ng.guildcare.com.au Open in urlscan Pro
52.8.115.99 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ng.guildcare.com.au/projectcovid
Submission Tags: falconsandbox
Submission: On February 15 via api (February 15th 2022, 7:12:45 am UTC) from US — Scanned from DE

Summary HTTP 100 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 20 domains to perform 100 HTTP transactions. The main IP is 52.8.115.99, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is ng.guildcare.com.au.
TLS certificate: Issued by R3 on December 15th 2021. Valid for: 3 months.

This is the only time ng.guildcare.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	52.8.115.99 52.8.115.99	16509 (AMAZON-02) (AMAZON-02)
9	2600:9000:223... 2600:9000:223f:fe00:10:6fb5:2700:21	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
4	151.101.0.217 151.101.0.217	54113 (FASTLY) (FASTLY)
3	2606:4700::68... 2606:4700::6811:ba49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d3cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
2	136.143.190.97 136.143.190.97	2639 (ZOHO-AS) (ZOHO-AS)
22	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5705	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:7fab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.222.250.222 52.222.250.222	16509 (AMAZON-02) (AMAZON-02)
11	151.101.14.109 151.101.14.109	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.120.202.204 34.120.202.204	15169 (GOOGLE) (GOOGLE)
1	151.101.128.217 151.101.128.217	54113 (FASTLY) (FASTLY)
12	185.20.209.147 185.20.209.147	41913 (COMPUTERL...) (COMPUTERLINE Computerline)
1	136.143.190.100 136.143.190.100	2639 (ZOHO-AS) (ZOHO-AS)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
100	24

2 52.8.115.99 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-8-115-99.us-west-1.compute.amazonaws.com

ng.guildcare.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:223f:fe00:10:6fb5:2700:21 (United States)

ASN16509 (AMAZON-02, US)

d2s3n99uw51hng.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.0.217 (United States)

ASN54113 (FASTLY, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:ba49 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.143.190.97 (United States)

ASN2639 (ZOHO-AS, US)

forms.zohopublic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5705 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7fab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.250.222 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-222.fra60.r.cloudfront.net

d3r4tb575cotg3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.14.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.202.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.217 (United States)

ASN54113 (FASTLY, US)

vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.20.209.147 (Switzerland)

ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH)

static.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.143.190.100 (United States)

ASN2639 (ZOHO-AS, US)

accounts.zoho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	gstatic.com fonts.gstatic.com www.gstatic.com	1 MB
13	vimeocdn.com i.vimeocdn.com — Cisco Umbrella Rank: 2631 f.vimeocdn.com — Cisco Umbrella Rank: 2731 fresnel.vimeocdn.com — Cisco Umbrella Rank: 2642	421 KB
13	google.com www.google.com — Cisco Umbrella Rank: 2	158 KB
12	zohocdn.com static.zohocdn.com — Cisco Umbrella Rank: 22695	270 KB
11	cloudfront.net d2s3n99uw51hng.cloudfront.net d3r4tb575cotg3.cloudfront.net	2 MB
5	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 1638 vimeo.com — Cisco Umbrella Rank: 1527	32 KB
3	hubspot.com forms.hubspot.com — Cisco Umbrella Rank: 3078 track.hubspot.com — Cisco Umbrella Rank: 2223	3 KB
3	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6210	291 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	3 KB
2	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4381 perf.hsforms.com — Cisco Umbrella Rank: 9306	3 KB
2	zohopublic.com forms.zohopublic.com — Cisco Umbrella Rank: 93455	20 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	guildcare.com.au ng.guildcare.com.au	29 KB
1	zoho.com accounts.zoho.com — Cisco Umbrella Rank: 27385	3 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2042	16 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2019	20 KB
1	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 5006	25 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6342	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 67	445 B
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2180	962 B
100	20

	Domain	Requested by
14	www.gstatic.com	www.google.com www.gstatic.com
13	www.google.com	ng.guildcare.com.au js.hsforms.net www.gstatic.com
12	static.zohocdn.com	forms.zohopublic.com
9	d2s3n99uw51hng.cloudfront.net	ng.guildcare.com.au
8	fonts.gstatic.com	fonts.googleapis.com ng.guildcare.com.au
6	i.vimeocdn.com	player.vimeo.com f.vimeocdn.com
5	f.vimeocdn.com	player.vimeo.com
4	player.vimeo.com	ng.guildcare.com.au
3	js.hsforms.net	ng.guildcare.com.au js.hsforms.net
3	fonts.googleapis.com	ng.guildcare.com.au js.hsforms.net
2	track.hubspot.com
2	fresnel.vimeocdn.com	f.vimeocdn.com
2	d3r4tb575cotg3.cloudfront.net	ng.guildcare.com.au
2	forms.zohopublic.com	ng.guildcare.com.au forms.zohopublic.com
2	www.google-analytics.com	ng.guildcare.com.au www.google-analytics.com
2	ng.guildcare.com.au	ng.guildcare.com.au
1	accounts.zoho.com	forms.zohopublic.com
1	perf.hsforms.com	ng.guildcare.com.au
1	vimeo.com	f.vimeocdn.com
1	forms.hubspot.com	js.hscollectedforms.net
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	forms.hsforms.com	js.hsforms.net
1	www.google.de	ng.guildcare.com.au
1	stats.g.doubleclick.net	www.google-analytics.com
1	js.hs-scripts.com	ng.guildcare.com.au
100	27

This site contains links to these domains. Also see Links.

Domain
medicinesinformation.com.au
www.guilddigital.com.au
www.guildcareng.com.au
www.ppaonline.com.au
d3r4tb575cotg3.cloudfront.net

Subject Issuer	Validity	Valid
ng.guildcare.com.au R3	`2021-12-15` - `2022-03-15`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.vimeo.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-09-15` - `2022-10-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
zohopublic.com R3	`2022-02-05` - `2022-05-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-18` - `2022-06-19`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2022-02-12` - `2022-05-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.zohocdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-30` - `2022-09-30`	a year	crt.sh
*.zoho.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-14` - `2022-05-14`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://ng.guildcare.com.au/projectcovid
Frame ID: 4E4AA35251118EFE0D813467DBAB3AC7
Requests: 38 HTTP requests in this frame

Frame: https://forms.zohopublic.com/guilddigital/form/GuildLinkProjectCOVIDNewUser/formperma/a5lZg3EScS95RNNQQ8DzKTzQFAAOPQcU_JPboecOrZM
Frame ID: E2D6E9E78B7F991E21ECC5B9E2DF83B2
Requests: 15 HTTP requests in this frame

Frame: https://player.vimeo.com/video/668606541?h=65474df25e&badge=0&autopause=0&player_id=0&app_id=58479
Frame ID: 9C5A13A6D5B74C7B4C66C064B7135099
Requests: 6 HTTP requests in this frame

Frame: https://player.vimeo.com/video/669099020?h=bc3390d51f&badge=0&autopause=0&player_id=0&app_id=58479
Frame ID: 9AA2DBE4FC89D5D16ECAACF4D9C7F5E2
Requests: 10 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/v2.js
Frame ID: E4466581A170EE1E8D7BD11542C2FFCE
Requests: 3 HTTP requests in this frame

Frame: https://js.hsforms.net/forms-next/shell-recaptcha
Frame ID: C8E042F11004426417D9329B95C51F5E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9uZy5ndWlsZGNhcmUuY29tLmF1OjQ0Mw..&hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=invisible&badge=inline&cb=fam7ui5nxmjp
Frame ID: C2FD4588EDF61807807AD2417053A25C
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: 5F27B7E9CB4315A02F582D127648122B
Requests: 12 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=invisible&badge=inline&cb=pivqyqq34nq3
Frame ID: E7BCE1D158DA7FEC49F98AB4DC46B5FF
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: BAAABA125805955053AEA890B892B091
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ProjectCOVID | GuildLinkBarsAngle Double Leftangle-downangle-downEnvelopePhoneTimes CircleTimes CircleTimes Circle

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Page Statistics

100
Requests

100 %
HTTPS

63 %
IPv6

20
Domains

27
Subdomains

24
IPs

4
Countries

3972 kB
Transfer

9489 kB
Size

12
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://medicinesinformation.com.au/
Title: > Medicines Information

Search URL Search Domain Scan URL

URL: http://www.guilddigital.com.au/
Title: > Guild Digital

Search URL Search Domain Scan URL

URL: http://www.guildcareng.com.au/
Title: log in to GuildCare

Search URL Search Domain Scan URL

URL: https://www.ppaonline.com.au/wp-content/uploads/2022/01/Portal-User-Guide-Locating-your-PPA-Service-Provider-ID.pdf
Title: A

Search URL Search Domain Scan URL

URL: https://www.ppaonline.com.au/wp-content/uploads/2019/01/Portal-User-Guide-Initial-Registration.pdf
Title: Click here if you have not registered with PPA before

Search URL Search Domain Scan URL

URL: https://www.ppaonline.com.au/wp-content/uploads/2019/05/DVA-number-format-factsheet.pdf
Title: Tips on DVA numbers

Search URL Search Domain Scan URL

URL: https://www.ppaonline.com.au/wp-content/uploads/2022/01/CRTCA-Program-FAQs.pdf
Title: Program FAQs

Search URL Search Domain Scan URL

URL: https://www.ppaonline.com.au/wp-content/uploads/2022/01/CRTCA-Consumer-Privacy-and-Consent-Notice-low-ink.pdf
Title: Patient Privacy and Consent Notice

Search URL Search Domain Scan URL

URL: https://www.ppaonline.com.au/programs/covid-19-programs/covid-19-rapid-test-concessional-access
Title: CRTCA Program Homepage

Search URL Search Domain Scan URL

URL: https://www.ppaonline.com.au/wp-content/uploads/2022/01/CRTCA-Program-Rules.pdf
Title: CRTCA Program Rules

Search URL Search Domain Scan URL

URL: https://d3r4tb575cotg3.cloudfront.net/static/ProjectCOVID%20Userguide%20v2.pdf
Title: Download as PDF

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

100 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request projectcovid Show response
ng.guildcare.com.au/ 66 KB
11 KB 1098ms
427ms Document
text/html 52.8.115.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.guildcare.com.au/projectcovid
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.8.115.99 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-115-99.us-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 9d5b184d4932c729aec38cd649b06961cea64aff06d18ca587dbfb57d8bf8d4a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Tue, 15 Feb 2022 07:12:38 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11031
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK style
ng.guildcare.com.au/ 188 KB
18 KB 383ms
383ms Stylesheet
text/css 52.8.115.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.guildcare.com.au/style?site=18975&page=82&version=1.2254&rel=0024
Requested by: Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.8.115.99 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-115-99.us-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b67bf44e7b8499b538dbb08d3cbf19e5e24b1837ed5093b12640c80bc72ae185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/projectcovid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 07:12:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Jan 1970 00:00:00 +0000
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=31536000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 18157

