urlscan.io logo urlscan.io
SecurityTrails logo

msgs.workhealthgroup.com.au Open in urlscan Pro
13.55.47.153  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://msgs.workhealthgroup.com.au/s/0Rl4XwJG
Effective URL: http://msgs.workhealthgroup.com.au/portal/richmessage/0Rl4XwJG/v.prtl
Submission: On February 06 via manual from JP — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 11 domains to perform 31 HTTP transactions. The main IP is 13.55.47.153, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is msgs.workhealthgroup.com.au.
This is the only time msgs.workhealthgroup.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 13.55.47.153 16509 (AMAZON-02)
10 18.67.111.107 16509 (AMAZON-02)
1 54.231.228.112 16509 (AMAZON-02)
2 142.251.221.74 15169 (GOOGLE)
2 142.250.204.10 15169 (GOOGLE)
1 13.224.181.128 16509 (AMAZON-02)
1 142.251.221.67 15169 (GOOGLE)
3 142.250.71.78 15169 (GOOGLE)
3 142.250.66.227 15169 (GOOGLE)
2 142.251.175.157 15169 (GOOGLE)
1 142.250.204.8 15169 (GOOGLE)
1 172.217.167.100 15169 (GOOGLE)
2 172.217.24.35 15169 (GOOGLE)
1 216.239.34.181 15169 (GOOGLE)
31 14
2    13.55.47.153 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-55-47-153.ap-southeast-2.compute.amazonaws.com
msgs.workhealthgroup.com.au
10    18.67.111.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-107.syd62.r.cloudfront.net
cdn-au.whispir.com
1    54.231.228.112 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
2    142.251.221.74 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f10.1e100.net
ajax.googleapis.com
2    142.250.204.10 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f10.1e100.net
fonts.googleapis.com
1    13.224.181.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-128.syd1.r.cloudfront.net
cdn-it.whispir.it
1    142.251.221.67 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f3.1e100.net
fonts.gstatic.com
3    142.250.71.78 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f14.1e100.net
www.google-analytics.com
3    142.250.66.227 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f3.1e100.net
fonts.gstatic.com
2    142.251.175.157 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f157.1e100.net
stats.g.doubleclick.net
1    142.250.204.8 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f8.1e100.net
www.googletagmanager.com
1    172.217.167.100 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f4.1e100.net
www.google.com
2    172.217.24.35 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f35.1e100.net
www.google.com.au
1    216.239.34.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
Apex Domain
Subdomains		 Transfer
10 whispir.com
cdn-au.whispir.com
103 KB
4 gstatic.com
fonts.gstatic.com
96 KB
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 369
fonts.googleapis.com — Cisco Umbrella Rank: 28
73 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 google.com.au
www.google.com.au — Cisco Umbrella Rank: 29183
515 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 154
670 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
417 B
2 workhealthgroup.com.au
msgs.workhealthgroup.com.au
15 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
82 KB
1 whispir.it
cdn-it.whispir.it
131 KB
1 amazonaws.com
s3.amazonaws.com
11 KB
31 11
Domain Requested by
10 cdn-au.whispir.com msgs.workhealthgroup.com.au
4 fonts.gstatic.com fonts.googleapis.com
3 www.google-analytics.com msgs.workhealthgroup.com.au
www.google-analytics.com
2 www.google.com.au
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 fonts.googleapis.com cdn-au.whispir.com
ajax.googleapis.com
2 ajax.googleapis.com msgs.workhealthgroup.com.au
2 msgs.workhealthgroup.com.au 1 redirects
1 analytics.google.com www.googletagmanager.com
1 www.google.com
1 www.googletagmanager.com www.google-analytics.com
1 cdn-it.whispir.it msgs.workhealthgroup.com.au
1 s3.amazonaws.com msgs.workhealthgroup.com.au
31 13

This site contains no links.

