9VakBi5?ebldr_form=2.01&DLK=cirq6qg2zgxvnkpwrjhm0x49r&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&utm_medium=July-25-2024-Samsung&utm_source=email&conv_source=zeta
tracestate: 88831@nr=0-1-2647367-1120218725-55b3c3d64492169a----1721951173790
traceparent: 00-7d8486bcc85669eff6aa54c63b4d1300-55b3c3d64492169a-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI2NDczNjciLCJhcCI6IjExMjAyMTg3MjUiLCJpZCI6IjU1YjNjM2Q2NDQ5MjE2OWEiLCJ0ciI6IjdkODQ4NmJjYzg1NjY5ZWZmNmFhNTRjNjNiNGQxMzAwIiwidGkiOjE3MjE5NTExNzM3OTAsInRrIjoiODg4MzEifX0=

Response headers

date: Thu, 25 Jul 2024 23:46:14 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-powered-by
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"21c6-WdUQgrDRNdCkv6i8ZblLZfqwIBA"
vary: Origin
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: http://ivanti.savings.workingadvantage.com
cache-control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray: 8a9007343f82550f-SYD
access-control-allow-headers: Origin, Referer, X-Requested-With, Content-Type, Authorization
expires: Thu, 25 Jul 2024 23:46:12 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 145ms
145ms Image
image/gif 142.250.66.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=495856593&t=pageview&_s=1&dl=https%3A%2F%2Fivanti.savings.workingadvantage.com%2F&ul=en-au&de=UTF-8&dt=Ivanti%27s%20Savings%20Marketplace&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=2047781431.1721951172&tid=UA-2876877-9&_gid=1161490962.1721951173&gtm=45He47o0n815QN8HWMv78847533za200&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&z=806812185

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg12s28-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ivanti.savings.workingadvantage.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 10:39:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47180
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ivanti_favicon_01.png
wag3.savings.workingadvantage.com/uploads/ 255 B
0 0ms
0ms Other
image/png 104.18.16.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wag3.savings.workingadvantage.com/uploads/ivanti_favicon_01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc2a0462413435253c1d881e19031d9974b3aec9e6528fd0c74197f4bb4739c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ivanti.savings.workingadvantage.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 23:46:13 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Thu, 29 Feb 2024 19:23:53 GMT
server: cloudflare
etag: "65e0d9c9-ff"
content-type: image/png
cache-control: public, max-age=2592000, s-maxage=600
accept-ranges: bytes
cf-ray: 8a900732be36550f-SYD
alt-svc: h3=":443"; ma=86400
content-length: 255

GET
H2 429 Primary Request authorize Show response
auth.savings.workingadvantage.com/auth/ 22 KB
23 KB 42ms
18ms Document
text/html 104.18.16.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.savings.workingadvantage.com/auth/authorize?subdomain=ivanti&response_type=code&client_id=9ezalirn45mF43imJTdf53&utm_source=email&utm_medium=July-25-2024-Samsung&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&redirect_uri=https%3A%2F%2Fivanti.savings.workingadvantage.com%2Foffers%2F6SZ6y4C0jZhifkn9VakBi5%3Febldr_form%3D2.01%26DLK%3Dcirq6qg2zgxvnkpwrjhm0x49r%26utm_campaign%3Dsamsung-hero-cta%26utm_content%3Dsamsung-hero-cta%26utm_medium%3DJuly-25-2024-Samsung%26utm_source%3Demail%26conv_source%3Dzeta

Requested by

Host: ivanti.savings.workingadvantage.com
URL: https://ivanti.savings.workingadvantage.com/main.70fb8f563f51f0cb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.16.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d24f6f1341e8448bd7322d54eeab6013a646a6d00fa3cb078c54f29d352a83e

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ivanti.savings.workingadvantage.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out: JrtO6f3o8GxSdzgi6hrdjW/UmaoRIe9NGKpkcpViKzACN38/44SGkuyIDLBVoyeOXKidNhWNi8PgA/ZeLGvF9HpMmrGqx83NJ+jJNhz4DJEyLE/Mffy/wFmI804v6vBMi66x3UjBw47Di6LPg1p1Jg==$+D2x10ZPR3oQQj10TIE7ZQ==
cf-mitigated: challenge
cf-ray: 8a9007371b77aaf5-SYD
content-length: 22288
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Thu, 25 Jul 2024 23:46:14 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=5184000; includeSubDomains
vary: Accept-Encoding
x-content-options: nosniff
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