GET
H2 200 viewjs0156.js Show response
d2s3n99uw51hng.cloudfront.net/min/ 317 KB
90 KB 55ms
8ms Script
application/javascript 2600:9000:223f:fe00:10:6fb5:2700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2s3n99uw51hng.cloudfront.net/min/viewjs0156.js
Requested by: Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:fe00:10:6fb5:2700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 833edecc63383a5a773a1ca9a8015c6674e2cd1376d869e5af92de331a994189

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 07:54:16 GMT
content-encoding: gzip
last-modified: Wed, 30 Jun 2021 08:49:54 GMT
server: AmazonS3
age: 15895103
etag: W/"241e5f6cb067024a324ef394c32b7a33"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: XWXmp0aXTMHgg6_kvk11pKcczvyOnwSxYNF7PVOSxGtvuF1XLJu5ag==

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 135ms
49ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700,400italic,700italic%7CRoboto:400,700,400italic,700italic%7CAllerta:400,700,400italic,700italic%7CPoppins:400,700,400italic,700italic

Requested by

Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d6556df2cbdcff6e600fabf4ef13ac7d850552c1a2e2382b3f08ebe31774beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 07:12:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 07:12:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 07:12:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 1003 B
492 B 135ms
49ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins

Requested by

Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

92538185f11c2023bd0a5e7030688eafbbc0e4a71886c2b6e608399f1ec8fb5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 05:53:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 07:12:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 07:12:39 GMT

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 19 KB
7 KB 24ms
6ms Script
application/javascript 151.101.0.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

51b5a1e7190fac54504b07f6db88263acb092aa69400c40fda0100fc5f10e452

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-Varnish-Cache: 0
Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1278
X-Cache: HIT
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Connection: keep-alive
X-VServer: infra-playproxy-b-3
Content-Length: 5968
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4073-HHN
X-Player-Backend: p
Expires: Tue, 15 Feb 2022 07:21:21 GMT
Server: nginx
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Timer: S1644909159.095069,VS0,VE0
Date: Tue, 15 Feb 2022 07:12:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript;charset=utf-8
Via: 1.1 varnish, 1.1 varnish
Vary: Accept-Encoding
X-Vimeo-DC: ge
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache-Hits: 2097

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 568 KB
145 KB 64ms
46ms Script
application/javascript 2606:4700::6811:ba49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ba49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

787d022badd142eb036e75ae72d3a750ab6b51318548ca031541433747fee6c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:39 GMT
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 49
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 04 Feb 2022 01:36:22 UTC
server: cloudflare
etag: W/"2ea56c6d3f9e2e290743211e2ecd17f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QP17a%2BxeVjFSVjZwbo81nMhFZHU5kxjZKIJKqaRn75cfmDr5PuUp89UqJLY3Ltj8hOnCHN%2FHKvNGWpDV1osKU%2BGL7ao6%2FrmFZMSSR1cc3SWbQ4E9b4sKeXZjHlc6Jp1IlKMKrIHQNev%2BD4y6"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: YwwfPGWEpu5cANS1IqlTRhLK9QAbauzz
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6ddcbaa45e6d90fe-FRA
x-amz-cf-id: DE8T1dvtkEzbt2baesB8dgexMmq4X890h62iXC_7bhhbhliECH0CBw==
x-hs-target-asset: FormsNext/static-5.450/bundles/project_with_deps.js

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5865
date: Tue, 15 Feb 2022 05:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 15 Feb 2022 07:34:54 GMT

GET
H2 200 scrollReveal0001.min.js Show response
d2s3n99uw51hng.cloudfront.net/min/ 8 KB
4 KB 51ms
7ms Script
application/javascript 2600:9000:223f:fe00:10:6fb5:2700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2s3n99uw51hng.cloudfront.net/min/scrollReveal0001.min.js
Requested by: Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:fe00:10:6fb5:2700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 425e4ce16418ac80680d227bd317f46665e12886e3e37e034e5dd531b0e2901c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:54:45 GMT
content-encoding: gzip
last-modified: Thu, 14 Jun 2018 01:51:53 GMT
server: AmazonS3
age: 25661875
etag: W/"f92bc882d422ea5da1cc0a0b3d05eed8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: yxFz7x-lLeP554PqU6satoma6dQk5GPXA1c4kKeae8X51DBbkyexyQ==

GET
H2 200 9029087.js Show response
js.hs-scripts.com/ 1 KB
962 B 155ms
137ms Script
application/javascript 2606:4700::6811:d3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/9029087.js
Requested by: Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 679bf58174c8ecbedf1163cc871d1439a4fa99179d9d8f317ae8ae8ef205a396

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
x-hubspot-correlation-id: f3654635-61e7-4910-80d5-1762b696fca4
last-modified: Tue, 15 Feb 2022 07:12:39 GMT
server: cloudflare
x-trace: 2B2AC3B6F7EB4E2ADE906ADFC593624547B21B26E6000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://ng.guildcare.com.au
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6ddcbaa6098792b7-FRA
expires: Tue, 15 Feb 2022 07:13:39 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 46ms
46ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=7454310&t=pageview&_s=1&dl=https%3A%2F%2Fng.guildcare.com.au%2Fprojectcovid&ul=en-us&de=UTF-8&dt=ProjectCOVID%20%7C%20GuildLink&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1185223150&gjid=36492682&cid=204776076.1644909159&tid=UA-91111010-1&_gid=1057320904.1644909159&_r=1&_slc=1&z=1197285239

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ng.guildcare.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 07:12:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ng.guildcare.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 56ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-91111010-1&cid=204776076.1644909159&jid=1185223150&gjid=36492682&_gid=1057320904.1644909159&_u=IEBAAEAAAAAAAC~&z=1415118881

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ng.guildcare.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 15 Feb 2022 07:12:39 GMT
content-type: text/plain
access-control-allow-origin: https://ng.guildcare.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 a5lZg3EScS95RNNQQ8DzKTzQFAAOPQcU_JPboecOrZM Show response
forms.zohopublic.com/guilddigital/form/GuildLinkProjectCOVIDNewUser/formperma/ Frame E2D6 97 KB
19 KB 686ms
356ms Document
text/html 136.143.190.97
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.zohopublic.com/guilddigital/form/GuildLinkProjectCOVIDNewUser/formperma/a5lZg3EScS95RNNQQ8DzKTzQFAAOPQcU_JPboecOrZM

Requested by

Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.143.190.97 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

afb817863e87f387bae94d77b0db46641f9ae8a31091e333a403cbebbc2654eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/

Response headers

Server: ZGS
Date: Tue, 15 Feb 2022 07:12:40 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
vary: accept-encoding
Content-Encoding: gzip
Content-Language: de-DE
Strict-Transport-Security: max-age=63072000

GET
H/1.1 200
OK 668606541 Show response
player.vimeo.com/video/ Frame 9C5A 15 KB
9 KB 135ms
134ms Document
text/html 151.101.0.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/668606541?h=65474df25e&badge=0&autopause=0&player_id=0&app_id=58479

Requested by

Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d3b5f7df2c879f10f0def4475c707d889fc7a860ed809ff91035b48d263610fa

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/

Response headers

Connection: keep-alive
Content-Length: 5504
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires: Tue, 15 Feb 2022 07:17:49 GMT
Via: 1.1 varnish, 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache: 1
X-VServer: infra-playproxy-b-7
X-Vimeo-DC: ge
Accept-Ranges: bytes
Date: Tue, 15 Feb 2022 07:12:39 GMT
Age: 0
X-Served-By: cache-hhn4073-HHN
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1644909159.478015,VS0,VE127
Vary: Accept-Encoding
X-Player-Backend: p

GET
H2 200 corners-base.jpg
d2s3n99uw51hng.cloudfront.net/static/ 338 KB
339 KB 8ms
8ms Image
image/jpeg 2600:9000:223f:fe00:10:6fb5:2700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2s3n99uw51hng.cloudfront.net/static/corners-base.jpg
Requested by: Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:fe00:10:6fb5:2700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1294852a9105d97adca4bc12c43b36b2cfa347f837ca7b9f755dcddbfab36f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:24:49 GMT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jan 2022 12:51:49 GMT
server: AmazonS3
age: 2321271
etag: "f758b59917106b9f92c8e22bebd653a5"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 346511
x-amz-cf-id: l_sGrbF1yIxkrIWIsgg0jcN-PtSS8-ophRZpilhtnIzuwvRbcaKUzA==

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v19/ 8 KB
8 KB 176ms
91ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v19/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,400italic,700italic%7CRoboto:400,700,400italic,700italic%7CAllerta:400,700,400italic,700italic%7CPoppins:400,700,400italic,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ng.guildcare.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 19:30:15 GMT
x-content-type-options: nosniff
age: 474144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:11:40 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 19:30:15 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 183ms
98ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ng.guildcare.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 09:58:52 GMT
x-content-type-options: nosniff
age: 335627
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 11 Feb 2023 09:58:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 125ms
40ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ng.guildcare.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 479780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 17:56:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 133ms
49ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ng.guildcare.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 09:48:03 GMT
x-content-type-options: nosniff
age: 336276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 11 Feb 2023 09:48:03 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v19/ 8 KB
8 KB 163ms
83ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v19/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ng.guildcare.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 19:30:15 GMT
x-content-type-options: nosniff
age: 474144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:17:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 19:30:15 GMT

GET
H2 200 GuildLink-logo-NEG-504-01.png
d2s3n99uw51hng.cloudfront.net/static/ 5 KB
5 KB 8ms
7ms Image
image/png 2600:9000:223f:fe00:10:6fb5:2700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2s3n99uw51hng.cloudfront.net/static/GuildLink-logo-NEG-504-01.png
Requested by: Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:fe00:10:6fb5:2700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe3ff0a54ccdf8f85f6b3b213ad94793bbfa93008412819995ff34f265905e64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 15:12:14 GMT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
last-modified: Thu, 27 Aug 2020 08:31:06 GMT
server: AmazonS3
age: 2476826
etag: "ff8c23a7d543b3fcba3831ecae4c4163"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 5036
x-amz-cf-id: DKZru4NoFKsTvaJctbZXTQZ4sTLiX99xrZ_3Pdd0_3mEtsbZ4ID1gw==