Subject Issuer Validity Valid
*.whispir.com
Amazon RSA 2048 M02		 2023-03-19 -
2024-04-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.whispir.it
Amazon RSA 2048 M02		 2023-12-01 -
2024-12-29		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://msgs.workhealthgroup.com.au/portal/richmessage/0Rl4XwJG/v.prtl
Frame ID: 7FAEC025F3C420032B08DB60962C53D9
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://msgs.workhealthgroup.com.au/s/0Rl4XwJG HTTP 302
    http://msgs.workhealthgroup.com.au/portal/richmessage/0Rl4XwJG/v.prtl Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

31
Requests

68 %
HTTPS

0 %
IPv6

11
Domains

13
Subdomains

14
IPs

2
Countries

533 kB
Transfer

1047 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://msgs.workhealthgroup.com.au/s/0Rl4XwJG HTTP 302
    http://msgs.workhealthgroup.com.au/portal/richmessage/0Rl4XwJG/v.prtl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 22
  • http://www.google-analytics.com/collect?v=1&_v=j101&a=783670443&t=pageview&_s=2&dl=http%3A%2F%2Fmsgs.workhealthgroup.com.au%2Fportal%2Frichmessage%2F0Rl4XwJG%2Fv.prtl&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=richmessage&cs=richmessage&cm=richmessage&_u=YEBAAEABAAAAACAAI~&jid=&gjid=&cid=233426206.1707257417&tid=UA-7856627-24&_gid=1994867308.1707257417&z=1855973878 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j101&a=783670443&t=pageview&_s=2&dl=http%3A%2F%2Fmsgs.workhealthgroup.com.au%2Fportal%2Frichmessage%2F0Rl4XwJG%2Fv.prtl&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=richmessage&cs=richmessage&cm=richmessage&_u=YEBAAEABAAAAACAAI~&jid=&gjid=&cid=233426206.1707257417&tid=UA-7856627-24&_gid=1994867308.1707257417&z=1855973878

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request v.prtl
msgs.workhealthgroup.com.au/portal/richmessage/0Rl4XwJG/
Redirect Chain
  • http://msgs.workhealthgroup.com.au/s/0Rl4XwJG
  • http://msgs.workhealthgroup.com.au/portal/richmessage/0Rl4XwJG/v.prtl
66 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://msgs.workhealthgroup.com.au/portal/richmessage/0Rl4XwJG/v.prtl
Protocol
HTTP/1.1
Server
13.55.47.153 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-55-47-153.ap-southeast-2.compute.amazonaws.com
Software
Apache / JSP/2.2
Resource Hash
a05c2213cc57ec1a06e8158f6efcb7248975c825df5e5cfd4b70f98310e61829

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Language
en-AU
Content-Length
14392
Content-Type
text/html;charset=UTF-8
Date
Tue, 06 Feb 2024 22:10:15 GMT
Expires
Tue, 06 Feb 2024 22:10:15 GMT
Server
Apache
Vary
Accept-Encoding
X-Powered-By
JSP/2.2