POST NRJS-2ebdf5b38afbaafd48e
bam.nr-data.net/events/1/ 0
0

GET
H2 200 v1 Show response
auth.savings.workingadvantage.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 85 KB
33 KB 17ms
16ms Script
application/javascript 104.18.16.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.savings.workingadvantage.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8a9007371b77aaf5

Requested by

Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/auth/authorize?subdomain=ivanti&response_type=code&client_id=9ezalirn45mF43imJTdf53&utm_source=email&utm_medium=July-25-2024-Samsung&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&redirect_uri=https%3A%2F%2Fivanti.savings.workingadvantage.com%2Foffers%2F6SZ6y4C0jZhifkn9VakBi5%3Febldr_form%3D2.01%26DLK%3Dcirq6qg2zgxvnkpwrjhm0x49r%26utm_campaign%3Dsamsung-hero-cta%26utm_content%3Dsamsung-hero-cta%26utm_medium%3DJuly-25-2024-Samsung%26utm_source%3Demail%26conv_source%3Dzeta

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.16.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7189f3f6d4247d581d3bb8a6b65085c2e0ccfae87d6d6ef4178ade2396c0a8af

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth.savings.workingadvantage.com/auth/authorize?subdomain=ivanti&response_type=code&client_id=9ezalirn45mF43imJTdf53&utm_source=email&utm_medium=July-25-2024-Samsung&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&redirect_uri=https%3A%2F%2Fivanti.savings.workingadvantage.com%2Foffers%2F6SZ6y4C0jZhifkn9VakBi5%3Febldr_form%3D2.01%26DLK%3Dcirq6qg2zgxvnkpwrjhm0x49r%26utm_campaign%3Dsamsung-hero-cta%26utm_content%3Dsamsung-hero-cta%26utm_medium%3DJuly-25-2024-Samsung%26utm_source%3Demail%26conv_source%3Dzeta&__cf_chl_rt_tk=g_XqSdoiLRpOeTH6LOUmG6vEN8OTH3kkrLZx5ISCv7M-1721951174-0.0.1.1-8190
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 23:46:14 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8a9007376c03aaf5-SYD
alt-svc: h3=":443"; ma=86400

GET
H3 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/g/2db5e1cc2adc/ 43 KB
15 KB 31ms
12ms Script
application/javascript 104.18.95.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/2db5e1cc2adc/api.js?onload=Vyhu1&render=explicit
Requested by: Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8a9007371b77aaf5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1b5459d6a0d4ca0cdfd93840f0118f3155a982404caf5d096ce99d78f1bfb7e

Request headers

Referer
Origin: https://auth.savings.workingadvantage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 23:46:14 GMT
content-encoding: br
last-modified: Wed, 24 Jul 2024 12:13:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
cross-origin-resource-policy: cross-origin
cf-ray: 8a900737b9f9572f-SYD
alt-svc: h3=":443"; ma=86400

GET
H3 200 favicon.ico
auth.savings.workingadvantage.com/ 10 KB
10 KB 242ms
242ms Image
text/html 104.18.16.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.savings.workingadvantage.com/favicon.ico