GET
H2 200 ProjectCOVID%20nobkg.png
d2s3n99uw51hng.cloudfront.net/static/ 6 KB
6 KB 8ms
8ms Image
image/png 2600:9000:223f:fe00:10:6fb5:2700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2s3n99uw51hng.cloudfront.net/static/ProjectCOVID%20nobkg.png
Requested by: Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:fe00:10:6fb5:2700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 828888e371bbfabc4ba64ee0d626b572d5365466c60338f4e8556fd9cff22940

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:24:50 GMT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jan 2022 12:54:02 GMT
server: AmazonS3
age: 2321270
etag: "205cd81cae19b561bfbc6138056283a7"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 5758
x-amz-cf-id: w7EC2YhKdeECHpn2L5y20OKktc9RiT4ZcQMTsYIlId4JC8vn-YAkKg==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 140ms
51ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-91111010-1&cid=204776076.1644909159&jid=1185223150&_u=IEBAAEAAAAAAAC~&z=1558667284

Requested by

Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 07:12:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 141ms
53ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-91111010-1&cid=204776076.1644909159&jid=1185223150&_u=IEBAAEAAAAAAAC~&z=1558667284

Requested by

Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 07:12:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 669099020 Show response
player.vimeo.com/video/ Frame 9AA2 16 KB
9 KB 132ms
119ms Document
text/html 151.101.0.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/669099020?h=bc3390d51f&badge=0&autopause=0&player_id=0&app_id=58479

Requested by

Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5a0304f4728f997676f9a4604fd2c2c522bba04baa936a820ee5de1e345bbb8d

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/

Response headers

Connection: keep-alive
Content-Length: 5544
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires: Tue, 15 Feb 2022 07:20:04 GMT
Via: 1.1 varnish, 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache: 1
X-VServer: infra-playproxy-b-10
X-Vimeo-DC: ge
Accept-Ranges: bytes
Date: Tue, 15 Feb 2022 07:12:39 GMT
Age: 0
X-Served-By: cache-hhn4073-HHN
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1644909160.522892,VS0,VE113
Vary: Accept-Encoding
X-Player-Backend: p

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 19 KB
7 KB 19ms
6ms Script
application/javascript 151.101.0.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

51b5a1e7190fac54504b07f6db88263acb092aa69400c40fda0100fc5f10e452

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-Varnish-Cache: 0
Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1277
X-Cache: HIT
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Connection: keep-alive
X-VServer: infra-playproxy-b-3
Content-Length: 5968
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4023-HHN
X-Player-Backend: p
Expires: Tue, 15 Feb 2022 07:21:21 GMT
Server: nginx
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Timer: S1644909160.525967,VS0,VE0
Date: Tue, 15 Feb 2022 07:12:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript;charset=utf-8
Via: 1.1 varnish, 1.1 varnish
Vary: Accept-Encoding
X-Vimeo-DC: ge
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache-Hits: 2106

GET
H2 200 8c41868a-5695-4aaa-a505-282d7d492908 Show response
forms.hsforms.com/embed/v3/form/9029087/ 11 KB
3 KB 168ms
149ms Script
application/javascript 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/9029087/8c41868a-5695-4aaa-a505-282d7d492908?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

576c41d2587fef29688feb38ce51212a9c4408748b73c2104a427554b1abb11d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 9038f17b-ceee-4c68-aa7a-b710b81b2fc0
cf-ray: 6ddcbaa7788d9261-FRA
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2BCB8517AC656C029735FCAA5F4F390FF4BC0478A0000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 73 KB
25 KB 40ms
19ms Script
application/javascript 2606:4700::6811:7fab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9029087.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7fab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e211fbc080dcb010d1cf54917aa2d6b33d4eb70160fd4d5acc2e0b69c3c2286

Request headers

Referer: https://ng.guildcare.com.au/
Origin: https://ng.guildcare.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:39 GMT
via: 1.1 066fc17b108820c747336d8f45e8ea54.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 38775
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.268/bundles/project.js&cfRay=6dd907fb8df09205-IAD
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 6ddcbaa78fda92a5-FRA
last-modified: Thu, 03 Feb 2022 08:24:47 UTC
server: cloudflare
etag: W/"213fdadef61cd5b83aac4307c39a00a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: paS71p19sxG4lOzv9LEMPGPVe35qdQHS
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: zC16DL4Zz8zO5ftrPnrx6BJDgvd2Xp3m4nf47SQGiJMiMk9G8YIBmw==
x-hs-target-asset: collected-forms-embed-js/static-1.268/bundles/project.js

GET
H2 200 9029087.js Show response
js.hs-analytics.net/analytics/1644909000000/ 62 KB
20 KB 173ms
156ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1644909000000/9029087.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9029087.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b072a5db24b74d8e189b56af95e0deedca45b466029c8a3cc2286746fc6afd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:39 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: NV26D8CYM8DH3JZ9
x-amz-server-side-encryption: AES256
cf-ray: 6ddcbaa77fbe92a2-FRA
x-amz-id-2: CvW+dQhxxF1hI4H2H7Azq+Vrx38oQXosXjthYQOoN/dEeCHF4l35JoFAQXCRHyWRr45zGarLdwA=
last-modified: Mon, 19 Jul 2021 17:08:19 GMT
server: cloudflare
etag: W/"0d0e066bfb4ff3e41fbfaac79f109c3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Tue, 15 Feb 2022 07:17:39 GMT

GET
H2 200 9029087.js Show response
js.hs-banner.com/ 60 KB
16 KB 467ms
451ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/9029087.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9029087.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0822ce15806de8a017fa6ec49742c45de3a7fd1c995783c8df0356b7fc0485a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: B7JFK1VS3919XMKV
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: 29eVGAFic5NazMsXx0R+T1HsDzEYzEf8yGlCZCAZI0Ywn2Bszm0FcYUr0kux5cEOJBU4mdbLZJ8=
timing-allow-origin: *
last-modified: Wed, 09 Feb 2022 00:41:09 GMT
server: cloudflare
etag: W/"16354993726e84139574875b5e2d4fb2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: y_IM8A6Pqn5LpsZhclgoENhjb.DwWRps
access-control-allow-origin: https://ng.guildcare.com.au
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6ddcbaa7780e9180-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Tue, 15 Feb 2022 07:17:39 GMT

GET
H2 200 default-skin.png
d3r4tb575cotg3.cloudfront.net/images/ 547 B
900 B 54ms
7ms Image
image/png 52.222.250.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3r4tb575cotg3.cloudfront.net/images/default-skin.png
Requested by: Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/style?site=18975&page=82&version=1.2254&rel=0024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-222.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fd2d3fed8d73fb4a3265475c444817343f3383348c254428f85e7b4b076c7dcf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 08:39:51 GMT
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Fri, 20 Jul 2018 06:19:37 GMT
server: AmazonS3
age: 12781969
etag: "e3f799c6dec9af194c86decdf7392405"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 547
x-amz-cf-id: iRBPFBTt3VmtCYPQRzwRUyLMohTx1rvNyNpXWgVhqWQSA9omC7NtyQ==

GET
H2 200 ProjectCOVID%20Userguide%20v2_Page_01.jpg
d3r4tb575cotg3.cloudfront.net/static/ 116 KB
117 KB 54ms
10ms Image
image/jpeg 52.222.250.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3r4tb575cotg3.cloudfront.net/static/ProjectCOVID%20Userguide%20v2_Page_01.jpg
Requested by: Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-222.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f9ff725b0497288c6fc4a50ce0f276593631311d3cfc0f296d98a8b918647cc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 21:58:56 GMT
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Wed, 02 Feb 2022 02:23:12 GMT
server: AmazonS3
age: 724424
etag: "878b41023806506f60ebe5f2c9e23e6f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 119213
x-amz-cf-id: dtg-dNDi7t180ooliq76rTANYOdRtGZtCq9kHOmWoNPi_iHyDf-yvg==

GET
H2 200 ProjectCOVID%20Userguide%20v2_Page_02.jpg
d2s3n99uw51hng.cloudfront.net/static/ 308 KB
309 KB 10ms
8ms Image
image/jpeg 2600:9000:223f:fe00:10:6fb5:2700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2s3n99uw51hng.cloudfront.net/static/ProjectCOVID%20Userguide%20v2_Page_02.jpg
Requested by: Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:fe00:10:6fb5:2700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b50d07b3ca98ad2b45da038d09bed5afca662613ea372db945d19a410b8a86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 03:46:50 GMT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
last-modified: Wed, 02 Feb 2022 02:23:12 GMT
server: AmazonS3
age: 1135550
etag: "c6697d212527d2496903507516567152"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 315656
x-amz-cf-id: 8zKoQHTVtK36hzh99QgsAWnDtjjZYgfFneKk1qeRV3eneMvrdSeicg==

GET
H2 200 ProjectCOVID%20Userguide%20v2_Page_10.jpg
d2s3n99uw51hng.cloudfront.net/static/ 192 KB
193 KB 13ms
11ms Image
image/jpeg 2600:9000:223f:fe00:10:6fb5:2700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2s3n99uw51hng.cloudfront.net/static/ProjectCOVID%20Userguide%20v2_Page_10.jpg
Requested by: Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:fe00:10:6fb5:2700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 873bd1578f59e3f15c4ee37f03b57291aa936b7299b2b2befa0c4397f493667f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 03:58:18 GMT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
last-modified: Wed, 02 Feb 2022 02:23:13 GMT
server: AmazonS3
age: 443662
etag: "3e5cb1142247ed764925bbac103135d4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 196607
x-amz-cf-id: Jd4SHOl5t2R5pF4vrN5wlx9FZw4EHhm9Da_t8X0V2vb3rPtwFncr4Q==

GET
H2 200 1353896365-0816b71d694f83147dd50cc29af25e9e6b5c4f44064f03113663384b78291b6c-d.jpg
i.vimeocdn.com/video/ Frame 9C5A 1 KB
2 KB 143ms
124ms Image
image/jpeg 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1353896365-0816b71d694f83147dd50cc29af25e9e6b5c4f44064f03113663384b78291b6c-d.jpg?mw=80&q=85
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/668606541?h=65474df25e&badge=0&autopause=0&player_id=0&app_id=58479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4830a783fd54a692d7b4f90721d55bbbc459503232938c84242face6511449ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:39 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 119597
x-viewmaster-lossless-format: lossy
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 1282
viewmaster-server: viewmaster-us-central1-xd99
x-served-by: cache-dfw18650-DFW, cache-fra19140-FRA
x-timer: S1644909160.644555,VS0,VE119
etag: 0172d424a513d9aa024600281e8d81e5
access-control-max-age: 86400
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 2, 0