Redirect headers

Cache-Control
max-age=0
Connection
keep-alive
Content-Length
0
Date
Tue, 06 Feb 2024 22:10:15 GMT
Expires
Tue, 06 Feb 2024 22:10:15 GMT
Location
http://msgs.workhealthgroup.com.au/portal/richmessage/0Rl4XwJG/v.prtl
Server
Apache
style.css
cdn-au.whispir.com/jsp/portal/themes/rpm/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-au.whispir.com/jsp/portal/themes/rpm/css/style.css
Requested by
Host: msgs.workhealthgroup.com.au
URL: http://msgs.workhealthgroup.com.au/portal/richmessage/0Rl4XwJG/v.prtl
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-107.syd62.r.cloudfront.net
Software
Apache /
Resource Hash
d87e001ce378339b7bfdd24b2df1622cd98273a371cd27e5a8636322d61fab6e
Security Headers
Name Value
Strict-Transport-Security max-age=1800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://msgs.workhealthgroup.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=1800; includeSubDomains
Content-Encoding
gzip
Via
1.1 26cfb3bc5100503427ae192845c72eca.cloudfront.net (CloudFront), 1.1 f993a09ee51fef62e3d92f6802c130d4.cloudfront.net (CloudFront)
Date
Tue, 06 Feb 2024 18:17:14 GMT
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
SYD1-C1, SYD62-P2
Age
13981
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1336
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 29 Jan 2024 00:26:52 GMT
Server
Apache
ETag
"184a-6100ab3c4cb00-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=28800
Accept-Ranges
bytes
X-Amz-Cf-Id
soEuYyV3QwyFFw8TJqxPfR3hLi2ieuvbnSognumv5ljuNqMeun0kDQ==
Expires
Wed, 07 Feb 2024 02:17:14 GMT
jquery-1.8.2.min.js
cdn-au.whispir.com/jsp/portal/js/libs/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-au.whispir.com/jsp/portal/js/libs/jquery-1.8.2.min.js
Requested by
Host: msgs.workhealthgroup.com.au
URL: http://msgs.workhealthgroup.com.au/portal/richmessage/0Rl4XwJG/v.prtl
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-107.syd62.r.cloudfront.net
Software
Apache /
Resource Hash
79ea5004cb3eb74267af1d136f0db726cd3ed816da49012f653c9ce6640cc952
Security Headers
Name Value
Strict-Transport-Security max-age=1800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://msgs.workhealthgroup.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=1800; includeSubDomains
Content-Encoding
gzip
Via
1.1 f59bca6f088aed7c4e862f051be29532.cloudfront.net (CloudFront), 1.1 df166554184adf2da43f53000107ac74.cloudfront.net (CloudFront)
Date
Tue, 06 Feb 2024 21:40:36 GMT
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
SYD1-C1, SYD62-P2
Age
1791
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
33379
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 29 Jan 2024 00:26:52 GMT
Server
Apache
ETag
"16cf8-6100ab3c4cb00-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=28800
Accept-Ranges
bytes
X-Amz-Cf-Id
J_UHtW30_n9GG1BODM-TAaCSEfWsdsuWA-pUXvDhGtnzVBndaqgWHQ==
Expires
Wed, 07 Feb 2024 05:40:24 GMT
jquery.autosize-min.js
cdn-au.whispir.com/jsp/portal/js/libs/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-au.whispir.com/jsp/portal/js/libs/jquery.autosize-min.js
Requested by
Host: msgs.workhealthgroup.com.au
URL: http://msgs.workhealthgroup.com.au/portal/richmessage/0Rl4XwJG/v.prtl
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-107.syd62.r.cloudfront.net
Software
Apache /
Resource Hash
c89f6d81ab5f8b1bad380c736f441da65e2912d073244f927f4b149a3940afe3
Security Headers
Name Value
Strict-Transport-Security max-age=1800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://msgs.workhealthgroup.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=1800; includeSubDomains
Content-Encoding
gzip
Via
1.1 7a7cbcc9a496cf341e54c90ad14e02d4.cloudfront.net (CloudFront), 1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
Date
Tue, 06 Feb 2024 18:17:14 GMT
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
SYD1-C1, SYD62-P2
Age
14033
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1032
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 29 Jan 2024 00:26:52 GMT
Server
Apache
ETag
"7b8-6100ab3c4cb00-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=28800
Accept-Ranges
bytes
X-Amz-Cf-Id
gCUMhkr_hMlWDFAKj_Vig9Kkq-qqSNoQr-DSM3dtgAdCtJ7DMV2FUQ==
Expires
Wed, 07 Feb 2024 02:16:22 GMT
underscore.js
cdn-au.whispir.com/jsp/common/framework/libs/underscore/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-au.whispir.com/jsp/common/framework/libs/underscore/underscore.js
Requested by
Host: msgs.workhealthgroup.com.au
URL: http://msgs.workhealthgroup.com.au/portal/richmessage/0Rl4XwJG/v.prtl
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-107.syd62.r.cloudfront.net
Software
Apache /
Resource Hash
9a5817f7577a26d172a3da7e844043b9f7a56e664cbaaa5d90d73a736585f72b
Security Headers
Name Value
Strict-Transport-Security max-age=1800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://msgs.workhealthgroup.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=1800; includeSubDomains
Content-Encoding
gzip
Via
1.1 f865f1be74e5f717fcfbc68b80767134.cloudfront.net (CloudFront), 1.1 899497b8fe71995dd517601bf8d5f77a.cloudfront.net (CloudFront)
Date
Tue, 06 Feb 2024 15:03:58 GMT
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
SYD1-C1, SYD62-P2
Age
25577
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
10895
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 29 Jan 2024 00:26:52 GMT
Server
Apache
ETag
"a5f7-6100ab3c4cb00-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=28800
Accept-Ranges
bytes
X-Amz-Cf-Id
gyS5uT5X_kZl_WNizZjke8J4FaD_gfJ2mZ0pjXSSowd_AdJsFIzgvg==
Expires
Tue, 06 Feb 2024 23:03:58 GMT
v1.6.js
s3.amazonaws.com/content.whispir.com/public/template/lib/plugins/ 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s3.amazonaws.com/content.whispir.com/public/template/lib/plugins/v1.6.js
Requested by
Host: msgs.workhealthgroup.com.au
URL: http://msgs.workhealthgroup.com.au/portal/richmessage/0Rl4XwJG/v.prtl
Protocol
HTTP/1.1
Server
54.231.228.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8ce64a9bf1853d46c9c2a9e3e6ab8179ad7eea7d31e6c615ac0f78cd2aa83fe2