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-src .beneplace.com: .workingadvantage.com: .ebgsolutions.com: .demdex.net: .everesttech.net: .adobedtm.com .sc.omtrdc.net .omtrdc.net .qualtrics.com .adobe.com .keen.io .youtube.com .kaltura.com .libertymutual.com challenges.cloudflare.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' .beneplace.com:* .workingadvantage.com: .ebgsolutions.com: .demdex.net: .everesttech.net: .adobedtm.com .sc.omtrdc.net .omtrdc.net .qualtrics.com .adobe.com .keen.io .youtube.com .kaltura.com *.libertymutual.com
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://auth.savings.workingadvantage.com/auth/authorize?subdomain=ivanti&response_type=code&client_id=9ezalirn45mF43imJTdf53&utm_source=email&utm_medium=July-25-2024-Samsung&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&redirect_uri=https%3A%2F%2Fivanti.savings.workingadvantage.com%2Foffers%2F6SZ6y4C0jZhifkn9VakBi5%3Febldr_form%3D2.01%26DLK%3Dcirq6qg2zgxvnkpwrjhm0x49r%26utm_campaign%3Dsamsung-hero-cta%26utm_content%3Dsamsung-hero-cta%26utm_medium%3DJuly-25-2024-Samsung%26utm_source%3Demail%26conv_source%3Dzeta
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 23:46:14 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com challenges.cloudflare.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
last-modified: Thu, 18 Jul 2024 10:50:00 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/html; charset=utf-8
cf-ray: 8a900737ab5baaf9-SYD
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK bf52bd58-edb8-44df-a9d0-b869af45ab89
https://auth.savings.workingadvantage.com/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://auth.savings.workingadvantage.com/bf52bd58-edb8-44df-a9d0-b869af45ab89
Requested by: Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/auth/authorize?subdomain=ivanti&response_type=code&client_id=9ezalirn45mF43imJTdf53&utm_source=email&utm_medium=July-25-2024-Samsung&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&redirect_uri=https%3A%2F%2Fivanti.savings.workingadvantage.com%2Foffers%2F6SZ6y4C0jZhifkn9VakBi5%3Febldr_form%3D2.01%26DLK%3Dcirq6qg2zgxvnkpwrjhm0x49r%26utm_campaign%3Dsamsung-hero-cta%26utm_content%3Dsamsung-hero-cta%26utm_medium%3DJuly-25-2024-Samsung%26utm_source%3Demail%26conv_source%3Dzeta
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

Referer: https://auth.savings.workingadvantage.com/auth/authorize?subdomain=ivanti&response_type=code&client_id=9ezalirn45mF43imJTdf53&utm_source=email&utm_medium=July-25-2024-Samsung&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&redirect_uri=https%3A%2F%2Fivanti.savings.workingadvantage.com%2Foffers%2F6SZ6y4C0jZhifkn9VakBi5%3Febldr_form%3D2.01%26DLK%3Dcirq6qg2zgxvnkpwrjhm0x49r%26utm_campaign%3Dsamsung-hero-cta%26utm_content%3Dsamsung-hero-cta%26utm_medium%3DJuly-25-2024-Samsung%26utm_source%3Demail%26conv_source%3Dzeta
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H3 200 81ddb9aad17f5fb Show response
auth.savings.workingadvantage.com/cdn-cgi/challenge-platform/h/g/flow/ov1/674053437:1721948977:wn3mwSkDMKJjku-ZrG4Easly-1Seutq8xqpqnlpzCc4/8a9007371b77aaf5/ 16 KB
13 KB 34ms
32ms XHR
text/plain 104.18.16.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.savings.workingadvantage.com/cdn-cgi/challenge-platform/h/g/flow/ov1/674053437:1721948977:wn3mwSkDMKJjku-ZrG4Easly-1Seutq8xqpqnlpzCc4/8a9007371b77aaf5/81ddb9aad17f5fb

Requested by

Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8a9007371b77aaf5

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

218ffd94cdfbf4e9f74cd1533ea6dd146dfff305f8fed33498c8132e6cad4e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth.savings.workingadvantage.com/auth/authorize?subdomain=ivanti&response_type=code&client_id=9ezalirn45mF43imJTdf53&utm_source=email&utm_medium=July-25-2024-Samsung&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&redirect_uri=https%3A%2F%2Fivanti.savings.workingadvantage.com%2Foffers%2F6SZ6y4C0jZhifkn9VakBi5%3Febldr_form%3D2.01%26DLK%3Dcirq6qg2zgxvnkpwrjhm0x49r%26utm_campaign%3Dsamsung-hero-cta%26utm_content%3Dsamsung-hero-cta%26utm_medium%3DJuly-25-2024-Samsung%26utm_source%3Demail%26conv_source%3Dzeta
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
CF-Challenge: 81ddb9aad17f5fb
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Jul 2024 23:46:14 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 8a9007385c05aaf9-SYD
alt-svc: h3=":443"; ma=86400
cf-chl-gen: Y4GJTDbEw/jQ3eDcbrKXz8s1zf7gK90VKgzF6AiRUvI98uqYESYinpzFEC5RxPiTQrGnYnw0Ww==$MPYC+ZhvqGxOAQyT