GET
H2 200 player.de-DE.js Show response
f.vimeocdn.com/p/3.49.10/js/ Frame 9C5A 711 KB
165 KB 26ms
8ms Script
application/javascript 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/3.49.10/js/player.de-DE.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/668606541?h=65474df25e&badge=0&autopause=0&player_id=0&app_id=58479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8f954dbaa5e949e6502aad3f5dc94a0b53eb65b4980b03079537be637c5f4ba9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:39 GMT
via: 1.1 varnish, 1.1 varnish
age: 34443
x-served-by: cache-iad-kcgs7200157-IAD, cache-fra19158-FRA
vary: Accept-Encoding,x-http-method-override
x-cache: MISS, HIT
content-type: application/javascript
content-encoding: br
cache-control: max-age=1209600
accept-ranges: bytes
x-timer: S1644909160.644630,VS0,VE0
content-length: 168993
x-cache-hits: 0, 2505

GET
H2 200 player.css
f.vimeocdn.com/p/3.49.10/css/ Frame 9C5A 202 KB
20 KB 23ms
6ms Stylesheet
text/css 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/3.49.10/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/668606541?h=65474df25e&badge=0&autopause=0&player_id=0&app_id=58479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 31a8ee9db0fcd9f66dfd51c71df359a6058cd80282b2bd4015f65616e601bacb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:39 GMT
via: 1.1 varnish, 1.1 varnish
age: 34450
x-served-by: cache-iad-kcgs7200123-IAD, cache-fra19158-FRA
vary: Accept-Encoding,x-http-method-override
x-cache: MISS, HIT
content-type: text/css
access-control-allow-origin: *
content-encoding: br
cache-control: max-age=1209600
accept-ranges: bytes
x-timer: S1644909160.644541,VS0,VE0
content-length: 20017
x-cache-hits: 0, 9877

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
1 KB 159ms
139ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=9029087&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a217f682da3820af0dd29ec2a6f073c4dcda175af8d538052fc8786a95f3cd01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://ng.guildcare.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 09426095-bc68-44a1-b604-56a121a5e944
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68Cu3m%2B5wJMew5yH9ob4biIah0ubTbXRPpHPDElVgz%2BdTTZpk%2BjhZSzGm2cku%2BFs0Uvn0Vu8TJ63p05Tzd%2BLnOadWUrCw%2F2uXt4tH39FpPuIwbaXzB1lFS5Uok9tm5KVa%2FZVwTwqLobyAkeNet8H"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ng.guildcare.com.au
x-robots-tag: none
access-control-allow-credentials: false
cf-ray: 6ddcbaa808059073-FRA
access-control-allow-headers: *

GET
H2 200 1355235497-5e703b90c322b02cde3143ef3584d684e0902709181c824324c6aea2159fa68f-d.jpg
i.vimeocdn.com/video/ Frame 9AA2 2 KB
2 KB 127ms
126ms Image
image/jpeg 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1355235497-5e703b90c322b02cde3143ef3584d684e0902709181c824324c6aea2159fa68f-d.jpg?mw=80&q=85
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/669099020?h=bc3390d51f&badge=0&autopause=0&player_id=0&app_id=58479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f79fcdac796872d796f062ca20e0f6b289c72e18fcc6ecb0ab224ff6d540103a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:39 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 604204
x-viewmaster-lossless-format: lossy
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 1557
viewmaster-server: viewmaster-us-central1-l03j
x-served-by: cache-dfw18641-DFW, cache-fra19140-FRA
x-timer: S1644909160.668389,VS0,VE120
etag: 5629daf0319c146fb0b38aa6131ba445
access-control-max-age: 86400
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 player.de-DE.js Show response
f.vimeocdn.com/p/3.49.10/js/ Frame 9AA2 711 KB
165 KB 7ms
7ms Script
application/javascript 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/3.49.10/js/player.de-DE.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/669099020?h=bc3390d51f&badge=0&autopause=0&player_id=0&app_id=58479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8f954dbaa5e949e6502aad3f5dc94a0b53eb65b4980b03079537be637c5f4ba9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:39 GMT
via: 1.1 varnish, 1.1 varnish
age: 34443
x-served-by: cache-iad-kcgs7200157-IAD, cache-fra19158-FRA
vary: Accept-Encoding,x-http-method-override
x-cache: MISS, HIT
content-type: application/javascript
content-encoding: br
cache-control: max-age=1209600
accept-ranges: bytes
x-timer: S1644909160.669433,VS0,VE0
content-length: 168993
x-cache-hits: 0, 2506

GET
H2 200 player.css
f.vimeocdn.com/p/3.49.10/css/ Frame 9AA2 202 KB
20 KB 16ms
16ms Stylesheet
text/css 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/3.49.10/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/669099020?h=bc3390d51f&badge=0&autopause=0&player_id=0&app_id=58479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 31a8ee9db0fcd9f66dfd51c71df359a6058cd80282b2bd4015f65616e601bacb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:39 GMT
via: 1.1 varnish, 1.1 varnish
age: 34450
x-served-by: cache-iad-kcgs7200123-IAD, cache-fra19158-FRA
vary: Accept-Encoding,x-http-method-override
x-cache: MISS, HIT
content-type: text/css
access-control-allow-origin: *
content-encoding: br
cache-control: max-age=1209600
accept-ranges: bytes
x-timer: S1644909160.669515,VS0,VE0
content-length: 20017
x-cache-hits: 0, 9878

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame 9AA2 3 KB
1 KB 16ms
16ms Script
text/javascript 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/669099020?h=bc3390d51f&badge=0&autopause=0&player_id=0&app_id=58479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:39 GMT
content-encoding: gzip
age: 37843
x-cache: HIT, HIT
content-length: 1238
x-served-by: cache-iad-kjyo7100150-IAD, cache-fra19158-FRA
last-modified: Mon, 14 Feb 2022 17:09:06 GMT
server: Apache
cache-control: max-age=315360000
x-timer: S1644909160.669575,VS0,VE0
etag: "a68-5d7fd79571080-gzip"
vary: Accept-Encoding,x-http-method-override
content-type: text/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
expires: Thu, 12 Feb 2032 20:41:56 GMT
x-vimeo-dc: ge
x-bapp-server: assets-v8059-876mt
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 8102

GET
H2 200 18339379_60x60.jpg
i.vimeocdn.com/portrait/ Frame 9C5A 1 KB
1 KB 135ms
134ms Image
image/jpeg 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/portrait/18339379_60x60.jpg
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/668606541?h=65474df25e&badge=0&autopause=0&player_id=0&app_id=58479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 31e347d8c0502255af7a09a51faeebb1295454ead6e45c9668850c480718902b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:39 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 786691
x-viewmaster-lossless-format: lossy
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 1058
viewmaster-server: viewmaster-us-east1-4g6t
x-served-by: cache-dfw18654-DFW, cache-fra19140-FRA
x-timer: S1644909160.723723,VS0,VE119
etag: f33dd43834ff58640d080b6b3f13dfa6
access-control-max-age: 86400
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 1353896365-0816b71d694f83147dd50cc29af25e9e6b5c4f44064f03113663384b78291b6c-d
i.vimeocdn.com/video/ Frame 9C5A 17 KB
17 KB 592ms
592ms Image
image/avif 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1353896365-0816b71d694f83147dd50cc29af25e9e6b5c4f44064f03113663384b78291b6c-d?mw=1100&mh=619
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/668606541?h=65474df25e&badge=0&autopause=0&player_id=0&app_id=58479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: de4ec902576d897851c661999452a974bcd0ef3b1d7139dc7f052e9741a5b519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:40 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 0
x-viewmaster-lossless-format: automatic
x-cache: miss, MISS, MISS
access-control-max-age: 86400
x-backend-server: varnish
content-length: 16997
viewmaster-server: viewmaster-us-east1-1zcd
x-served-by: cache-dfw18670-DFW, cache-fra19140-FRA
x-timer: S1644909160.756689,VS0,VE586
etag: 23c11ea497f24574254f16ee9b5497f2
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 18339379_60x60.jpg
i.vimeocdn.com/portrait/ Frame 9AA2 1 KB
1 KB 49ms
49ms Image
image/jpeg 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/portrait/18339379_60x60.jpg
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.49.10/js/player.de-DE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 31e347d8c0502255af7a09a51faeebb1295454ead6e45c9668850c480718902b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:39 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 786691
x-viewmaster-lossless-format: lossy
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 1058
viewmaster-server: viewmaster-us-east1-4g6t
x-served-by: cache-dfw18654-DFW, cache-fra19140-FRA
x-timer: S1644909160.806352,VS0,VE37
etag: f33dd43834ff58640d080b6b3f13dfa6
access-control-max-age: 86400
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 1

POST
H2 200 player-test-impression
fresnel.vimeocdn.com/add/ Frame 9AA2 0
110 B 138ms
107ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.49.10/js/player.de-DE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Tue, 15 Feb 2022 07:12:39 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 1355235497-5e703b90c322b02cde3143ef3584d684e0902709181c824324c6aea2159fa68f-d
i.vimeocdn.com/video/ Frame 9AA2 27 KB
28 KB 676ms
676ms Image
image/avif 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1355235497-5e703b90c322b02cde3143ef3584d684e0902709181c824324c6aea2159fa68f-d?mw=1100&mh=619
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/669099020?h=bc3390d51f&badge=0&autopause=0&player_id=0&app_id=58479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b15eedd6588929360c174d245d6dd37c9545e2cdfa2a997736b19823209d3f76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:40 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 0
x-viewmaster-lossless-format: automatic
x-cache: miss, MISS, MISS
access-control-max-age: 86400
x-backend-server: varnish
content-length: 27897
viewmaster-server: viewmaster-us-east1-5sk5
x-served-by: cache-dfw18623-DFW, cache-fra19140-FRA
x-timer: S1644909160.829195,VS0,VE640
etag: 60e9c01b647bbee7694ba3cf4438461e
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 0, 0

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 9AA2 0
40 B 132ms
108ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=ea60035333b569ce07c9f6da553a8a1c4b12cc761644909159
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.49.10/js/player.de-DE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Tue, 15 Feb 2022 07:12:39 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame 9AA2 0
798 B 181ms
164ms Ping
text/plain 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=ea60035333b569ce07c9f6da553a8a1c4b12cc761644909159

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 varnish, 1.1 varnish
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Served-By: cache-iad-kcgs7200144-IAD, cache-hhn4075-HHN
X-Vimeo-DC: ge
Server: nginx
X-Timer: S1644909160.851551,VS0,VE145
X-Frame-Options: sameorigin
Date: Tue, 15 Feb 2022 07:12:39 GMT
Vary: User-Agent
Expires: Mon, 14 Feb 2022 19:12:39 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-BApp-Server: pweb-v20180-jtxb2
X-UA-Compatible: IE=edge
Accept-Ranges: bytes
X-Cache-Hits: 0, 0

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 1008 B
633 B 98ms
48ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

84555a8afc748cf68073d4f3c4c5e2c93a11d66bc53a3d0d1426b73ec0425e6a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 612
x-xss-protection: 1; mode=block
expires: Tue, 15 Feb 2022 07:12:39 GMT

GET
H3 200 v2.js Show response
js.hsforms.net/forms/ Frame E446 568 KB
145 KB 32ms
17ms Script
application/javascript 2606:4700::6811:ba49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

787d022badd142eb036e75ae72d3a750ab6b51318548ca031541433747fee6c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:39 GMT
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 49
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 04 Feb 2022 01:36:22 UTC
server: cloudflare
etag: W/"2ea56c6d3f9e2e290743211e2ecd17f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpAZU3s91mPZTsuSzyD6wpmTwiFwTYC8Kxo2wIqm3KNae2TKNn91IC4%2FWVIeMWTjdThT7Iksb7VF%2FWs%2FTQ61Io7vj5%2BPue8yQO5WOT6022U5Mmgo0pUBU%2BzA9Zbo6bajSsrcbN7gaCM4oHiF"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: YwwfPGWEpu5cANS1IqlTRhLK9QAbauzz
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6ddcbaa92d4a90fb-FRA
x-amz-cf-id: DE8T1dvtkEzbt2baesB8dgexMmq4X890h62iXC_7bhhbhliECH0CBw==
x-hs-target-asset: FormsNext/static-5.450/bundles/project_with_deps.js

GET
H3 200 css
fonts.googleapis.com/ Frame E446 2 KB
537 B 95ms
48ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 06:51:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 07:12:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 07:12:40 GMT

GET
H2 200 ProjectCOVID%20Userguide%20v2_Page_10.jpg
d2s3n99uw51hng.cloudfront.net/static/ 192 KB
193 KB 712ms
710ms Image
image/jpeg 2600:9000:223f:fe00:10:6fb5:2700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2s3n99uw51hng.cloudfront.net/static/ProjectCOVID%20Userguide%20v2_Page_10.jpg
Requested by: Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:fe00:10:6fb5:2700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 873bd1578f59e3f15c4ee37f03b57291aa936b7299b2b2befa0c4397f493667f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:41 GMT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
last-modified: Wed, 02 Feb 2022 02:23:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "3e5cb1142247ed764925bbac103135d4"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 196607
x-amz-cf-id: RcggmxAzvdN2Ha-NOP_vZjLP5FPJX4W4o3JFQRwoBfNC-3jU0uR93A==

GET
H2 200 ProjectCOVID%20Userguide%20v2_Page_02.jpg
d2s3n99uw51hng.cloudfront.net/static/ 308 KB
309 KB 693ms
693ms Image
image/jpeg 2600:9000:223f:fe00:10:6fb5:2700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2s3n99uw51hng.cloudfront.net/static/ProjectCOVID%20Userguide%20v2_Page_02.jpg
Requested by: Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:fe00:10:6fb5:2700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b50d07b3ca98ad2b45da038d09bed5afca662613ea372db945d19a410b8a86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:41 GMT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
last-modified: Wed, 02 Feb 2022 02:23:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "c6697d212527d2496903507516567152"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 315656
x-amz-cf-id: 67FZP9tRFXIzjNbo2wgoPz7ef8Cxk7WpViiJnoCxGVI4CIetfxaW5g==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ 357 KB
142 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e233cde0337424a89df8f71bd45c2c4a2f9f5b699cf79144a5db2949d0bd4529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ng.guildcare.com.au/
Origin: https://ng.guildcare.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 16:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144562
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 16:50:26 GMT

GET
H3 200 shell-recaptcha Show response
js.hsforms.net/forms-next/ Frame C8E0 852 B
1 KB 403ms
403ms Document
text/html 2606:4700::6811:ba49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms-next/shell-recaptcha

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df7ea8fd76f1aa2239de4eba7d7a325c85695e822b1cdeb2fefb3a90394cb724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 15 Feb 2022 07:12:40 GMT
content-type: text/html; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Fri, 04 Feb 2022 01:36:22 UTC
x-amz-server-side-encryption: AES256
x-amz-meta-ao: {}
x-amz-version-id: ZUvNxZrFhtf0lXAOTEMUo5_OP3ajRjpv
x-cache: Hit from cloudfront
via: 1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: -QXMzaC-Bd__D1yGabfiPH8Me5tNvVzHyRzHPx6OPoOtutJ_fjNdjg==
age: 1381
cache-control: s-maxage=600, max-age=0
x-hs-target-asset: FormsNext/static-5.450/html/recaptcha.html
access-control-allow-origin: *
x-hs-cache-status: HIT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUmUIDNOui9aTQC7eiQ%2FM%2Bdw3ETNkM0Xa3Unu2h5txKt1dXzPGiP7csEYl7mmynvaAsNh2fLd23q5%2Fo4gudy6UTA2brcyikvshUq9Z9aFY0y7b8rc04njNGys7qF%2BYYXNcXlVpboLeafLjw8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 6ddcbaaaa85190fb-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 counters.gif
perf.hsforms.com/embed/v3/ Frame E446 35 B
240 B 137ms
136ms Image
image/gif 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=9029087

Requested by

Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:40 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-hubspot-correlation-id: 46d7e2ba-fa6d-4b56-85e7-a67b544e8b64
cf-ray: 6ddcbaaaafbc9261-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
last-modified: Tue, 15 Feb 2022 07:12:40 GMT
server: cloudflare
x-trace: 2B5C8ADDBAABA362AA11496CD50BA80E1A99DB7395000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame C2FD 42 KB
22 KB 62ms
61ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9uZy5ndWlsZGNhcmUuY29tLmF1OjQ0Mw..&hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=invisible&badge=inline&cb=fam7ui5nxmjp

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8a0d4fc5e9a20d2403a240fedf4160a54b03f07646cad169410c7b8e25b08704

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-i39a2Jbfg/zNdkhv6C0cfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 15 Feb 2022 07:12:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-i39a2Jbfg/zNdkhv6C0cfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 22316
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 formsthirdparty.2755260429cd02c98112dac6f4b5b8ce.css
static.zohocdn.com/forms/css/ Frame E2D6 77 KB
12 KB 64ms
15ms Stylesheet
text/css 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zohocdn.com/forms/css/formsthirdparty.2755260429cd02c98112dac6f4b5b8ce.css

Requested by

Host: forms.zohopublic.com
URL: https://forms.zohopublic.com/guilddigital/form/GuildLinkProjectCOVIDNewUser/formperma/a5lZg3EScS95RNNQQ8DzKTzQFAAOPQcU_JPboecOrZM

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

b2cea84c60142ea60e4a2ce7ffc440387184266d0133f3141e5142ee4c160f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.zohopublic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/css
x-cache: HIT
last-modified: Fri, 16 Apr 2021 06:59:29 GMT
vary: Accept-Encoding
content-length: 11641
x-xss-protection: 1
pragma: public, max-age=5184000, immutable
nb-request-id: 8fb858692c4e38ce5f1eaad7ea5a394d
server: ZGS
etag: "a338608fc2b539683c6cccb5717cf0aa"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5184000, immutable
z-origin-id: ex1-3b052cb64e64487cb27d26556cd62328
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 11:17:38 GMT

GET
H2 200 formslive.e9f52d981e481e0b02c7a7377a8f43ca.css
static.zohocdn.com/forms/css/ Frame E2D6 227 KB
44 KB 77ms
28ms Stylesheet
text/css 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zohocdn.com/forms/css/formslive.e9f52d981e481e0b02c7a7377a8f43ca.css

Requested by

Host: forms.zohopublic.com
URL: https://forms.zohopublic.com/guilddigital/form/GuildLinkProjectCOVIDNewUser/formperma/a5lZg3EScS95RNNQQ8DzKTzQFAAOPQcU_JPboecOrZM

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

6ac015f18a277c16d6d3b88d207344b6e203b56bfb69f200ef603573bf9e8654

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.zohopublic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/css;charset=UTF-8
x-cache: HIT
last-modified: Wed, 02 Feb 2022 13:16:17 GMT
vary: Accept-Encoding
content-length: 44661
x-xss-protection: 1
nb-request-id: 727a83fdc74fc8c701f999e6e8b458dc
server: ZGS
etag: "1e189b98a813988656e80d41b503fa17"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-92a7faa6e5744f42aab803bcd9c6833a
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200 fonts
forms.zohopublic.com/formstatic/ Frame E2D6 1 KB
647 B 308ms
161ms Stylesheet
text/css 136.143.190.97
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.zohopublic.com/formstatic/fonts?family=Open+Sans:400,700i,700,600i,600,400i,300i,300

Requested by

Host: forms.zohopublic.com
URL: https://forms.zohopublic.com/guilddigital/form/GuildLinkProjectCOVIDNewUser/formperma/a5lZg3EScS95RNNQQ8DzKTzQFAAOPQcU_JPboecOrZM

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.143.190.97 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

d60ab551b12381f4fb3a1e96340edb2f9f616f154bc22df54abe1cf21f768418

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.zohopublic.com/guilddigital/form/GuildLinkProjectCOVIDNewUser/formperma/a5lZg3EScS95RNNQQ8DzKTzQFAAOPQcU_JPboecOrZM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 07:12:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ZGS
X-Frame-Options: DENY
Strict-Transport-Security: max-age=63072000
Content-Language: de-DE
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/css;charset=UTF-8
vary: accept-encoding
X-XSS-Protection: 1

GET
H2 200 custom.698fe831dd8aec09d431ddfe2a876329.css
static.zohocdn.com/forms/css/themes/ Frame E2D6 86 KB
12 KB 91ms
42ms Stylesheet
text/css 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zohocdn.com/forms/css/themes/custom.698fe831dd8aec09d431ddfe2a876329.css

Requested by

Host: forms.zohopublic.com
URL: https://forms.zohopublic.com/guilddigital/form/GuildLinkProjectCOVIDNewUser/formperma/a5lZg3EScS95RNNQQ8DzKTzQFAAOPQcU_JPboecOrZM

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

8d6536dae809679d5baf45c5b7eef9ef72f842c98d284c9ee072aeaf1d339fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.zohopublic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/css;charset=UTF-8
x-cache: HIT
last-modified: Sat, 29 Jan 2022 06:48:42 GMT
vary: Accept-Encoding
content-length: 12258
x-xss-protection: 1
nb-request-id: ed30344e808b286e96c3fbdddafbee66
server: ZGS
etag: "c9b370676eab1cc970a5b250cd13c978"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-b5ccf2703f7a46a0a9fe56cc428c8494
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 media.4b3cfd0f094c30f6294327f81e7373f5.css
static.zohocdn.com/forms/css/themes/ Frame E2D6 50 KB
6 KB 91ms
42ms Stylesheet
text/css 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zohocdn.com/forms/css/themes/media.4b3cfd0f094c30f6294327f81e7373f5.css

Requested by

Host: forms.zohopublic.com
URL: https://forms.zohopublic.com/guilddigital/form/GuildLinkProjectCOVIDNewUser/formperma/a5lZg3EScS95RNNQQ8DzKTzQFAAOPQcU_JPboecOrZM

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

40031af8cb4a5d392e9b11560ea220ef4f637c828c96a2d5ba2f4da33c18fe57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.zohopublic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/css;charset=UTF-8
x-cache: HIT
last-modified: Wed, 02 Feb 2022 13:16:18 GMT
vary: Accept-Encoding
content-length: 5322
x-xss-protection: 1
nb-request-id: f19299599c9b592243c58c3babcdbc34
server: ZGS
etag: "4b05afcbc43d7d2aca6c17bc86c902d2"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-7f05337aaebb448aaef1601dac8fa7ab
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 customMedia.bdbbc9b6f964ee4f4c1d1debd83b0068.css
static.zohocdn.com/forms/css/themes/media/ Frame E2D6 974 B
688 B 91ms
43ms Stylesheet
text/css 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zohocdn.com/forms/css/themes/media/customMedia.bdbbc9b6f964ee4f4c1d1debd83b0068.css

Requested by

Host: forms.zohopublic.com
URL: https://forms.zohopublic.com/guilddigital/form/GuildLinkProjectCOVIDNewUser/formperma/a5lZg3EScS95RNNQQ8DzKTzQFAAOPQcU_JPboecOrZM

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

abb8c8a48e1155c695ed2f6108ceaf1e8e08a320101df132817b3be9bc77ff38

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.zohopublic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
x-cache: HIT
last-modified: Tue, 03 Mar 2020 10:10:54 GMT
vary: Accept-Encoding
content-length: 193
x-xss-protection: 1
nb-request-id: b8a8f80530a2532a1c6529510c6377e2
server: ZGS
etag: "daa87951fc446e172d1546a8e9bc1f48"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, must-revalidate, proxy-revalidate
z-origin-id: ex1-5f6004d26af5df20cf3f9802
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 formstplivejs.5598e1e583c1d09fc270b76b7bc87fed.js Show response
static.zohocdn.com/forms/js/ Frame E2D6 87 KB
30 KB 14ms
14ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zohocdn.com/forms/js/formstplivejs.5598e1e583c1d09fc270b76b7bc87fed.js

Requested by

Host: forms.zohopublic.com
URL: https://forms.zohopublic.com/guilddigital/form/GuildLinkProjectCOVIDNewUser/formperma/a5lZg3EScS95RNNQQ8DzKTzQFAAOPQcU_JPboecOrZM

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

e26f12c5c9b90fcacce612148fbbdd171302587188e66ff2511f8d1582d91a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.zohopublic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
x-cache: HIT
last-modified: Mon, 07 Sep 2020 06:01:12 GMT
vary: Accept-Encoding
content-length: 30037
x-xss-protection: 1
nb-request-id: 6f56c3c2f0efd187948831939e83eea4
server: ZGS
etag: "545c72fc1816fa5e467e58efd4d47adb"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=15552000, must-revalidate, proxy-revalidate
z-origin-id: ex1-5f5770e4cf71e33f72842e02
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 formsthirdpartylivejs.fa80d21e90eb2a92193fc45ef5617573.js Show response
static.zohocdn.com/forms/js/ Frame E2D6 140 KB
37 KB 14ms
14ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zohocdn.com/forms/js/formsthirdpartylivejs.fa80d21e90eb2a92193fc45ef5617573.js

Requested by

Host: forms.zohopublic.com
URL: https://forms.zohopublic.com/guilddigital/form/GuildLinkProjectCOVIDNewUser/formperma/a5lZg3EScS95RNNQQ8DzKTzQFAAOPQcU_JPboecOrZM

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

7f55a3bd529fd0e38309f11395e357ed00998b073020a9faacb9f8c000f1e46b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.zohopublic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript;charset=UTF-8
x-cache: HIT
last-modified: Wed, 19 May 2021 11:03:03 GMT
vary: Accept-Encoding
content-length: 37358
x-xss-protection: 1
nb-request-id: 059e10634720f1e6a3ac2871119fe730
server: ZGS
etag: "519d10234a6e863f26825a7305cb746c"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-2341254cd544419c857eb0f3a4db5d20
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 formscommonlive.e61c4a03bf4c1308769c28d31ef990f8.js Show response
static.zohocdn.com/forms/js/ Frame E2D6 74 KB
23 KB 14ms
14ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zohocdn.com/forms/js/formscommonlive.e61c4a03bf4c1308769c28d31ef990f8.js

Requested by

Host: forms.zohopublic.com
URL: https://forms.zohopublic.com/guilddigital/form/GuildLinkProjectCOVIDNewUser/formperma/a5lZg3EScS95RNNQQ8DzKTzQFAAOPQcU_JPboecOrZM

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

390ffe7ce30bc8817fb202f8481cc74788de33b64dd84ecda64220b90f823b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.zohopublic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript;charset=UTF-8
x-cache: HIT
last-modified: Thu, 10 Feb 2022 14:37:05 GMT
vary: Accept-Encoding
content-length: 23109
x-xss-protection: 1
nb-request-id: a172e55205b8d6bb8f14f0ad95060488
server: ZGS
etag: "3b0254b67360e7ef247b20a0d085666f"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-93fdb708d71a4656970d426e786fb8a6
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 formslive.18a18cb236b1ad30590aeccf320075e9.js Show response
static.zohocdn.com/forms/js/ Frame E2D6 492 KB
96 KB 14ms
14ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zohocdn.com/forms/js/formslive.18a18cb236b1ad30590aeccf320075e9.js

Requested by

Host: forms.zohopublic.com
URL: https://forms.zohopublic.com/guilddigital/form/GuildLinkProjectCOVIDNewUser/formperma/a5lZg3EScS95RNNQQ8DzKTzQFAAOPQcU_JPboecOrZM

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

19f1aaeb3a18fbd86b930c2c10e09686fcd0a865b97e26b87adb6ee1f9ab737c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.zohopublic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript;charset=UTF-8
x-cache: HIT
last-modified: Thu, 10 Feb 2022 14:37:06 GMT
vary: Accept-Encoding
content-length: 97589
x-xss-protection: 1
nb-request-id: 29d78ccdfcaf558777e6ca7b7de9a4d5
server: ZGS
etag: "986a0ecc34c50c22046fce573657de1a"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-ca424aa600744bc99c9e009f6a9515ca
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200 showcaptcha
accounts.zoho.com/static/ Frame E2D6 3 KB
3 KB 542ms
193ms Image
image/png 136.143.190.100
ZOHO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts.zoho.com/static/showcaptcha?digest=1_C_0b39bcaf1ab0d16ccf8514dc7fb9fcf3440a2070637cfca36bfd45eff225f1a164970d22e50255ae754fcaa91a8162a77f94478c202d255c5401d4dd945abb7a

Requested by

Host: forms.zohopublic.com
URL: https://forms.zohopublic.com/guilddigital/form/GuildLinkProjectCOVIDNewUser/formperma/a5lZg3EScS95RNNQQ8DzKTzQFAAOPQcU_JPboecOrZM

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.143.190.100 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

c16d24b5ad5f829426da05faf3f7f00d81b8938981a71161bf229551a87e688b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.zohopublic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 07:12:40 GMT
X-Content-Type-Options: nosniff
Server: ZGS
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000
Content-Language: de-DE
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: image/png;charset=UTF-8
X-XSS-Protection: 1
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 warning-info.607d397302b1f344f8d8df1258004046.png
static.zohocdn.com/forms/images/ Frame E2D6 609 B
1 KB 14ms
13ms Image
image/png 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.zohocdn.com/forms/images/warning-info.607d397302b1f344f8d8df1258004046.png

Requested by

Host: forms.zohopublic.com
URL: https://forms.zohopublic.com/guilddigital/form/GuildLinkProjectCOVIDNewUser/formperma/a5lZg3EScS95RNNQQ8DzKTzQFAAOPQcU_JPboecOrZM

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

0015fea1d81d92a7c847e78f4dc6b997a8fe53dc8ce575662aea71ffb28e1e4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.zohopublic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
x-cache: HIT
last-modified: Thu, 03 Dec 2020 06:50:21 GMT
vary: Accept-Encoding
content-length: 613
x-xss-protection: 1
nb-request-id: 6b3a898934cfec1a299e262121a12e02
server: ZGS
etag: "795e63fefb59c2bff5f31b157b6d01e9"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5184000, immutable
z-origin-id: ex1-5fc8c5b99ef55c4f533e4d7b
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 loader.79de1b954774690fff0e7345d82faa25.gif
static.zohocdn.com/forms/images/ Frame E2D6 3 KB
3 KB 14ms
14ms Image
image/gif 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.zohocdn.com/forms/images/loader.79de1b954774690fff0e7345d82faa25.gif

Requested by

Host: forms.zohopublic.com
URL: https://forms.zohopublic.com/guilddigital/form/GuildLinkProjectCOVIDNewUser/formperma/a5lZg3EScS95RNNQQ8DzKTzQFAAOPQcU_JPboecOrZM

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

a7f44d3bc98f7b02879478758a8d3903ef51d1292f6b3a4fdaad1df616cb63ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.zohopublic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
x-cache: HIT
last-modified: Tue, 03 Mar 2020 10:10:50 GMT
vary: Accept-Encoding
content-length: 2558
x-xss-protection: 1
nb-request-id: 4324be2fd00c523bcb9b8a50d945a7e8
server: ZGS
etag: "8f3d3ae8228ea0894bbcba2f0dc68375"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, must-revalidate, proxy-revalidate
z-origin-id: ex1-5f6004d00f80b7173683a2e2
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 check-mark-outline.e44509047a0a79fb604be98bb10ec5bc.png
static.zohocdn.com/forms/images/ Frame E2D6 5 KB
5 KB 14ms
14ms Image
image/png 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.zohocdn.com/forms/images/check-mark-outline.e44509047a0a79fb604be98bb10ec5bc.png

Requested by

Host: forms.zohopublic.com
URL: https://forms.zohopublic.com/guilddigital/form/GuildLinkProjectCOVIDNewUser/formperma/a5lZg3EScS95RNNQQ8DzKTzQFAAOPQcU_JPboecOrZM

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

59d950a1bf97e8b2436befc21924d9883058f04e58d134a211f0ed04480d122d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.zohopublic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
x-cache: HIT
last-modified: Thu, 03 Dec 2020 06:50:19 GMT
vary: Accept-Encoding
content-length: 4599
x-xss-protection: 1
nb-request-id: 72f217f8789066c0d3da9948c5420591
server: ZGS
etag: "dad0f95db26f4856b486ad2e685c98dd"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5184000, immutable
z-origin-id: ex1-5fc8c5b981b7c33c33aa4c5a
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame C2FD 51 KB
24 KB 88ms
39ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9uZy5ndWlsZGNhcmUuY29tLmF1OjQ0Mw..&hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=invisible&badge=inline&cb=fam7ui5nxmjp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 19:29:18 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame C2FD 357 KB
141 KB 106ms
57ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e233cde0337424a89df8f71bd45c2c4a2f9f5b699cf79144a5db2949d0bd4529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 16:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144562
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 16:50:26 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame C2FD 102 B
134 B 48ms
47ms Other
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ

Requested by

Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a07361b9992cee19b55676bde1d128c8cec6864ba8e9f158ba8eef071d36f107

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9uZy5ndWlsZGNhcmUuY29tLmF1OjQ0Mw..&hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=invisible&badge=inline&cb=fam7ui5nxmjp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 15 Feb 2022 07:12:40 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame 5F27 7 KB
1 KB 49ms
49ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

314b82644f6c5e68784a62523301d35356a85bd397f0f87accdb94afe223d8ad

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TwRw9O2YO6Taug0TCv/YeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 15 Feb 2022 07:12:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-TwRw9O2YO6Taug0TCv/YeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1114
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ Frame C8E0 1008 B
633 B 49ms
49ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms-next/shell-recaptcha

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

84555a8afc748cf68073d4f3c4c5e2c93a11d66bc53a3d0d1426b73ec0425e6a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.hsforms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 612
x-xss-protection: 1; mode=block
expires: Tue, 15 Feb 2022 07:12:40 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame 5F27 51 KB
24 KB 39ms
39ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 19:29:18 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame 5F27 357 KB
141 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e233cde0337424a89df8f71bd45c2c4a2f9f5b699cf79144a5db2949d0bd4529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 16:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144562
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 16:50:26 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame C8E0 357 KB
141 KB 86ms
39ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e233cde0337424a89df8f71bd45c2c4a2f9f5b699cf79144a5db2949d0bd4529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.hsforms.net/
Origin: https://js.hsforms.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 16:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144562
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 16:50:26 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame 5F27 38 KB
23 KB 92ms
92ms XHR
application/json 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5da44ac5f34be25576ef38d9d3a6b53de0de41148c6ed1565030c350ab2b37c6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 15 Feb 2022 07:12:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23013
x-xss-protection: 1; mode=block
expires: Tue, 15 Feb 2022 07:12:40 GMT

GET
H3 200 canonical_car.png
www.gstatic.com/recaptcha/api2/ Frame 5F27 11 KB
11 KB 41ms
41ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/canonical_car.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9685b413894b0647b42edf9cac1fc0b2ed044c1fe238d843b9ca3d29db1b805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 18:08:35 GMT
x-content-type-options: nosniff
age: 479045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11174
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 16 Feb 2022 18:08:35 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 5F27 600 B
624 B 43ms
43ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 09:45:36 GMT
x-content-type-options: nosniff
age: 509224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 16 Feb 2022 09:45:36 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 5F27 530 B
554 B 43ms
42ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 21:24:06 GMT
x-content-type-options: nosniff
age: 35314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Mon, 21 Feb 2022 21:24:06 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 5F27 665 B
689 B 43ms
43ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 18:17:53 GMT
x-content-type-options: nosniff
age: 478487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 16 Feb 2022 18:17:53 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5F27 15 KB
15 KB 44ms
43ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 569159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5F27 15 KB
15 KB 46ms
45ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 21:19:14 GMT
x-content-type-options: nosniff
age: 35606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 14 Feb 2023 21:19:14 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5F27 15 KB
15 KB 44ms
43ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 14:17:54 GMT
x-content-type-options: nosniff
age: 579286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 14:17:54 GMT

GET
H3 200 payload
www.google.com/recaptcha/enterprise/ Frame 5F27 31 KB
31 KB 51ms
49ms Image
image/jpeg 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/enterprise/payload?p=06AGdBq27yC6jyahqqU14WmuP5os8jkHzxYYEXjp__nDBGHq2S2YXr36eckeDO9y2OH5WzSEe8si5tQ7PDS9Q8kVNprDDhQgyfigweAg1Ju9Spm5uNLSWekSP4X9xu9LA8h8XO1V_JXZ1lDQ-r4t8-6jVrmtV5he5kT7QJ5HVrIIZQQyjd4aDn0Fft2jeujcl28b7vQtNudnpE78z0_eSvDvk91mbueAIuuw&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

06d63680e438e6d0611c7dd3a44ed42f4afa89138c8e36b0f504ff3987b9a5ba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:40 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31724
x-xss-protection: 1; mode=block
expires: Tue, 15 Feb 2022 07:12:40 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame E7BC 42 KB
22 KB 58ms
58ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=invisible&badge=inline&cb=pivqyqq34nq3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

65e2168236ef9cdc551ab6415a907dfef54bff2fecc4a0bb1653e8fa80d47b87

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pqnAqAkFE1SIq4NS9NBZmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.hsforms.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 15 Feb 2022 07:12:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-pqnAqAkFE1SIq4NS9NBZmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 22156
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame E7BC 51 KB
24 KB 39ms
39ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=invisible&badge=inline&cb=pivqyqq34nq3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 19:29:18 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame E7BC 357 KB
141 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e233cde0337424a89df8f71bd45c2c4a2f9f5b699cf79144a5db2949d0bd4529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 16:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144562
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 16:50:26 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame E7BC 102 B
134 B 48ms
48ms Other
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ

Requested by

Host: ng.guildcare.com.au
URL: https://ng.guildcare.com.au/projectcovid

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a07361b9992cee19b55676bde1d128c8cec6864ba8e9f158ba8eef071d36f107

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=invisible&badge=inline&cb=pivqyqq34nq3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 15 Feb 2022 07:12:41 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame BAAA 7 KB
1 KB 49ms
49ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0ccce369b2499533a9a43dfac272ef987eb0bb5d79dea76f5dac17a8536e9826

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EezPqEvnO5X/9jueR57mgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.hsforms.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 15 Feb 2022 07:12:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-EezPqEvnO5X/9jueR57mgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1114
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame BAAA 51 KB
24 KB 40ms
39ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 19:29:18 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame BAAA 357 KB
141 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e233cde0337424a89df8f71bd45c2c4a2f9f5b699cf79144a5db2949d0bd4529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 16:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144562
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 16:50:26 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame BAAA 37 KB
22 KB 78ms
77ms XHR
application/json 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c8880752bd23dcb52ca1f81afae793f849fd432d6bccc8726b985018a036dced

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 15 Feb 2022 07:12:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22577
x-xss-protection: 1; mode=block
expires: Tue, 15 Feb 2022 07:12:41 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
966 B 143ms
126ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1163162232&v=1.1&a=9029087&rcu=https%3A%2F%2Fng.guildcare.com.au%2Fprojectcovid&pu=https%3A%2F%2Fng.guildcare.com.au%2Fprojectcovid&t=ProjectCOVID+%7C+GuildLink&cts=1644909161283&vi=3f9f36f8a25731ef63a4b8f0356dd68b&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:41 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: c2434638-7823-4ae9-ae36-3d5d00b57b18
cf-ray: 6ddcbab22e2e91ef-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2UFn68uRdZNyABnVR%2BiH%2FDWu%2Bylr3bTIpi8qSy0iN7oMj3LDFqA22oyAUufc4JSVgwsQEH4bh0WYV7bVWA%2BttrgWUlZwNuWJkz41HdjN%2F8VfX3qyiNUXtUPzFdhSp8M2SznXP6GcLdwQ84wXJ7l"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
553 B 156ms
139ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=8c41868a-5695-4aaa-a505-282d7d492908&fci=7d3dd924-dde0-4c80-9c49-ee3a6a8dff49&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1163162232&v=1.1&a=9029087&rcu=https%3A%2F%2Fng.guildcare.com.au%2Fprojectcovid&pu=https%3A%2F%2Fng.guildcare.com.au%2Fprojectcovid&t=ProjectCOVID+%7C+GuildLink&cts=1644909161284&vi=3f9f36f8a25731ef63a4b8f0356dd68b&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.guildcare.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:41 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: a48a8c4d-7e59-4dce-b8e2-639499ff01bb
cf-ray: 6ddcbab22e3191ef-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=115cdABplzv4er6viki5bmNJhxt3iaCiOBs03fAFSYJa9wqWuvr%2BsZz6T6gpgOR%2BA6ey7kai18hRwV4zs9u3eISFQ3DHfA5ckLEfIjq4hVRCukQHoc6zTfTs0GzTyrKpKKGOmHTZD6%2B019fTCFVA"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H3 200 payload
www.google.com/recaptcha/enterprise/ Frame BAAA 35 KB
35 KB 50ms
50ms Image
image/jpeg 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/enterprise/payload?p=06AGdBq26lk-luK6PlpVxvbf2-tMn8gMvv1tFjDvPEYFvNry8NqyJAh_4vXPhQPar3p4YoAf7-LKekRS-5hXq7RLKbmz4RToxrsfeTLX3fObAlJJfxXxJmN497Xjl1JhAtU8uufxIPY1qrJ8pN2HKLpyfyzozCD9aU_Iyx720HpqNXLbE9EI7LIfluMHErKfGnwGRIUTQBBpU3MrMFzZOyp9nFYaE2yEl11w&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5d62b1d8a1948dc9363f2688cc8f31e1e06cb1c75002f0d5da3343f9295d679f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:12:41 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35689
x-xss-protection: 1; mode=block
expires: Tue, 15 Feb 2022 07:12:41 GMT

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 05:14:21	Name: _GRECAPTCHA Value: 09APj96hTO4bVGy9rZs6UFWFPATVfp0EgJqrbprdd-82cuLSgIlIwpUr30F6XbLbiL0nb3uAE55bffk6Dz3HXHZJg
ng.guildcare.com.au/	1969-12-31 23:59:59	Name: PHPSESSID Value: in2edsbl8sdv56ps48b1jquev1
.guildcare.com.au/	1970-01-20 18:26:21	Name: _ga Value: GA1.3.204776076.1644909159
.guildcare.com.au/	1970-01-20 00:56:35	Name: _gid Value: GA1.3.1057320904.1644909159
.guildcare.com.au/	1970-01-20 00:55:09	Name: _gat Value: 1
.vimeo.com/	1970-01-20 18:26:21	Name: vuid Value: pl162678372.967115484
accounts.zoho.com/	1969-12-31 23:59:59	Name: iamcsr Value: ef06dfb7-5c6e-4808-ba6b-4025115e1b1e
ng.guildcare.com.au/	1970-01-20 10:16:45	Name: __hstc Value: 235880670.3f9f36f8a25731ef63a4b8f0356dd68b.1644909161281.1644909161281.1644909161281.1
ng.guildcare.com.au/	1970-01-20 10:16:45	Name: hubspotutk Value: 3f9f36f8a25731ef63a4b8f0356dd68b
ng.guildcare.com.au/	1969-12-31 23:59:59	Name: __hssrc Value: 1
ng.guildcare.com.au/	1970-01-20 00:55:10	Name: __hssc Value: 235880670.1.1644909161281
.hubspot.com/	1970-01-20 00:55:10	Name: __cf_bm Value: WjTNtzLNSDZIdic93lb6LfLcTunOfocruGu4eYD0KR4-1644909161-0-AaQlSUgFfptutQEF87ULyVCEwDk3pvU2USKWWRTT4jV4LUAFkO5iF6+SrpmoWHhJflqV4Wy8vVft3ksSVYc8N5s=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://ng.guildcare.com.au/projectcovid(Line 103) Message: Allow attribute will take precedence over 'allowfullscreen'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.zoho.com
d2s3n99uw51hng.cloudfront.net
d3r4tb575cotg3.cloudfront.net
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
forms.zohopublic.com
fresnel.vimeocdn.com
i.vimeocdn.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hsforms.net
ng.guildcare.com.au
perf.hsforms.com
player.vimeo.com
static.zohocdn.com
stats.g.doubleclick.net
track.hubspot.com
vimeo.com
www.google-analytics.com
www.google.com
www.google.de
www.gstatic.com
136.143.190.100
136.143.190.97
151.101.0.217
151.101.128.217
151.101.14.109
185.20.209.147
2600:9000:223f:fe00:10:6fb5:2700:21
2606:4700::6810:5705
2606:4700::6811:47b0
2606:4700::6811:7fab
2606:4700::6811:ba49
2606:4700::6811:d3cc
2606:4700::6812:15bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:809::2003
2a00:1450:4001:809::200e
2a00:1450:4001:812::200a
2a00:1450:4001:827::2003
2a00:1450:4001:82f::2004
2a00:1450:400c:c0c::9c
34.120.202.204
52.222.250.222
52.8.115.99
0015fea1d81d92a7c847e78f4dc6b997a8fe53dc8ce575662aea71ffb28e1e4c
06d63680e438e6d0611c7dd3a44ed42f4afa89138c8e36b0f504ff3987b9a5ba
0822ce15806de8a017fa6ec49742c45de3a7fd1c995783c8df0356b7fc0485a6
0ccce369b2499533a9a43dfac272ef987eb0bb5d79dea76f5dac17a8536e9826
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
19f1aaeb3a18fbd86b930c2c10e09686fcd0a865b97e26b87adb6ee1f9ab737c
1b072a5db24b74d8e189b56af95e0deedca45b466029c8a3cc2286746fc6afd2
314b82644f6c5e68784a62523301d35356a85bd397f0f87accdb94afe223d8ad
31a8ee9db0fcd9f66dfd51c71df359a6058cd80282b2bd4015f65616e601bacb
31e347d8c0502255af7a09a51faeebb1295454ead6e45c9668850c480718902b
390ffe7ce30bc8817fb202f8481cc74788de33b64dd84ecda64220b90f823b70
3d6556df2cbdcff6e600fabf4ef13ac7d850552c1a2e2382b3f08ebe31774beb
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40031af8cb4a5d392e9b11560ea220ef4f637c828c96a2d5ba2f4da33c18fe57
425e4ce16418ac80680d227bd317f46665e12886e3e37e034e5dd531b0e2901c
42b50d07b3ca98ad2b45da038d09bed5afca662613ea372db945d19a410b8a86
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4830a783fd54a692d7b4f90721d55bbbc459503232938c84242face6511449ed
51b5a1e7190fac54504b07f6db88263acb092aa69400c40fda0100fc5f10e452
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
576c41d2587fef29688feb38ce51212a9c4408748b73c2104a427554b1abb11d
59d950a1bf97e8b2436befc21924d9883058f04e58d134a211f0ed04480d122d
5a0304f4728f997676f9a4604fd2c2c522bba04baa936a820ee5de1e345bbb8d
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d62b1d8a1948dc9363f2688cc8f31e1e06cb1c75002f0d5da3343f9295d679f
5da44ac5f34be25576ef38d9d3a6b53de0de41148c6ed1565030c350ab2b37c6
5e211fbc080dcb010d1cf54917aa2d6b33d4eb70160fd4d5acc2e0b69c3c2286
65e2168236ef9cdc551ab6415a907dfef54bff2fecc4a0bb1653e8fa80d47b87
679bf58174c8ecbedf1163cc871d1439a4fa99179d9d8f317ae8ae8ef205a396
6ac015f18a277c16d6d3b88d207344b6e203b56bfb69f200ef603573bf9e8654
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
787d022badd142eb036e75ae72d3a750ab6b51318548ca031541433747fee6c6
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f55a3bd529fd0e38309f11395e357ed00998b073020a9faacb9f8c000f1e46b
828888e371bbfabc4ba64ee0d626b572d5365466c60338f4e8556fd9cff22940
833edecc63383a5a773a1ca9a8015c6674e2cd1376d869e5af92de331a994189
84555a8afc748cf68073d4f3c4c5e2c93a11d66bc53a3d0d1426b73ec0425e6a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
873bd1578f59e3f15c4ee37f03b57291aa936b7299b2b2befa0c4397f493667f
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8a0d4fc5e9a20d2403a240fedf4160a54b03f07646cad169410c7b8e25b08704
8d6536dae809679d5baf45c5b7eef9ef72f842c98d284c9ee072aeaf1d339fb3
8f954dbaa5e949e6502aad3f5dc94a0b53eb65b4980b03079537be637c5f4ba9
92538185f11c2023bd0a5e7030688eafbbc0e4a71886c2b6e608399f1ec8fb5b
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9d5b184d4932c729aec38cd649b06961cea64aff06d18ca587dbfb57d8bf8d4a
a07361b9992cee19b55676bde1d128c8cec6864ba8e9f158ba8eef071d36f107
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a217f682da3820af0dd29ec2a6f073c4dcda175af8d538052fc8786a95f3cd01
a7f44d3bc98f7b02879478758a8d3903ef51d1292f6b3a4fdaad1df616cb63ca
abb8c8a48e1155c695ed2f6108ceaf1e8e08a320101df132817b3be9bc77ff38
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afb817863e87f387bae94d77b0db46641f9ae8a31091e333a403cbebbc2654eb
b15eedd6588929360c174d245d6dd37c9545e2cdfa2a997736b19823209d3f76
b2cea84c60142ea60e4a2ce7ffc440387184266d0133f3141e5142ee4c160f8d
b67bf44e7b8499b538dbb08d3cbf19e5e24b1837ed5093b12640c80bc72ae185
c16d24b5ad5f829426da05faf3f7f00d81b8938981a71161bf229551a87e688b
c8880752bd23dcb52ca1f81afae793f849fd432d6bccc8726b985018a036dced
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9685b413894b0647b42edf9cac1fc0b2ed044c1fe238d843b9ca3d29db1b805
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d3b5f7df2c879f10f0def4475c707d889fc7a860ed809ff91035b48d263610fa
d60ab551b12381f4fb3a1e96340edb2f9f616f154bc22df54abe1cf21f768418
d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de4ec902576d897851c661999452a974bcd0ef3b1d7139dc7f052e9741a5b519
df7ea8fd76f1aa2239de4eba7d7a325c85695e822b1cdeb2fefb3a90394cb724
e1294852a9105d97adca4bc12c43b36b2cfa347f837ca7b9f755dcddbfab36f7
e233cde0337424a89df8f71bd45c2c4a2f9f5b699cf79144a5db2949d0bd4529
e26f12c5c9b90fcacce612148fbbdd171302587188e66ff2511f8d1582d91a6e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f79fcdac796872d796f062ca20e0f6b289c72e18fcc6ecb0ab224ff6d540103a
f9ff725b0497288c6fc4a50ce0f276593631311d3cfc0f296d98a8b918647cc8
fd2d3fed8d73fb4a3265475c444817343f3383348c254428f85e7b4b076c7dcf
fe3ff0a54ccdf8f85f6b3b213ad94793bbfa93008412819995ff34f265905e64

ng.guildcare.com.au Open in urlscan Pro 52.8.115.99 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

100 Requests

100 %HTTPS

63 %IPv6

20 Domains

27 Subdomains

24 IPs

4 Countries

3972 kBTransfer

9489 kBSize

12 Cookies

11 Outgoing links

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ng.guildcare.com.au Open in urlscan Pro
52.8.115.99 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

100 %
HTTPS

63 %
IPv6

20
Domains

27
Subdomains

24
IPs

4
Countries

3972 kB
Transfer

9489 kB
Size

12
Cookies

100 HTTP transactions
0 data transactions