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://msgs.workhealthgroup.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Tue, 06 Feb 2024 22:10:17 GMT
Last-Modified
Thu, 16 Nov 2023 03:59:31 GMT
Server
AmazonS3
x-amz-request-id
NKN44NNKVG8GR4WS
ETag
"2e0079bcab6eb66bb53fbf228251eefa"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
10583
x-amz-id-2
Drg+B0pDqrFWkJcJpB3K8zUPFFIgY8ULB/v8vg5BXGvRNbRqm+gWowC9lYbkolMKtxIwLeoKrPE=
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.11.0/ 		232 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jqueryui/1.11.0/jquery-ui.min.js
Requested by
Host: msgs.workhealthgroup.com.au
URL: http://msgs.workhealthgroup.com.au/portal/richmessage/0Rl4XwJG/v.prtl
Protocol
HTTP/1.1
Server
142.251.221.74 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f10.1e100.net
Software
sffe /
Resource Hash
94217ee7990c505fb77ceff70625ee8b87a250a7109adafb79c29278b543c484
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://msgs.workhealthgroup.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Fri, 02 Feb 2024 22:54:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
342944
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
63638
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sat, 01 Feb 2025 22:54:31 GMT
8832a901dd53ed731e4c5fbb4dbc9652519.jpg
cdn-au.whispir.com/public/resources/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-au.whispir.com/public/resources/8832a901dd53ed731e4c5fbb4dbc9652519.jpg
Requested by
Host: msgs.workhealthgroup.com.au
URL: http://msgs.workhealthgroup.com.au/portal/richmessage/0Rl4XwJG/v.prtl
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-107.syd62.r.cloudfront.net
Software
Apache /
Resource Hash
34bc38c7127c2b7cbb44811adb51d50339c4614b9565b987dc946592c46c184c
Security Headers
Name Value
Strict-Transport-Security max-age=1800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://msgs.workhealthgroup.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=1800; includeSubDomains
Via
1.1 ff9e105aa8810f98f1f8f9ec61929886.cloudfront.net (CloudFront), 1.1 74ae22067fef6f6228fb9f864f22f58a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Date
Tue, 06 Feb 2024 02:32:26 GMT
X-Amz-Cf-Pop
SYD1-C1, SYD62-P2
Age
70669
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
16784
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 08 Oct 2019 01:07:08 GMT
Server
Apache
ETag
"4190-5945bc98dc700"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
X-Amz-Cf-Id
ge4_xsxJo7r-Vrxzp6GOMQOUbZor-ykJonQBs173Ko9B54fUf43dxg==
Expires
Wed, 07 Feb 2024 02:32:26 GMT
default-component_level-styles.css
cdn-au.whispir.com/create/ 		11 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-au.whispir.com/create/default-component_level-styles.css
Requested by
Host: msgs.workhealthgroup.com.au
URL: http://msgs.workhealthgroup.com.au/portal/richmessage/0Rl4XwJG/v.prtl
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-107.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37b9a0a30eff61a4c4b949f35d751f15923b34e31199610e354fec85e5f50e30