GET
H3 200 /
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8810i/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame DD76 0
0 15ms
13ms Document
text/html 104.18.94.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8810i/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/2db5e1cc2adc/api.js?onload=Vyhu1&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8a900738cc495735-SYD
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jul 2024 23:46:14 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
BLOB 200
OK 0b1f4ac1-c3d9-4010-a7df-1d9e851402ba
https://auth.savings.workingadvantage.com/ 80 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://auth.savings.workingadvantage.com/0b1f4ac1-c3d9-4010-a7df-1d9e851402ba
Requested by: Host: auth.savings.workingadvantage.com
URL: https://auth.savings.workingadvantage.com/auth/authorize?subdomain=ivanti&response_type=code&client_id=9ezalirn45mF43imJTdf53&utm_source=email&utm_medium=July-25-2024-Samsung&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&redirect_uri=https%3A%2F%2Fivanti.savings.workingadvantage.com%2Foffers%2F6SZ6y4C0jZhifkn9VakBi5%3Febldr_form%3D2.01%26DLK%3Dcirq6qg2zgxvnkpwrjhm0x49r%26utm_campaign%3Dsamsung-hero-cta%26utm_content%3Dsamsung-hero-cta%26utm_medium%3DJuly-25-2024-Samsung%26utm_source%3Demail%26conv_source%3Dzeta
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3418640c1204265881221580b9d1554424f6ed49549d408da50c690ab29f400

Request headers

Referer: https://auth.savings.workingadvantage.com/auth/authorize?subdomain=ivanti&response_type=code&client_id=9ezalirn45mF43imJTdf53&utm_source=email&utm_medium=July-25-2024-Samsung&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&redirect_uri=https%3A%2F%2Fivanti.savings.workingadvantage.com%2Foffers%2F6SZ6y4C0jZhifkn9VakBi5%3Febldr_form%3D2.01%26DLK%3Dcirq6qg2zgxvnkpwrjhm0x49r%26utm_campaign%3Dsamsung-hero-cta%26utm_content%3Dsamsung-hero-cta%26utm_medium%3DJuly-25-2024-Samsung%26utm_source%3Demail%26conv_source%3Dzeta
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 80
Content-Type: text/javascript

GET
H3 200 favicon.ico
auth.savings.workingadvantage.com/ 10 KB
0 0ms
0ms Other
text/html 104.18.16.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.savings.workingadvantage.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

264d2804f2995d0e8acb83aaa9b526dbed46b662b748a2d257b14abb32a758ae

Security Headers

Name	Value
Content-Security-Policy	frame-src .beneplace.com: .workingadvantage.com: .ebgsolutions.com: .demdex.net: .everesttech.net: .adobedtm.com .sc.omtrdc.net .omtrdc.net .qualtrics.com .adobe.com .keen.io .youtube.com .kaltura.com .libertymutual.com challenges.cloudflare.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' .beneplace.com:* .workingadvantage.com: .ebgsolutions.com: .demdex.net: .everesttech.net: .adobedtm.com .sc.omtrdc.net .omtrdc.net .qualtrics.com .adobe.com .keen.io .youtube.com .kaltura.com *.libertymutual.com
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://auth.savings.workingadvantage.com/auth/authorize?subdomain=ivanti&response_type=code&client_id=9ezalirn45mF43imJTdf53&utm_source=email&utm_medium=July-25-2024-Samsung&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&redirect_uri=https%3A%2F%2Fivanti.savings.workingadvantage.com%2Foffers%2F6SZ6y4C0jZhifkn9VakBi5%3Febldr_form%3D2.01%26DLK%3Dcirq6qg2zgxvnkpwrjhm0x49r%26utm_campaign%3Dsamsung-hero-cta%26utm_content%3Dsamsung-hero-cta%26utm_medium%3DJuly-25-2024-Samsung%26utm_source%3Demail%26conv_source%3Dzeta
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 23:46:14 GMT
content-security-policy: frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com challenges.cloudflare.com 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Thu, 18 Jul 2024 10:50:00 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/html; charset=utf-8
cf-ray: 8a900737ab5baaf9-SYD
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/events/1/NRJS-2ebdf5b38afbaafd48e?a=1120218725&sa=1&v=1.239.1&t=Unnamed%20Transaction&rst=4011&ck=0&s=991d1dc0cf7071a9&ref=https://ivanti.savings.workingadvantage.com/