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://msgs.workhealthgroup.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Tue, 06 Feb 2024 22:10:16 GMT
Content-Encoding
Via
1.1 d3f1182213e75f053a9e7404f079d540.cloudfront.net (CloudFront)
Last-Modified
Fri, 16 Mar 2018 05:20:26 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SYD62-P2
ETag
"f86e79f2ec6c721be75c6583ec36a503"
Vary
Accept-Encoding
X-Cache
RefreshHit from cloudfront
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11418
X-Amz-Cf-Id
KsQADvFxYSronNm-Uzr90RZeZOv8RdzWASyUkgFt7pasO2Za-miikw==
home.png
cdn-au.whispir.com/jsp/portal/themes/rpm/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-au.whispir.com/jsp/portal/themes/rpm/img/home.png
Requested by
Host: msgs.workhealthgroup.com.au
URL: http://msgs.workhealthgroup.com.au/portal/richmessage/0Rl4XwJG/v.prtl
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-107.syd62.r.cloudfront.net
Software
Apache /
Resource Hash
29adbe52e674a5f901236c0f2b7c611bb965b41128e675a9fb3aa71f5fc49706
Security Headers
Name Value
Strict-Transport-Security max-age=1800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://msgs.workhealthgroup.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Tue, 06 Feb 2024 02:31:10 GMT
Via
1.1 b798288227eabcd45c0b7368df2cc344.cloudfront.net (CloudFront), 1.1 df166554184adf2da43f53000107ac74.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1800; includeSubDomains
X-Amz-Cf-Pop
SYD1-C1, SYD62-P2
Age
70745
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
3979
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 29 Jan 2024 00:26:52 GMT
Server
Apache
ETag
"f8b-6100ab3c4cb00"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
X-Amz-Cf-Id
ZC5oJ81-Sbi6RjnrkIbGp-TO6JUPCeiof6wQ3gZwEtgW5tQ62dF4Rw==
Expires
Wed, 07 Feb 2024 02:31:10 GMT
respond.png
cdn-au.whispir.com/jsp/portal/themes/rpm/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-au.whispir.com/jsp/portal/themes/rpm/img/respond.png
Requested by
Host: msgs.workhealthgroup.com.au
URL: http://msgs.workhealthgroup.com.au/portal/richmessage/0Rl4XwJG/v.prtl
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-107.syd62.r.cloudfront.net
Software
Apache /
Resource Hash
ec302a79616290db97ebda0feeb0862f7531befa3d26291a06581e43ba28f468
Security Headers
Name Value
Strict-Transport-Security max-age=1800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://msgs.workhealthgroup.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=1800; includeSubDomains
Via
1.1 1c8c09a2d2295d49b2248ce893dbb6c6.cloudfront.net (CloudFront), 1.1 df166554184adf2da43f53000107ac74.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Date
Tue, 06 Feb 2024 10:30:14 GMT
X-Amz-Cf-Pop
SYD1-C1, SYD62-P2
Age
42001
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1904
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 29 Jan 2024 00:26:52 GMT
Server
Apache
ETag
"770-6100ab3c4cb00"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
X-Amz-Cf-Id
9h3RSrDIL7_oh0RF10LROeO-31sONw-TgfG5H7YAZCL6Q5wR6_jn6w==
Expires
Wed, 07 Feb 2024 10:30:14 GMT
comment.png
cdn-au.whispir.com/jsp/portal/themes/rpm/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-au.whispir.com/jsp/portal/themes/rpm/img/comment.png
Requested by
Host: msgs.workhealthgroup.com.au
URL: http://msgs.workhealthgroup.com.au/portal/richmessage/0Rl4XwJG/v.prtl
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-107.syd62.r.cloudfront.net
Software
Apache /
Resource Hash
809b0bd38eb3ce9b3262f643e0ea3ff86e19a444400d0add4a127e03de367d70
Security Headers
Name Value
Strict-Transport-Security max-age=1800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://msgs.workhealthgroup.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=1800; includeSubDomains
Via
1.1 e677c49086c9d85b00b0230e47b36ec0.cloudfront.net (CloudFront), 1.1 df166554184adf2da43f53000107ac74.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Date
Tue, 06 Feb 2024 08:30:57 GMT
X-Amz-Cf-Pop
SYD1-C1, SYD62-P2
Age
49167
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1846
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 29 Jan 2024 00:26:52 GMT
Server
Apache
ETag
"736-6100ab3c4cb00"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
X-Amz-Cf-Id
g3PTUVR4V79fWvbZg6L03zr0U2E2_RJq82kMLqT5c2uGbNA0DZsIlA==
Expires
Wed, 07 Feb 2024 08:30:48 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: msgs.workhealthgroup.com.au
URL: http://msgs.workhealthgroup.com.au/portal/richmessage/0Rl4XwJG/v.prtl
Protocol
HTTP/1.1
Server
142.251.221.74 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f10.1e100.net
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://msgs.workhealthgroup.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 02:11:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
331108
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
5437
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sun, 02 Feb 2025 02:11:48 GMT
css
fonts.googleapis.com/ 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Requested by
Host: cdn-au.whispir.com
URL: https://cdn-au.whispir.com/create/default-component_level-styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f10.1e100.net
Software
ESF /
Resource Hash
33a96f4d1f03d358709f3f9118ed6640145d54062ad7f6ee768208c4d4111dfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-au.whispir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Feb 2024 22:10:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 06 Feb 2024 21:50:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Feb 2024 22:10:16 GMT
5004437423fa20236779c2c78c399198b5415.png
cdn-it.whispir.it/public/resources/ 		130 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-it.whispir.it/public/resources/5004437423fa20236779c2c78c399198b5415.png
Requested by
Host: msgs.workhealthgroup.com.au
URL: http://msgs.workhealthgroup.com.au/portal/richmessage/0Rl4XwJG/v.prtl
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-128.syd1.r.cloudfront.net
Software
Apache /
Resource Hash
1e5a170021719e3d2c77a7d8479bced9e64d1335d2ef30afa17ff7f04c6b8b63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://msgs.workhealthgroup.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Tue, 06 Feb 2024 00:18:04 GMT
Via
1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront), 1.1 7deef1b127ef20298bc2b899e7c84e4a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Amz-Cf-Pop
SYD62-P1, SYD1-C2
Age
78732
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
133382
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 02 Dec 2015 23:32:37 GMT
Server
Apache
ETag
"20906-525f2b080e886"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
X-Amz-Cf-Id
yeNko8m2ox3yG1qqwj13vxODcGdFJ3arJ5a_TmTfHMjPxDJdIgyVyw==
Expires
Wed, 07 Feb 2024 00:18:04 GMT
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
HTTP/1.1
Server
142.250.204.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f10.1e100.net
Software
ESF /
Resource Hash
6300a3b2235e8f73c46b9cbf1baa0a967b39b794b8723ceb9b2b9f83353230a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://msgs.workhealthgroup.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Tue, 06 Feb 2024 22:10:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Tue, 06 Feb 2024 22:10:16 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Tue, 06 Feb 2024 22:10:16 GMT
marker.png
cdn-au.whispir.com/create/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-au.whispir.com/create/images/marker.png
Requested by
Host: msgs.workhealthgroup.com.au
URL: http://msgs.workhealthgroup.com.au/portal/richmessage/0Rl4XwJG/v.prtl
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-107.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
129d4e6aa9cc15d02685d96fec104a3a3c03b439c25d7d3bd6c6d3aed6ba25f6