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.workingadvantage.com/	1970-01-20 22:19:12	Name: __cf_bm Value: nJtUEO47ZTHJfnHCJiAE3nm8jhgIdh3QKIic8FH2Q8k-1721951171-1.0.1.1-sV5xWAUM.9_ChRK1JASN1fmPfHHBJCkYR1.6NrC7vFZ3JAEVZJaNAYtilIf.3lINhj0ATk5HZBPPSLvqnzljWQ
.workingadvantage.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 7K_jDRViYaONrOHSnfe6UzMJb.dqRc2N17LcmluOgnM-1721951171409-0.0.1.1-604800000
.workingadvantage.com/	1970-01-21 07:55:11	Name: _ga Value: GA1.2.2047781431.1721951172
.workingadvantage.com/	1970-01-20 22:20:37	Name: _gid Value: GA1.2.1161490962.1721951173
.workingadvantage.com/	1970-01-20 22:19:11	Name: _gat_UA-2876877-9 Value: 1
.workingadvantage.com/	1970-01-21 07:04:47	Name: cf_clearance Value: qLQZL8v8pKecL9GDZSSPju4YAk0_Ht5fRkPIO462mm8-1721951173-1.0.1.1-pGYR7_J_Vy1Gt.TvL_BOATV9aLp8308VJ.xHKhrpGzNk5MFXUlts.Frg0zwjb63Gww_T1G8UgX49huWrN8ZXkQ
.workingadvantage.com/	1970-01-21 07:55:11	Name: _ga_2K753Z6D0L Value: GS1.2.1721951173.1.1.1721951173.0.0.0
.workingadvantage.com/	1970-01-21 07:55:11	Name: _ga_FD2X5ZMELR Value: GS1.1.1721951172.1.0.1721951174.0.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ivanti.savings.workingadvantage.com/api/known/dlk-compare?guid=cirq6qg2zgxvnkpwrjhm0x49r Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://auth.savings.workingadvantage.com/auth/authorize?subdomain=ivanti&response_type=code&client_id=9ezalirn45mF43imJTdf53&utm_source=email&utm_medium=July-25-2024-Samsung&utm_campaign=samsung-hero-cta&utm_content=samsung-hero-cta&redirect_uri=https%3A%2F%2Fivanti.savings.workingadvantage.com%2Foffers%2F6SZ6y4C0jZhifkn9VakBi5%3Febldr_form%3D2.01%26DLK%3Dcirq6qg2zgxvnkpwrjhm0x49r%26utm_campaign%3Dsamsung-hero-cta%26utm_content%3Dsamsung-hero-cta%26utm_medium%3DJuly-25-2024-Samsung%26utm_source%3Demail%26conv_source%3Dzeta Message: Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-src .beneplace.com: .workingadvantage.com: .ebgsolutions.com: .demdex.net: .everesttech.net: .adobedtm.com .sc.omtrdc.net .omtrdc.net .qualtrics.com .adobe.com .keen.io .youtube.com .kaltura.com .libertymutual.com challenges.cloudflare.com 'unsafe-inline' 'unsafe-eval' frame-ancestors 'self' .beneplace.com:* .workingadvantage.com: .ebgsolutions.com: .demdex.net: .everesttech.net: .adobedtm.com .sc.omtrdc.net .omtrdc.net .qualtrics.com .adobe.com .keen.io .youtube.com .kaltura.com *.libertymutual.com
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
auth.savings.workingadvantage.com
bam.nr-data.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
challenges.cloudflare.com
e.email.workingadvantage.com
fonts.gstatic.com
ivanti.savings.workingadvantage.com
js-agent.newrelic.com
maps.googleapis.com
wag3.savings.workingadvantage.com
www.google-analytics.com
www.googletagmanager.com
bam.nr-data.net
104.17.25.14
104.18.16.216
104.18.94.41
104.18.95.41
142.250.66.110
142.251.222.195
151.101.129.229
162.247.243.29
162.247.243.39
172.217.167.74
172.217.24.40
23.55.11.47
96.47.20.26
00facad439dc5713052a85c97ea462ffd397305fe876ecec1e7c2b6045081677
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
170287bbbfc14739c9b3aa6ce30abb0669d418f01118028f4b06c198fdbdde1d
218ffd94cdfbf4e9f74cd1533ea6dd146dfff305f8fed33498c8132e6cad4e32
264d2804f2995d0e8acb83aaa9b526dbed46b662b748a2d257b14abb32a758ae
2b93f425b2b4716274b4d379fa45a6ee78ecffa8a56eb73b1451a02d4c38d40a
2d01e02062c20ef3143004420c0ab5487a7e80992959c05abd7771e2b9d554ea
2d79eba9fed78c62128eb6805bfcaeab86806a795177cb8c1b581923f16c2b4d
387006aa5244bfc36ba4019bb75934c47e9666c4ff9a92e20ba21b52fba29202
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
4f38141aa44e94f18b8a6169d2dace200f71c72f822456b2c8fa2d7d80c5fbaf
5cfc3f3713b33443b41b23c86118231cfd4d92829c1e6ca39ac9b323b1b170c1
6a3375cf40316f4f32450a821eea1df64bf0de1ac4a9304828a89c38e455e226
6d24f6f1341e8448bd7322d54eeab6013a646a6d00fa3cb078c54f29d352a83e
7189f3f6d4247d581d3bb8a6b65085c2e0ccfae87d6d6ef4178ade2396c0a8af
74effdf41f41c2986e2cc4763417d3831076632357e4e2cb60c2e0f0dd7e3c29
774f8dab811e94cf77ff63f40b726c7773c49311c95723b338f473ddaec01a54
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8382011628070547c8c21a3b9848baf7101dd987f31d9eba0d1a833a9ca37c12
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
889400be70a8ed911d67aa43a14fb97973de76e03724d4c82c002e25a168ecad
90e76d97d19465bb3b2bd5fbdaa93518630280f5f64d785b90a96014aa6cd7b3
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
97e0a80f7297b9cb7260a1ce3d02ea73fdbf048ea86ca36ee6ff5739f9d0d755
9aa7e8bf3c468e0d954e14dd1fcf358bb3bf1bc43432c7592330e2a0b424c43d
9af85b217a4af6f4e39d1de22bc6fbafa56266e715e02ae3ad8901c9b1235574
b017bfb984b00d66e38ede36599b6c5650d3bed3011fc37a6ff5f041b1aa1a8b
b1b5459d6a0d4ca0cdfd93840f0118f3155a982404caf5d096ce99d78f1bfb7e
bc49c009b33e66a59f057cf4ada682b80d4401d919ddf0f8d3ef2bb0415f0b23
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
c5135057d3089a6b70e2655bb8474152f126ba812de365a75f09263cac572412
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbb3c795fd44c83a1200149b18e0df050fe228df4b5b03891373029117d8bd6b
cdaf31a1071286676944848c1e53c284a611e39473e322a75caf358b1b24e19d
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0
dca642b6c28a854ba1614e67bc09527468b0fb563f7cfd41d215d7142a363eb5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3418640c1204265881221580b9d1554424f6ed49549d408da50c690ab29f400
fc1632a8200468ed5c029f578c9e977251a3ea0e46c2d361d3cfe55487b8f750
fc2a0462413435253c1d881e19031d9974b3aec9e6528fd0c74197f4bb4739c5
fe3908a6d2b7668530e1bec0afcf8e8173d3c4fa50eb2bf0af7848766917a344

auth.savings.workingadvantage.com Open in urlscan Pro 104.18.16.216 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

90 %HTTPS

0 %IPv6

10 Domains

14 Subdomains

13 IPs

3 Countries

2004 kBTransfer

8255 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

auth.savings.workingadvantage.com Open in urlscan Pro
104.18.16.216 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

90 %
HTTPS

0 %
IPv6

10
Domains

14
Subdomains

13
IPs

3
Countries

2004 kB
Transfer

8255 kB
Size

8
Cookies

49 HTTP transactions
1 data transactions