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://msgs.workhealthgroup.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Tue, 06 Feb 2024 22:10:17 GMT
Content-Encoding
Via
1.1 d3f1182213e75f053a9e7404f079d540.cloudfront.net (CloudFront)
Last-Modified
Wed, 04 Oct 2017 01:10:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SYD62-P2
ETag
"e00be331071e0f0b79d2131d3a0efc10"
X-Cache
Miss from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14905
X-Amz-Cf-Id
l84uaumtK3tAnpu-Ln9tZ2i0h3zEZHzIUdEd3U9o_JGIEeFKQe4TGg==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://msgs.workhealthgroup.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 15:21:39 GMT
x-content-type-options
nosniff
age
24517
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Feb 2025 15:21:39 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: msgs.workhealthgroup.com.au
URL: http://msgs.workhealthgroup.com.au/portal/richmessage/0Rl4XwJG/v.prtl
Protocol
H2
Server
142.250.71.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://msgs.workhealthgroup.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Feb 2024 21:52:42 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1054
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 06 Feb 2024 23:52:42 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin
Protocol
HTTP/1.1
Server
142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://msgs.workhealthgroup.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 02:06:40 GMT
X-Content-Type-Options
nosniff
Age
331416
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
15744
X-XSS-Protection
0
Last-Modified
Wed, 11 May 2022 19:24:48 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sun, 02 Feb 2025 02:06:40 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin
Protocol
HTTP/1.1
Server
142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://msgs.workhealthgroup.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 02:11:20 GMT
X-Content-Type-Options
nosniff
Age
331136
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
15740
X-XSS-Protection
0
Last-Modified
Wed, 11 May 2022 19:24:56 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sun, 02 Feb 2025 02:11:20 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin
Protocol
HTTP/1.1
Server
142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://msgs.workhealthgroup.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 02:02:12 GMT
X-Content-Type-Options
nosniff
Age
331684
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
15860
X-XSS-Protection
0
Last-Modified
Wed, 11 May 2022 19:24:42 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sun, 02 Feb 2025 02:02:12 GMT
collect
www.google-analytics.com/j/ 		16 B
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=783670443&t=event&_s=1&dl=http%3A%2F%2Fmsgs.workhealthgroup.com.au%2Fportal%2Frichmessage%2F0Rl4XwJG%2Fv.prtl&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=richmessage&cs=richmessage&cm=richmessage&ec=richmessage&ea=view&el=UHG%20Manager%20Satisfaction%20Survey&_u=YEBAAEABAAAAACAAI~&jid=1477808388&gjid=188173819&cid=233426206.1707257417&tid=UA-7856627-24&_gid=1994867308.1707257417&_r=1&_slc=1&z=1380794891
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
658335e454cb011be6564d39304e1c016bc21b7aa69c26eb5d66d9baa08b9711
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://msgs.workhealthgroup.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 22:10:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://msgs.workhealthgroup.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j101&a=783670443&t=pageview&_s=2&dl=http%3A%2F%2Fmsgs.workhealthgroup.com.au%2Fportal%2Frichmessage%2F0Rl4XwJG%2Fv.prtl&ul=en-us&de=UTF-8&sd=24-bit&sr...
  • https://www.google-analytics.com/collect?v=1&_v=j101&a=783670443&t=pageview&_s=2&dl=http%3A%2F%2Fmsgs.workhealthgroup.com.au%2Fportal%2Frichmessage%2F0Rl4XwJG%2Fv.prtl&ul=en-us&de=UTF-8&sd=24-bit&s...
35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=783670443&t=pageview&_s=2&dl=http%3A%2F%2Fmsgs.workhealthgroup.com.au%2Fportal%2Frichmessage%2F0Rl4XwJG%2Fv.prtl&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=richmessage&cs=richmessage&cm=richmessage&_u=YEBAAEABAAAAACAAI~&jid=&gjid=&cid=233426206.1707257417&tid=UA-7856627-24&_gid=1994867308.1707257417&z=1855973878
Requested by
Host: msgs.workhealthgroup.com.au
URL: http://msgs.workhealthgroup.com.au/portal/richmessage/0Rl4XwJG/v.prtl
Protocol
H2
Server
142.250.71.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://msgs.workhealthgroup.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 10:18:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
42690
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j101&a=783670443&t=pageview&_s=2&dl=http%3A%2F%2Fmsgs.workhealthgroup.com.au%2Fportal%2Frichmessage%2F0Rl4XwJG%2Fv.prtl&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=richmessage&cs=richmessage&cm=richmessage&_u=YEBAAEABAAAAACAAI~&jid=&gjid=&cid=233426206.1707257417&tid=UA-7856627-24&_gid=1994867308.1707257417&z=1855973878
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
collect
stats.g.doubleclick.net/j/ 		8 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-7856627-24&cid=233426206.1707257417&jid=1477808388&gjid=188173819&_gid=1994867308.1707257417&_u=YEBAAEAAAAAAACAAI~&z=1314553914
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://msgs.workhealthgroup.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 06 Feb 2024 22:10:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://msgs.workhealthgroup.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		231 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8HZZVKPF01&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ba404b6326e4a6496000294efa2a57c638358761856f115e3dfa690622cd26b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://msgs.workhealthgroup.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 22:10:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84053
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Feb 2024 22:10:17 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-7856627-24&cid=233426206.1707257417&jid=1477808388&_u=YEBAAEAAAAAAACAAI~&z=1097549832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://msgs.workhealthgroup.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 22:10:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.au/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-7856627-24&cid=233426206.1707257417&jid=1477808388&_u=YEBAAEAAAAAAACAAI~&z=1097549832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f35.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://msgs.workhealthgroup.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 22:10:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
262 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-8HZZVKPF01&gtm=45je41v0v9123186567za200&_p=1707257416955&_gaz=1&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-us&sr=1600x1200&cid=233426206.1707257417&pscdl=noapi&_eu=ABAI&_s=1&dl=http%3A%2F%2Fmsgs.workhealthgroup.com.au%2Fportal%2Frichmessage%2F0Rl4XwJG%2Fv.prtl&cn=richmessage&cs=richmessage&cm=richmessage&sid=1707257417&sct=1&seg=0&en=view&_fv=1&_ss=1&_ee=1&ep.event_category=richmessage&ep.event_label=UHG%20Manager%20Satisfaction%20Survey&tfd=2135
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8HZZVKPF01&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://msgs.workhealthgroup.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 22:10:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://msgs.workhealthgroup.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8HZZVKPF01&cid=233426206.1707257417&gtm=45je41v0v9123186567za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8HZZVKPF01&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://msgs.workhealthgroup.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 22:10:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://msgs.workhealthgroup.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.au/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8HZZVKPF01&cid=233426206.1707257417&gtm=45je41v0v9123186567za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0&z=23338811
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f35.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://msgs.workhealthgroup.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 22:10:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| _ object| activityData function| sendResponse function| toggleResponseOptions object| Whispir object| WebFontConfig object| WebFont object| radiobuttons string| defaultSelections function| executeMapping29937084 function| formatDate function| getResults29937084 function| addAttachment object| attachments object| $cancelButton string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_tag_manager

5 Cookies

Domain/Path Name / Value
msgs.workhealthgroup.com.au/ Name: JSESSIONID
Value: w8b-d4H9-VdDcd-Tzdw2EdMB.iux11
.workhealthgroup.com.au/ Name: _ga
Value: GA1.3.233426206.1707257417
.workhealthgroup.com.au/ Name: _gid
Value: GA1.3.1994867308.1707257417
.workhealthgroup.com.au/ Name: _gat
Value: 1
.workhealthgroup.com.au/ Name: _ga_8HZZVKPF01
Value: GS1.3.1707257417.1.1.1707257417.60.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
cdn-au.whispir.com
cdn-it.whispir.it
fonts.googleapis.com
fonts.gstatic.com
msgs.workhealthgroup.com.au
s3.amazonaws.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
13.224.181.128
13.55.47.153
142.250.204.10
142.250.204.8
142.250.66.227
142.250.71.78
142.251.175.157
142.251.221.67
142.251.221.74
172.217.167.100
172.217.24.35
18.67.111.107
216.239.34.181
54.231.228.112
129d4e6aa9cc15d02685d96fec104a3a3c03b439c25d7d3bd6c6d3aed6ba25f6
1e5a170021719e3d2c77a7d8479bced9e64d1335d2ef30afa17ff7f04c6b8b63
29adbe52e674a5f901236c0f2b7c611bb965b41128e675a9fb3aa71f5fc49706
33a96f4d1f03d358709f3f9118ed6640145d54062ad7f6ee768208c4d4111dfc
34bc38c7127c2b7cbb44811adb51d50339c4614b9565b987dc946592c46c184c
37b9a0a30eff61a4c4b949f35d751f15923b34e31199610e354fec85e5f50e30
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
6300a3b2235e8f73c46b9cbf1baa0a967b39b794b8723ceb9b2b9f83353230a1
658335e454cb011be6564d39304e1c016bc21b7aa69c26eb5d66d9baa08b9711
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
79ea5004cb3eb74267af1d136f0db726cd3ed816da49012f653c9ce6640cc952
809b0bd38eb3ce9b3262f643e0ea3ff86e19a444400d0add4a127e03de367d70
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ce64a9bf1853d46c9c2a9e3e6ab8179ad7eea7d31e6c615ac0f78cd2aa83fe2
94217ee7990c505fb77ceff70625ee8b87a250a7109adafb79c29278b543c484
9a5817f7577a26d172a3da7e844043b9f7a56e664cbaaa5d90d73a736585f72b
a05c2213cc57ec1a06e8158f6efcb7248975c825df5e5cfd4b70f98310e61829
ba404b6326e4a6496000294efa2a57c638358761856f115e3dfa690622cd26b6
c89f6d81ab5f8b1bad380c736f441da65e2912d073244f927f4b149a3940afe3
d87e001ce378339b7bfdd24b2df1622cd98273a371cd27e5a8636322d61fab6e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec302a79616290db97ebda0feeb0862f7531befa3d26291a06581e43ba28f468
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef