urlscan.io logo urlscan.io
SecurityTrails logo

travel.medibank.com.au Open in urlscan Pro
2606:4700::6812:63f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://travel.medibank.com.au/
Effective URL: https://travel.medibank.com.au/
Submission: On June 07 via manual from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 6 countries across 17 domains to perform 79 HTTP transactions. The main IP is 2606:4700::6812:63f, located in United States and belongs to CLOUDFLARENET, US. The main domain is travel.medibank.com.au.
TLS certificate: Issued by Entrust Certification Authority - L1M on January 17th 2022. Valid for: a year.
This is the only time travel.medibank.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 22 2606:4700::68... 13335 (CLOUDFLAR...)
4 34.96.102.137 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
7 151.101.194.133 54113 (FASTLY)
9 2a00:1450:400... 15169 (GOOGLE)
4 23.36.162.25 20940 (AKAMAI-ASN1)
2 2a03:2880:f00... 32934 (FACEBOOK)
4 175.45.98.52 4826 (VOCUS-BAC...)
5 2.16.186.211 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 142.250.185.226 15169 (GOOGLE)
1 2a03:2880:f12... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 35.189.0.5 396982 (GOOGLE-CL...)
1 34.255.204.3 16509 (AMAZON-02)
1 1 142.250.186.98 15169 (GOOGLE)
79 21
22    2606:4700::6812:63f (United States)

ASN13335 (CLOUDFLARENET, US)
travel.medibank.com.au
4    34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
3    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
cdn.krxd.net
consumer.krxd.net
9    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    23.36.162.25 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-25.deploy.static.akamaitechnologies.com
cdn.livechatinc.com
2    2a03:2880:f006:21:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    175.45.98.52 (Sydney, Australia)

ASN4826 (VOCUS-BACKBONE-AS Vocus Connect International Backbone, AU)
PTR: ip-52.98.45.175.VOCUS.net.au
vxml4.plavxml.com
5    2.16.186.211 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-211.deploy.static.akamaitechnologies.com
api.livechatinc.com
secure.livechatinc.com
accounts.livechatinc.com
2    2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googleadservices.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
rec.smartlook.com
1    35.189.0.5 (Sydney, Australia)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 5.0.189.35.bc.googleusercontent.com
platform.cloud-iq.com.au
1    34.255.204.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-204-3.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
22 medibank.com.au
travel.medibank.com.au
553 KB
9 livechatinc.com
cdn.livechatinc.com — Cisco Umbrella Rank: 5902
api.livechatinc.com — Cisco Umbrella Rank: 4938
secure.livechatinc.com — Cisco Umbrella Rank: 5991
accounts.livechatinc.com — Cisco Umbrella Rank: 6923
270 KB
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
58 KB
8 krxd.net
cdn.krxd.net — Cisco Umbrella Rank: 1429
consumer.krxd.net — Cisco Umbrella Rank: 1843
beacon.krxd.net — Cisco Umbrella Rank: 424
179 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
48 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 6117
783 B
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
cm.g.doubleclick.net — Cisco Umbrella Rank: 191
3 KB
4 plavxml.com
vxml4.plavxml.com — Cisco Umbrella Rank: 162793
13 KB
4 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4989
66 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
672 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
185 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 114
15 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 144
37 KB
1 cloud-iq.com.au
platform.cloud-iq.com.au — Cisco Umbrella Rank: 766950
129 B
1 smartlook.com
rec.smartlook.com — Cisco Umbrella Rank: 17570
9 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 42
1 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
297 B
79 17
Domain Requested by
22 travel.medibank.com.au 1 redirects travel.medibank.com.au
9 www.google-analytics.com www.googletagmanager.com
travel.medibank.com.au
www.google-analytics.com
5 cdn.krxd.net travel.medibank.com.au
cdn.krxd.net
4 www.google.de travel.medibank.com.au
4 vxml4.plavxml.com www.googletagmanager.com
vxml4.plavxml.com
4 cdn.livechatinc.com travel.medibank.com.au
secure.livechatinc.com
4 dev.visualwebsiteoptimizer.com travel.medibank.com.au
dev.visualwebsiteoptimizer.com
3 www.google.com travel.medibank.com.au
3 api.livechatinc.com cdn.livechatinc.com
3 www.googletagmanager.com travel.medibank.com.au
www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
2 consumer.krxd.net cdn.krxd.net
2 www.gstatic.com www.googletagmanager.com
www.gstatic.com
2 www.googleadservices.com 1 redirects www.googletagmanager.com
2 stats.g.doubleclick.net www.google-analytics.com
2 connect.facebook.net travel.medibank.com.au
connect.facebook.net
1 cm.g.doubleclick.net 1 redirects
1 beacon.krxd.net cdn.krxd.net
1 platform.cloud-iq.com.au travel.medibank.com.au
1 rec.smartlook.com travel.medibank.com.au
1 accounts.livechatinc.com cdn.livechatinc.com
1 fonts.googleapis.com secure.livechatinc.com
1 secure.livechatinc.com cdn.livechatinc.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.facebook.com travel.medibank.com.au
79 25
Subject Issuer Validity Valid
travel.medibank.com.au
Entrust Certification Authority - L1M		 2022-01-17 -
2023-01-18		 a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2020-06-19 -
2022-07-06		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
cdn.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-30 -
2022-12-29		 a year crt.sh
livechat.com
DigiCert ECC Secure Server CA		 2022-02-25 -
2023-03-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-03-16 -
2022-06-14		 3 months crt.sh
vxml4.plavxml.com
Go Daddy Secure Certificate Authority - G2		 2020-04-16 -
2022-06-16		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-13 -
2022-07-12		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
1610534878.rsc.cdn77.org
R3		 2022-04-06 -
2022-07-05		 3 months crt.sh
*.cloud-iq.com.au
DigiCert SHA2 Secure Server CA		 2021-06-24 -
2022-07-13		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh

This page contains 3 frames:

Primary Page: https://travel.medibank.com.au/
Frame ID: BF0FF3DE8E56287F4F2C982E54C7B3BD
Requests: 67 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 100186DD0F80E614737326E7C69D84EF
Requests: 4 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=8166641&group=16&embedded=1&widget_version=3&unique_groups=0
Frame ID: 5952264E841ED4840C08B1FE36D7FB9A
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Medibank - Get a quote

Page URL History Show full URLs

  1. http://travel.medibank.com.au/ HTTP 301
    https://travel.medibank.com.au/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns
Overall confidence: 100%
Detected patterns
  • cdn\.livechatinc\.com/.*tracking\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • dev\.visualwebsiteoptimizer\.com/?([\d.]+)

Page Statistics

79
Requests

97 %
HTTPS

59 %
IPv6

17
Domains

25
Subdomains

21
IPs

6
Countries

1440 kB
Transfer

4673 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://travel.medibank.com.au/ HTTP 301
    https://travel.medibank.com.au/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://www.googleadservices.com/pagead/conversion/1038557586/wcm?cc=ZZ&dn=134190&cl=UlSXCKzUkYcBEJLDnO8D&ct_eid=2 HTTP 302
  • https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=134190&cl=UlSXCKzUkYcBEJLDnO8D
Request Chain 77
  • https://cm.g.doubleclick.net/pixel?google_nid=delacon_dmp&google_cm&sessid=e568f6d6d7b248c2a08a87c336f53691 HTTP 302
  • https://vxml4.plavxml.com/sited/ref/integration.jsp?sessid=e568f6d6d7b248c2a08a87c336f53691&google_gid=CAESEGPsUCUKVRG0AjsoYCaqjqo&google_cver=1

79 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
travel.medibank.com.au/
Redirect Chain
  • http://travel.medibank.com.au/
  • https://travel.medibank.com.au/
200 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://travel.medibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:63f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb6fbc4fe2354ff5d0e1fbfeb78fe45edab1f9f30d88b60b2278e080457fec6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
cache-control
must-revalidate, no-cache, private
cf-cache-status
DYNAMIC
cf-ray
717a5f073e459205-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=UTF-8
date
Tue, 07 Jun 2022 15:20:22 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sun, 19 Nov 1978 05:00:00 GMT
link
<https://www.medibank.com.au/travel-insurance/>; rel="canonical", <https://travel.medibank.com.au/>; rel="shortlink" <https://travel.medibank.com.au/>; rel="alternate"; hreflang="en" <https://travel.medibank.com.au/get-quote>; rel="revision"
permissions-policy
interest-cohort=()
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
varnish
x-ah-environment
01live
x-cache
MISS
x-content-type-options
nosniff
x-drupal-dynamic-cache
UNCACHEABLE
x-generator
Drupal 9 (https://www.drupal.org)
x-request-id
v-589a7232-e675-11ec-bbd7-eb9ece2ab7fe
x-ua-compatible
IE=edge

Redirect headers

CF-RAY
717a5f06dda29189-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 07 Jun 2022 15:20:20 GMT
Expires
Tue, 07 Jun 2022 16:20:20 GMT
Location
https://travel.medibank.com.au/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
css_E2E9x36_yV2OZX_PuR-Qligt0_3yos49KLazj5EesdI.css
travel.medibank.com.au/sites/g/files/xfwnwa186/files/css/ 		76 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://travel.medibank.com.au/sites/g/files/xfwnwa186/files/css/css_E2E9x36_yV2OZX_PuR-Qligt0_3yos49KLazj5EesdI.css
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:63f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13613dc77ebfc95d8e657fcfb91f9096282dd3fdf2a2ce3d28b6b38f911eb1d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:23 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
x-cache-hits
148
x-ah-environment
01live
content-encoding
br
vary
Accept-Encoding
x-request-id
v-90269bce-e074-11ec-9d5e-eb9362c2643b
last-modified
Tue, 17 May 2022 08:17:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
text/css
cache-control
max-age=1209600
cf-ray
717a5f160f1e9205-FRA
expires
Mon, 13 Jun 2022 23:59:38 GMT
css__Lk1wC5u5oJ2tsf-HuIQUsT_TuhrIgjdmK8oL1aGvdg.css
travel.medibank.com.au/sites/g/files/xfwnwa186/files/css/ 		400 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://travel.medibank.com.au/sites/g/files/xfwnwa186/files/css/css__Lk1wC5u5oJ2tsf-HuIQUsT_TuhrIgjdmK8oL1aGvdg.css
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:63f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcb935c02e6ee68276b6c7fe1ee21052c4ff4ee86b2208dd98af282f5686bdd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:24 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
x-cache-hits
157
x-ah-environment
01live
content-encoding
br
vary
Accept-Encoding
x-request-id
v-9796f4a6-e067-11ec-b8b9-1b9fd774f711
last-modified
Tue, 17 May 2022 08:17:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
text/css
cache-control
max-age=1209600
cf-ray
717a5f160f229205-FRA
expires
Mon, 13 Jun 2022 22:26:47 GMT
twitter.png
travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/images/backgrounds/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/images/backgrounds/twitter.png
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:63f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
327c53faaaa94c4bc54fe45897d85db5d1f23288ef0bda01aadcd2c9670b6dea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:23 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
x-cache-hits
144
x-ah-environment
01live
vary
Accept-Encoding
content-length
6016
x-request-id
v-0eeadc5e-e089-11ec-8bed-0b72e5b1b409
last-modified
Wed, 06 Jan 2021 14:09:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
717a5f163f739205-FRA
expires
Tue, 14 Jun 2022 02:26:20 GMT
facebook.png
travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/images/backgrounds/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/images/backgrounds/facebook.png
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:63f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b81275abd7716feb066ee5614d928ebf3fca743f32aff15d7ed4227f84cdb377
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:23 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
x-cache-hits
147
x-ah-environment
01live
vary
Accept-Encoding
content-length
4773
x-request-id
v-912ff9d4-e074-11ec-8e78-b76347e4a88d
last-modified
Wed, 06 Jan 2021 13:43:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
717a5f163f759205-FRA
expires
Mon, 13 Jun 2022 23:59:39 GMT
instagram.png
travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/images/backgrounds/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/images/backgrounds/instagram.png
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:63f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0526fbacac4f69153a2717d79975c3f5898f88faf874a2b0211a2368977b6f91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:23 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
x-cache-hits
159
x-ah-environment
01live
vary
Accept-Encoding
content-length
5871
x-request-id
v-1e012de2-e034-11ec-b9d9-bbede87b1751
last-modified
Wed, 06 Jan 2021 13:43:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
717a5f163f779205-FRA
expires
Mon, 13 Jun 2022 16:18:18 GMT
linkedin.png
travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/images/backgrounds/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/images/backgrounds/linkedin.png
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:63f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4b75b80fe390765bbba79d438b25a30328cbf806858a322edca956beb4b6e39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:23 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
x-cache-hits
154
x-ah-environment
01live
vary
Accept-Encoding
content-length
5308
x-request-id
v-1e11b040-e034-11ec-a23a-e38173df498d
last-modified
Wed, 06 Jan 2021 14:09:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
717a5f163f799205-FRA
expires
Mon, 13 Jun 2022 16:18:18 GMT
youtube.png
travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/images/backgrounds/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/images/backgrounds/youtube.png
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:63f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e83ccc5b8534cfae494d559972047e80598026b7d533a52a86d269f9fc900b85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:23 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
x-cache-hits
159
x-ah-environment
01live
vary
Accept-Encoding
content-length
6090
x-request-id
v-1eda95a0-e034-11ec-b869-b753a530cde1
last-modified
Wed, 06 Jan 2021 13:43:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
717a5f163f7a9205-FRA
expires
Mon, 13 Jun 2022 16:18:20 GMT
js_KtTCs-hfVN_ryn-gs3QXzTcC8qzL0u7gud3zvBBz8Tw.js
travel.medibank.com.au/sites/g/files/xfwnwa186/files/js/ 		1 MB
280 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travel.medibank.com.au/sites/g/files/xfwnwa186/files/js/js_KtTCs-hfVN_ryn-gs3QXzTcC8qzL0u7gud3zvBBz8Tw.js
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:63f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ad4c2b3e85f54dfebca7fa0b37417cd3702f2accbd2eee0b9ddf3bc1073f13c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:25 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
x-cache-hits
145
x-ah-environment
01update
content-encoding
br
vary
Accept-Encoding
x-request-id
v-d99e9b32-d5b9-11ec-a78a-df84d2196d3e
last-modified
Tue, 17 May 2022 08:17:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
text/javascript
cache-control
max-age=1209600
cf-ray
717a5f163f719205-FRA
expires
Tue, 14 Jun 2022 08:19:41 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=242564&amp;u=https%3A%2F%2Ftravel.medibank.com.au%2F&amp;f=1&amp;r=0.24798402218910587
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
576f7d32f586b2a033e0731d1a7c534da76ea0a6fe7b72eab9cb68684fac0d87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Jun 2022 15:20:22 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
gtm.js
www.googletagmanager.com/ 		220 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W8PZB8M
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1ee5c517d2cba6d898ee3d4bc63b202e586260888e3d28d37dc32f7b6323602c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:22 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73037
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 Jun 2022 15:20:22 GMT
va-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
dev.visualwebsiteoptimizer.com/7.0/ 		222 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/7.0/va-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=242564&amp;u=https%3A%2F%2Ftravel.medibank.com.au%2F&amp;f=1&amp;r=0.24798402218910587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
2f1d110f99e1c5b6de8f60679f654469d0849b4447b000bcf6a8d941b14a2580

Request headers

Referer
https://travel.medibank.com.au/
Origin
https://travel.medibank.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:22 GMT
content-encoding
br
last-modified
Tue, 07 Jun 2022 11:15:32 GMT
server
gams1
etag
"629f3354-fbd2"
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64466
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=242564&d=travel.medibank.com.au&u=D1259075142AEB65DC7E7C13F8AB4E0AC&h=ce7813fad5e95b3f185e25ee7dcbec5d&t=false&r=0.8007017875546616
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 15:20:22 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
texujiyab.js
cdn.krxd.net/controltag/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/texujiyab.js
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c6fe877d800ec3265f82ce491b1e55b722c05ebce97760cfcc53536167f064f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Tue, 07 Jun 2022 15:20:23 GMT
via
1.1 varnish, 1.1 varnish
age
190
x-cache
MISS, HIT, MISS
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
5441
x-served-by
config-service-a004-ash-prod.krxd.net, cache-iad-kiad7000141-IAD, cache-fra19139-FRA
x-response-time
1
x-do-esi
esi
x-timer
S1654615223.943899,VS0,VE89
etag
"6c5ad2d4a30365b21de53081daaf4a05b919de7f"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8PZB8M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6336
date
Tue, 07 Jun 2022 13:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 07 Jun 2022 15:34:46 GMT
optimize.js
www.google-analytics.com/gtm/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=GTM-MZF88RQ
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8PZB8M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5f7f3252bba9e84ccc76f92fcb3fb9dc51b30f2478bfbbfa75325225237e047f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:22 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38558
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 Jun 2022 15:20:22 GMT
js
www.googletagmanager.com/gtag/ 		153 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1047207987
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8PZB8M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
02d9013227fe1f829d732d48a65845d6e8209d964fe5b31e6164603f0d02f394
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:22 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57959
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 Jun 2022 15:20:22 GMT
tracking.js
cdn.livechatinc.com/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/tracking.js
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-25.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a1f0571e990a300c140106dab790d76fa31b28a8965827eacb407c290dee19d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
eFqe2toJrAOdldUolONRwOlwYdXISlpp
content-encoding
br
last-modified
Tue, 07 Jun 2022 10:31:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
W/"88cf9f401d2953815a15deec7366ea2c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=28800
date
Tue, 07 Jun 2022 15:20:22 GMT
content-length
24213
x-amz-cf-id
sLKu-iW95S01BJsb2qwcggXjr11RX6tIyHHcnBVFYidRYUj-WT9xSg==
expires
Tue, 07 Jun 2022 23:20:22 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f006:21:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26310
x-xss-protection
0
pragma
public
x-fb-debug
GFfqVOdO0rkxPFq/HWhZMEE+eDVv4ZcB0K7ogPI/vtP1DwGd41aFR0CZLG47cLLJnAAJtd70RcZHxPTKqt1TAw==
x-fb-trip-id
2095733797
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 07 Jun 2022 15:20:22 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
669-86757
vxml4.plavxml.com/sited/ref/ctrk/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vxml4.plavxml.com/sited/ref/ctrk/669-86757
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8PZB8M
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.45.98.52 Sydney, Australia, ASN4826 (VOCUS-BACKBONE-AS Vocus Connect International Backbone, AU),
Reverse DNS
ip-52.98.45.175.VOCUS.net.au
Software
Apache /
Resource Hash
2431f2676befcb26b9b2881ec4c6199e17d80bb85769b57098d4d9ac868de0c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 15:20:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/javascript;charset=ISO-8859-1
Connection
close
Vary
Accept-Encoding
Content-Length
7773
X-XSS-Protection
1;mode=block
settings.js
dev.visualwebsiteoptimizer.com/ 		392 B
290 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=242564&settings_type=1&vn=7.0&r=0.6831280720010784
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/7.0/va-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
870a3b56ce7e6fae915464d87f3480b90b3c777be5b9ba34faf94a01308e04d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:22 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
get_dynamic_configuration
api.livechatinc.com/v3.3/customer/action/ 		250 B
468 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=8166641&url=https%3A%2F%2Ftravel.medibank.com.au%2F&channel_type=code&jsonp=__d9cqbaot98q
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
47cefdb4021d407ec237bafb2d2ebb74d7d9e17d8d8978b893f06817f777794a
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://travel.medibank.com.au/;
X-Frame-Options allow-from https://travel.medibank.com.au/

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors https://travel.medibank.com.au/;
vary
Accept-Encoding
x-frame-options
allow-from https://travel.medibank.com.au/
date
Tue, 07 Jun 2022 15:20:23 GMT
content-length
250
legacy
2023-06-30
content-type
application/javascript; charset=UTF-8
826871974004546
connect.facebook.net/signals/config/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/826871974004546?v=2.9.61&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f006:21:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
968c3b2efeec9a16bf9807e9d782a7c66d5dc3a1fd3d05b4bdd72f1a89df3508
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
svCWHcCtLLCxuOIvVD2/0bclIFLrrmbEovOJfoXC2focUyH2hm2TtRM0/iWrQJPgbOat+YIjIna/O19CcPrJxg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 07 Jun 2022 15:20:23 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1654615223026
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-611799-1&cid=2039096479.1654615223&jid=987315144&gjid=2089524834&_gid=599716205.1654615223&_u=YGBAiEABRAAAAE~&z=876618212
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://travel.medibank.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 07 Jun 2022 15:20:23 GMT
content-type
text/plain
access-control-allow-origin
https://travel.medibank.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2012909403&t=pageview&_s=1&dl=https%3A%2F%2Ftravel.medibank.com.au%2F&ul=en-us&de=UTF-8&dt=Medibank%20-%20Get%20a%20quote&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABR~&jid=987315144&gjid=2089524834&cid=2039096479.1654615223&tid=UA-611799-1&_gid=599716205.1654615223&gtm=2wg660W8PZB8M&z=1186329680
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Jun 2022 20:04:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
69351
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2012909403&t=event&ni=0&_s=1&dl=https%3A%2F%2Ftravel.medibank.com.au%2F&ul=en-us&de=UTF-8&dt=Medibank%20-%20Get%20a%20quote&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Purchase%20Type&ea=standard&el=Medibank%20-%20Get%20a%20quote&_u=aGDACEABRAAAAG~&jid=1477125680&gjid=1281841058&cid=2039096479.1654615223&tid=UA-71530115-1&_gid=599716205.1654615223&_r=1&gtm=2wg660W8PZB8M&z=102045136
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://travel.medibank.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 15:20:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://travel.medibank.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2012909403&t=event&ni=1&_s=1&dl=https%3A%2F%2Ftravel.medibank.com.au%2F&ul=en-us&de=UTF-8&dt=Medibank%20-%20Get%20a%20quote&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=browser_info&ea=incognito&el=false&_u=aGHACEABRAAAAG~&jid=&gjid=&cid=2039096479.1654615223&tid=UA-71530115-1&_gid=599716205.1654615223&gtm=2wg660W8PZB8M&z=1548078000
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Jun 2022 20:04:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
69351
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2012909403&t=pageview&_s=1&dl=https%3A%2F%2Ftravel.medibank.com.au%2F&ul=en-us&de=UTF-8&dt=Medibank%20-%20Get%20a%20quote&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGHACEABRAAAAG~&jid=&gjid=&cid=2039096479.1654615223&tid=UA-71530115-1&_gid=599716205.1654615223&gtm=2wg660W8PZB8M&cd3=standard&z=1685857517
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Jun 2022 20:04:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
69351
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1047207987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15000
x-xss-protection
0
server
cafe
etag
6069194915506431635
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 07 Jun 2022 15:20:23 GMT
js
www.googletagmanager.com/gtag/ 		153 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1038557586&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1047207987
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3d7ab1cb1f1dac47256801355e92d1f6c7b018730daeffe4f30cbdf577d9904a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57907
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 Jun 2022 15:20:23 GMT
controltag.js.387e8802bbd0d9fbfa52c1546d7297df
cdn.krxd.net/ctjs/ 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/texujiyab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d1872ace7c3af8a214bec239d58ad3d4f3e0d5eee7a18bb416aa9cd28fff233d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Tue, 07 Jun 2022 15:20:23 GMT
content-encoding
gzip
age
3491280
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
525138
content-length
84742
x-served-by
cache-fra19139-FRA
last-modified
Thu, 28 Apr 2022 05:17:05 GMT
x-timer
S1654615223.062604,VS0,VE0
etag
"387e8802bbd0d9fbfa52c1546d7297df"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Sun, 25 Apr 2032 05:17:04 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=826871974004546&ev=PageView&dl=https%3A%2F%2Ftravel.medibank.com.au%2F&rl=&if=false&ts=1654615223062&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=28&fbp=fb.2.1654615223060.1251663879&it=1654615222970&coo=false&rqm=GET
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:23 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 07 Jun 2022 15:20:23 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-71530115-1&cid=2039096479.1654615223&jid=1477125680&gjid=1281841058&_gid=599716205.1654615223&_u=aGDACEABRAAAAG~&z=1116301997
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://travel.medibank.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 07 Jun 2022 15:20:23 GMT
content-type
text/plain
access-control-allow-origin
https://travel.medibank.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-611799-1&cid=2039096479.1654615223&jid=987315144&_u=YGBAiEABRAAAAE~&z=1595608879
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 15:20:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-611799-1&cid=2039096479.1654615223&jid=987315144&_u=YGBAiEABRAAAAE~&z=1595608879
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 15:20:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 1001 		805 B
827 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Referer
https://travel.medibank.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
31334280
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
525
content-type
text/html
date
Tue, 07 Jun 2022 15:20:23 GMT
etag
"3d2100fd7107262ecb55ce6847f01fa5"
expires
Fri, 19 Feb 2027 17:50:50 GMT
last-modified
Tue, 21 Feb 2017 17:50:54 GMT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
212958
x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
x-served-by
cache-fra19139-FRA
x-timer
S1654615223.101061,VS0,VE0
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-71530115-1&cid=2039096479.1654615223&jid=1477125680&_u=aGDACEABRAAAAG~&z=325528891
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 15:20:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-71530115-1&cid=2039096479.1654615223&jid=1477125680&_u=aGDACEABRAAAAG~&z=325528891
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 15:20:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
texujiyab.js
cdn.krxd.net/controltag/ Frame 1001 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/texujiyab.js
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c6fe877d800ec3265f82ce491b1e55b722c05ebce97760cfcc53536167f064f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Tue, 07 Jun 2022 15:20:23 GMT
via
1.1 varnish, 1.1 varnish
age
190
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
5441
x-served-by
config-service-a004-ash-prod.krxd.net, cache-iad-kiad7000141-IAD, cache-fra19139-FRA
x-response-time
1
x-do-esi
esi
x-timer
S1654615223.125103,VS0,VE0
etag
"6c5ad2d4a30365b21de53081daaf4a05b919de7f"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 1
loader.js
www.gstatic.com/wcm/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/wcm/loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1038557586&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 14:24:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3375
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
last-modified
Mon, 15 Mar 2021 16:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 07 Jun 2022 15:24:08 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1047207987/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1047207987/?random=1654615223133&cv=9&fst=1654615223133&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ftravel.medibank.com.au%2F&tiba=Medibank%20-%20Get%20a%20quote&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9be868b95bcca2a0bc7fbea65da439ddfef1e98e1eaeb992fff6b20d91cdcea5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 15:20:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1036
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
controltag.js.387e8802bbd0d9fbfa52c1546d7297df
cdn.krxd.net/ctjs/ Frame 1001 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/texujiyab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d1872ace7c3af8a214bec239d58ad3d4f3e0d5eee7a18bb416aa9cd28fff233d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Tue, 07 Jun 2022 15:20:23 GMT
content-encoding
gzip
age
3491280
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
525139
content-length
84742
x-served-by
cache-fra19139-FRA
last-modified
Thu, 28 Apr 2022 05:17:05 GMT
x-timer
S1654615223.146011,VS0,VE0
etag
"387e8802bbd0d9fbfa52c1546d7297df"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Sun, 25 Apr 2032 05:17:04 GMT
get_configuration
api.livechatinc.com/v3.3/customer/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=8166641&version=2421.13.13.6417.77.397.201.29.30.5.14.13&group_id=16&jsonp=__lc_static_config
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3c28111ddfdf5e6b44ca770b1b8c118fa41254b606d07601d6707a751483bfb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:23 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
legacy
2023-06-30
cache-control
public, max-age=600
content-length
1590
expires
Tue, 07 Jun 2022 15:30:23 GMT
0849482a-7115-40f8-ae35-d4e896055f07
consumer.krxd.net/consent/get/ 		243 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/0849482a-7115-40f8-ae35-d4e896055f07?idt=device&dt=kxcookie&callback=Krux.ns.medibankprivate.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4b2ce49c2e1bbc6d07b51852956c56cfb29c0b618e6dacd8281c5e01e7ebbc28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:23 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a011-dub-prod.krxd.net, cache-fra19138-FRA
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1654615223.166429,VS0,VE29
content-length
193
x-cache-hits
0, 0
0849482a-7115-40f8-ae35-d4e896055f07
consumer.krxd.net/consent/get/ Frame 1001 		228 B
286 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/0849482a-7115-40f8-ae35-d4e896055f07?idt=device&dt=kxcookie&callback=Krux.ns.medibankprivate.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b44522a3f7fbf840453a45760d6cc73f65e380dd66fea563daa1b2cadad85a61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:23 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a009-dub-prod.krxd.net, cache-fra19138-FRA
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1654615223.184467,VS0,VE27
content-length
186
x-cache-hits
0, 0
call-tracking_7.js
www.gstatic.com/call-tracking/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/call-tracking/call-tracking_7.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 06:35:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21020
x-xss-protection
0
last-modified
Wed, 03 Feb 2021 22:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-telephony"
vary
Accept-Encoding
report-to
{"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 06 Jun 2023 06:35:27 GMT
/
www.google.com/pagead/1p-user-list/1047207987/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1047207987/?random=1654615223133&cv=9&fst=1654614000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ftravel.medibank.com.au%2F&tiba=Medibank%20-%20Get%20a%20quote&async=1&fmt=3&is_vtc=1&random=234264945&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 15:20:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1047207987/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1047207987/?random=1654615223133&cv=9&fst=1654614000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ftravel.medibank.com.au%2F&tiba=Medibank%20-%20Get%20a%20quote&async=1&fmt=3&is_vtc=1&random=234264945&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 15:20:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wcm
www.google.de/pagead/attribution/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1038557586/wcm?cc=ZZ&dn=134190&cl=UlSXCKzUkYcBEJLDnO8D&ct_eid=2
  • https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=134190&cl=UlSXCKzUkYcBEJLDnO8D
80 B
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=134190&cl=UlSXCKzUkYcBEJLDnO8D
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H3
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
application/json; charset=UTF-8
access-control-allow-origin
null
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87
x-xss-protection
0

Redirect headers

timing-allow-origin
*
date
Tue, 07 Jun 2022 15:20:23 GMT
x-content-type-options
nosniff
server
cafe
location
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=134190&cl=UlSXCKzUkYcBEJLDnO8D
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://travel.medibank.com.au
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
open_chat
secure.livechatinc.com/customer/action/ Frame 5952 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/customer/action/open_chat?license_id=8166641&group=16&embedded=1&widget_version=3&unique_groups=0
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
74c260f86ed695e723b0d2f010ecb330bedcd4c7d2dcffbb9cda590a7222dc7d

Request headers

Referer
https://travel.medibank.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
1987
content-type
text/html; charset=utf-8
date
Tue, 07 Jun 2022 15:20:23 GMT
vary
Accept-Encoding
get_localization
api.livechatinc.com/v3.3/customer/action/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.3/customer/action/get_localization?license_id=8166641&version=ff93808ef52c6dd040640c4853b854bd_176c51b86413907eb0417106b69cc48b&language=en&group_id=16&jsonp=__lc_localization
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4a7068ee97d6df02dcbf81a6c757a224b0d9d1420e0dde139c140bbeb2d4afeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:23 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
legacy
2023-06-30
cache-control
public, max-age=600
content-length
3783
expires
Tue, 07 Jun 2022 15:30:23 GMT
css
fonts.googleapis.com/ Frame 5952 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=8166641&group=16&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ce2e29fbc4e24edb01b73f09bb5a9e616af2cbc270c23d3b804e251ef247f13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:23:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 07 Jun 2022 15:20:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Jun 2022 15:20:23 GMT
0.15fb1a69.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 5952 		208 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/0.15fb1a69.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=8166641&group=16&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-25.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1eb7f96550baa7122111f189a87c107d654f037f92b6c6f305a2ec4925de238e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
86bJfdBwIYbEsHS0KhR0VEcn3IKNjCyV
content-encoding
br
last-modified
Thu, 14 Apr 2022 10:07:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
W/"e1c5ae761b035e078f16539c7a724199"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
date
Tue, 07 Jun 2022 15:20:23 GMT
content-length
65896
x-amz-cf-id
eMZE544gHsLN4HlhhuFh126jcjlSrvgctCsxgNNSiTMMgDVrBLWq9g==
expires
Wed, 07 Jun 2023 15:20:23 GMT
2.cfcaf31c.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 5952 		218 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/2.cfcaf31c.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=8166641&group=16&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-25.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
468c139eadb67c474f5cf5ed00fc117ab07298284b55c1dee696236c8f085806

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
brd0wPPM5.aLIcQHuAe6lW.kaBDXniO6
content-encoding
br
last-modified
Thu, 28 Apr 2022 12:44:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"ae006549d13fe0e4c037c6bcad6ec22c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
date
Tue, 07 Jun 2022 15:20:23 GMT
content-length
63082
x-amz-cf-id
OEJeBcjRj72tfU2JsctgjqsWjW4iibIfN3B_zkNg44g22Glj59t6qQ==
expires
Wed, 07 Jun 2023 15:20:23 GMT
iframe.97465231.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 5952 		409 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/iframe.97465231.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=8166641&group=16&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-25.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
edae08b4bc872809af49dfdf398aa5f0c1edb1ffdacfbd650462d108e96cdda9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
enbrJIXPMJy5cBPf4DltggZw5B8IiqO3
content-encoding
br
last-modified
Tue, 07 Jun 2022 10:31:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"b3664128be911a2531cd78221110188f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
date
Tue, 07 Jun 2022 15:20:23 GMT
content-length
112178
x-amz-cf-id
O21PaQ9FLOesjuWg57nZgXvXJzQCCYUeHpQpTNcwgPFKiQxywWKKmQ==
expires
Wed, 07 Jun 2023 15:20:23 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ Frame 5952 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.livechatinc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 17:47:57 GMT
x-content-type-options
nosniff
age
77546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12860
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:27:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 17:47:57 GMT
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ Frame 5952 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.livechatinc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:22:46 GMT
x-content-type-options
nosniff
age
82657
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12684
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:28:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 16:22:46 GMT
token
accounts.livechatinc.com/customer/ Frame 5952 		138 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.livechatinc.com/customer/token
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/0.15fb1a69.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8154c292a456247d78c3b606c4f262243d3b2ac99fef32cc156f39b200220039

Request headers

Referer
https://secure.livechatinc.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 15:20:24 GMT
content-type
application/json
access-control-allow-origin
https://secure.livechatinc.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
138
expires
Fri, 01 Jan 1990 00:00:00 GMT
phnumint_md_gp.jsp
vxml4.plavxml.com/sited/ref/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vxml4.plavxml.com/sited/ref/phnumint_md_gp.jsp?clib=0&sessid=&m_id=669&cids=86757&gcids=&ref=&orilpg=&extTrkStr=&extTrkAction=&domain=.medibank.com.au&anupd=1&dref=&ref2=https%3A%2F%2Ftravel.medibank.com.au%2F&cachebuster=1654615224074
Requested by
Host: vxml4.plavxml.com
URL: https://vxml4.plavxml.com/sited/ref/ctrk/669-86757
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.45.98.52 Sydney, Australia, ASN4826 (VOCUS-BACKBONE-AS Vocus Connect International Backbone, AU),
Reverse DNS
ip-52.98.45.175.VOCUS.net.au
Software
Apache /
Resource Hash
6ad45887c62450ca2d1eed50c5337b933a0fb8ce75b2a0d642360887d0032da0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 15:20:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/javascript;charset=ISO-8859-1
Connection
close
Vary
Accept-Encoding
Content-Length
3932
X-XSS-Protection
1;mode=block
integration.jsp
vxml4.plavxml.com/sited/ref/ 		0
379 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vxml4.plavxml.com/sited/ref/integration.jsp?sessid=e568f6d6d7b248c2a08a87c336f53691&uacid=2039096479.1654615223
Requested by
Host: vxml4.plavxml.com
URL: https://vxml4.plavxml.com/sited/ref/phnumint_md_gp.jsp?clib=0&sessid=&m_id=669&cids=86757&gcids=&ref=&orilpg=&extTrkStr=&extTrkAction=&domain=.medibank.com.au&anupd=1&dref=&ref2=https%3A%2F%2Ftravel.medibank.com.au%2F&cachebuster=1654615224074
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.45.98.52 Sydney, Australia, ASN4826 (VOCUS-BACKBONE-AS Vocus Connect International Backbone, AU),
Reverse DNS
ip-52.98.45.175.VOCUS.net.au
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 15:20:24 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Connection
close
Content-Length
0
X-XSS-Protection
1;mode=block
DinRegular.woff
travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/fonts/DinRegular/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/fonts/DinRegular/DinRegular.woff
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/sites/g/files/xfwnwa186/files/css/css__Lk1wC5u5oJ2tsf-HuIQUsT_TuhrIgjdmK8oL1aGvdg.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:63f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19313031f4c638e9d3a421230237024ff29a2d50ea0eb414a414e85157e48a76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://travel.medibank.com.au/sites/g/files/xfwnwa186/files/css/css__Lk1wC5u5oJ2tsf-HuIQUsT_TuhrIgjdmK8oL1aGvdg.css
Origin
https://travel.medibank.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:25 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
x-cache-hits
209
x-ah-environment
01live
vary
Accept-Encoding
content-length
13908
x-request-id
v-937d52e0-e074-11ec-836e-7bac3ce682de
last-modified
Wed, 06 Jan 2021 13:43:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
717a5f219bc99205-FRA
expires
Mon, 13 Jun 2022 23:59:43 GMT
icon-phone.svg
travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/images/backgrounds/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/images/backgrounds/icon-phone.svg
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/sites/g/files/xfwnwa186/files/css/css__Lk1wC5u5oJ2tsf-HuIQUsT_TuhrIgjdmK8oL1aGvdg.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:63f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6553a0fa0bf123d9f440170fcef70aaed32b27b9baa983fc375ea6e2abb4422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/sites/g/files/xfwnwa186/files/css/css__Lk1wC5u5oJ2tsf-HuIQUsT_TuhrIgjdmK8oL1aGvdg.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:25 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
x-cache-hits
116
x-ah-environment
01live
content-encoding
br
vary
Accept-Encoding
x-request-id
v-919c0a70-e074-11ec-be2e-7b03beb91252
last-modified
Wed, 06 Jan 2021 13:43:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
max-age=1209600
cf-ray
717a5f219bca9205-FRA
expires
Mon, 13 Jun 2022 23:59:40 GMT
question.svg
travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/images/icons/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/images/icons/question.svg
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/sites/g/files/xfwnwa186/files/css/css__Lk1wC5u5oJ2tsf-HuIQUsT_TuhrIgjdmK8oL1aGvdg.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:63f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9d7bfb74f1dceb0a265283cd59570160b900554010b602dac4588a1f8d5143c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/sites/g/files/xfwnwa186/files/css/css__Lk1wC5u5oJ2tsf-HuIQUsT_TuhrIgjdmK8oL1aGvdg.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:25 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
x-cache-hits
140
x-ah-environment
01live
content-encoding
br
vary
Accept-Encoding
x-request-id
v-9a6a80a8-e067-11ec-b4eb-37577b55022a
last-modified
Wed, 06 Jan 2021 13:43:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
max-age=1209600
cf-ray
717a5f219bcd9205-FRA
expires
Mon, 13 Jun 2022 22:26:51 GMT
frontcalendar.png
travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/images/icons/ 		332 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/images/icons/frontcalendar.png
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/sites/g/files/xfwnwa186/files/css/css__Lk1wC5u5oJ2tsf-HuIQUsT_TuhrIgjdmK8oL1aGvdg.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:63f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed775afe5fbe1ddccf9541a1ff8ae41d9f840e272166a1175bf3a31dd291023e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/sites/g/files/xfwnwa186/files/css/css__Lk1wC5u5oJ2tsf-HuIQUsT_TuhrIgjdmK8oL1aGvdg.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:25 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
x-cache-hits
139
x-ah-environment
01live
vary
Accept-Encoding
content-length
332
x-request-id
v-1c11a340-e034-11ec-878d-77a3d6895786
last-modified
Wed, 06 Jan 2021 13:43:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
717a5f219bcf9205-FRA
expires
Mon, 13 Jun 2022 16:18:15 GMT
addbutton.png
travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/images/icons/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/images/icons/addbutton.png
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/sites/g/files/xfwnwa186/files/css/css__Lk1wC5u5oJ2tsf-HuIQUsT_TuhrIgjdmK8oL1aGvdg.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:63f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0fa2ac90d54524957e136bbcba4257d79dbcecb689365d9a937ba7db252460
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/sites/g/files/xfwnwa186/files/css/css__Lk1wC5u5oJ2tsf-HuIQUsT_TuhrIgjdmK8oL1aGvdg.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:25 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
x-cache-hits
149
x-ah-environment
01live
vary
Accept-Encoding
content-length
3546
x-request-id
v-1c0fe442-e034-11ec-aaa0-6b401bab6e7b
last-modified
Wed, 06 Jan 2021 14:09:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
717a5f219bd39205-FRA
expires
Mon, 13 Jun 2022 16:18:15 GMT
select-arrow.svg
travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/images/icons/ 		747 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/images/icons/select-arrow.svg
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/sites/g/files/xfwnwa186/files/css/css__Lk1wC5u5oJ2tsf-HuIQUsT_TuhrIgjdmK8oL1aGvdg.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:63f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba242b34f968040fee3717849825fd8e4870951e6dcbd5bf92e3bfceac6e3892
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/sites/g/files/xfwnwa186/files/css/css__Lk1wC5u5oJ2tsf-HuIQUsT_TuhrIgjdmK8oL1aGvdg.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:25 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
x-cache-hits
140
x-ah-environment
01live
content-encoding
br
vary
Accept-Encoding
x-request-id
v-1c0e7940-e034-11ec-a636-ffddeb3217b4
last-modified
Wed, 06 Jan 2021 14:09:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
max-age=1209600
cf-ray
717a5f219bd79205-FRA
expires
Mon, 13 Jun 2022 16:18:15 GMT
radio-unselected.svg
travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/images/icons/ 		275 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/images/icons/radio-unselected.svg
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/sites/g/files/xfwnwa186/files/css/css__Lk1wC5u5oJ2tsf-HuIQUsT_TuhrIgjdmK8oL1aGvdg.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:63f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c8ea1fe11c29b08a015b17f0b5c31f8d80064f2f445e48ac80a0cbda58ab9db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/sites/g/files/xfwnwa186/files/css/css__Lk1wC5u5oJ2tsf-HuIQUsT_TuhrIgjdmK8oL1aGvdg.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:25 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
x-cache-hits
140
x-ah-environment
01live
content-encoding
br
vary
Accept-Encoding
x-request-id
v-cc2bcbcc-e064-11ec-91d2-e7dcf44298d5
last-modified
Wed, 06 Jan 2021 13:43:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
max-age=1209600
cf-ray
717a5f21abdf9205-FRA
expires
Mon, 13 Jun 2022 22:06:46 GMT
medibank-icon.png
travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/images/backgrounds/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/images/backgrounds/medibank-icon.png
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/sites/g/files/xfwnwa186/files/css/css__Lk1wC5u5oJ2tsf-HuIQUsT_TuhrIgjdmK8oL1aGvdg.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:63f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98ce472258444a2a0672181433f997e39f8b5274215a4632374756722011a135
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/sites/g/files/xfwnwa186/files/css/css__Lk1wC5u5oJ2tsf-HuIQUsT_TuhrIgjdmK8oL1aGvdg.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:25 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
x-cache-hits
144
x-ah-environment
01live
vary
Accept-Encoding
content-length
6720
x-request-id
v-1f25cf34-e034-11ec-a618-df6ada6a32ed
last-modified
Wed, 06 Jan 2021 14:09:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
717a5f21abe19205-FRA
expires
Mon, 13 Jun 2022 16:18:20 GMT
DINOTMedium.woff2
travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/fonts/DINOTMedium/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/fonts/DINOTMedium/DINOTMedium.woff2
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/sites/g/files/xfwnwa186/files/css/css__Lk1wC5u5oJ2tsf-HuIQUsT_TuhrIgjdmK8oL1aGvdg.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:63f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8e10f270db9892f49eba89913b39531becbe5b0b2fec66a7bf1c2dce0eac426
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://travel.medibank.com.au/sites/g/files/xfwnwa186/files/css/css__Lk1wC5u5oJ2tsf-HuIQUsT_TuhrIgjdmK8oL1aGvdg.css
Origin
https://travel.medibank.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:26 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
x-cache-hits
198
x-ah-environment
01live
vary
Accept-Encoding
content-length
14928
x-request-id
v-1c0e4b0a-e034-11ec-a568-df2ddc1a829c
last-modified
Wed, 06 Jan 2021 14:09:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
717a5f21abe29205-FRA
expires
Mon, 13 Jun 2022 16:18:15 GMT
din_bold-webfont.ttf
travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/fonts/DinBold/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://travel.medibank.com.au/sites/g/files/xfwnwa186/themes/site/cmap_subtheme/fonts/DinBold/din_bold-webfont.ttf
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/sites/g/files/xfwnwa186/files/css/css__Lk1wC5u5oJ2tsf-HuIQUsT_TuhrIgjdmK8oL1aGvdg.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:63f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4c125e9ded037230bcd9ec2459a80bbc612b862f979532f1f9f273c916ed75e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://travel.medibank.com.au/sites/g/files/xfwnwa186/files/css/css__Lk1wC5u5oJ2tsf-HuIQUsT_TuhrIgjdmK8oL1aGvdg.css
Origin
https://travel.medibank.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:26 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
x-cache-hits
157
x-ah-environment
01live
vary
Accept-Encoding
content-length
42872
x-request-id
v-937d5a56-e074-11ec-8dd0-bbbbcf0e3fda
last-modified
Wed, 06 Jan 2021 14:09:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
717a5f21abe39205-FRA
expires
Mon, 13 Jun 2022 23:59:43 GMT
medibank_logo.png
travel.medibank.com.au/sites/g/files/xfwnwa186/files/styles/partner_logo/public/2020-09/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel.medibank.com.au/sites/g/files/xfwnwa186/files/styles/partner_logo/public/2020-09/medibank_logo.png?itok=tpOrDUAz
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:63f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
222fc5cfa2d5af473b67a5a393d724d9f12e65269d17d6e0da9db3931e05e93d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:26 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS
x-ah-environment
01live
vary
Accept-Encoding
content-length
15112
x-request-id
v-5b282d3c-e675-11ec-9a81-df0613763566
last-modified
Wed, 02 Sep 2020 11:00:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
717a5f21bc1b9205-FRA
expires
Tue, 21 Jun 2022 15:20:25 GMT
img-_0000_travel-packing-holiday.jpg
travel.medibank.com.au/sites/g/files/xfwnwa186/files/styles/crop_freeform/public/2020-04/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel.medibank.com.au/sites/g/files/xfwnwa186/files/styles/crop_freeform/public/2020-04/img-_0000_travel-packing-holiday.jpg?itok=qtjBPhCd
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:63f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ca9c204b9932959b9ee359f6d0817e6553aec32d437c3f11af82672cf64c81e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:25 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS
x-ah-environment
01live
vary
Accept-Encoding
content-length
59522
x-request-id
v-5a9df6bc-e675-11ec-bb29-8fc801691442
last-modified
Tue, 07 Apr 2020 14:19:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
717a5f21bc1f9205-FRA
expires
Tue, 21 Jun 2022 15:20:24 GMT
recorder.js
rec.smartlook.com/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rec.smartlook.com/recorder.js
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
929ece59ac21f73bac659d0edcf4c2587025e8e25932740a13014524b8f12939
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 07 Jun 2022 15:20:25 GMT
content-encoding
br
vary
Accept-Encoding
x-77-nzt-ray
jpdk/q4+0H4
x-77-cache
HIT
x-cache
HIT
x-age
197
x-77-nzt
Abk73BAo/fP/xQAAAA
x-accel-expires
@1654615628
last-modified
Thu, 02 Jun 2022 09:05:15 GMT
server
CDN77-Turbo
etag
W/"62987d4b-7df3"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
store.js
platform.cloud-iq.com.au/cartrecovery/ 		1 B
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.cloud-iq.com.au/cartrecovery/store.js?app_id=9774
Requested by
Host: travel.medibank.com.au
URL: https://travel.medibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.0.5 Sydney, Australia, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
5.0.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:26 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
optout_check
beacon.krxd.net/ 		88 B
248 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.medibankprivate.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.204.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-204-3.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4410a2caa657e6798aea0f08c267d2484a79be71322afbce28e6147d70751095

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:20:26 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=42 t=1654615226
x-served-by
beacon-n012-dub-prod.krxd.net
content-type
text/javascript
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2012909403&t=event&ni=1&_s=2&dl=https%3A%2F%2Ftravel.medibank.com.au%2F&ul=en-us&de=UTF-8&dt=Medibank%20-%20Get%20a%20quote&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20Load%20Time&ea=6-10%20seconds&el=Medibank%20-%20Get%20a%20quote&_u=aHHAiEABRAAAAG~&jid=&gjid=&cid=2039096479.1654615223&tid=UA-611799-1&_gid=599716205.1654615223&gtm=2wg660W8PZB8M&z=1293386353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Jun 2022 20:04:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
69354
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2012909403&t=event&ni=1&_s=1&dl=https%3A%2F%2Ftravel.medibank.com.au%2F&ul=en-us&de=UTF-8&dt=Medibank%20-%20Get%20a%20quote&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20Load%20Time&ea=6-10%20seconds&el=Medibank%20-%20Get%20a%20quote&_u=aHHACEABRAAAAG~&jid=&gjid=&cid=2039096479.1654615223&tid=UA-71530115-1&_gid=599716205.1654615223&gtm=2wg660W8PZB8M&z=984312065
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Jun 2022 20:04:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
69354
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2012909403&t=timing&ni=1&_s=3&dl=https%3A%2F%2Ftravel.medibank.com.au%2F&ul=en-us&de=UTF-8&dt=Medibank%20-%20Get%20a%20quote&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=6437&pdt=6&dns=0&rrt=51&srt=2354&tcp=39&dit=4921&clt=4921&_gst=2653&_gbt=2718&_cst=2493&_cbt=2638&_u=aHHAiEABRAAAAG~&jid=&gjid=&cid=2039096479.1654615223&tid=UA-611799-1&_gid=599716205.1654615223&gtm=2wg660W8PZB8M&z=1933370847
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Jun 2022 20:04:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
69354
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
integration.jsp
vxml4.plavxml.com/sited/ref/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=delacon_dmp&google_cm&sessid=e568f6d6d7b248c2a08a87c336f53691
  • https://vxml4.plavxml.com/sited/ref/integration.jsp?sessid=e568f6d6d7b248c2a08a87c336f53691&google_gid=CAESEGPsUCUKVRG0AjsoYCaqjqo&google_cver=1
35 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vxml4.plavxml.com/sited/ref/integration.jsp?sessid=e568f6d6d7b248c2a08a87c336f53691&google_gid=CAESEGPsUCUKVRG0AjsoYCaqjqo&google_cver=1
Protocol
HTTP/1.1
Server
175.45.98.52 Sydney, Australia, ASN4826 (VOCUS-BACKBONE-AS Vocus Connect International Backbone, AU),
Reverse DNS
ip-52.98.45.175.VOCUS.net.au
Software
Apache /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.medibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 15:20:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
close
Content-Length
35
X-XSS-Protection
1;mode=block

Redirect headers

pragma
no-cache
date
Tue, 07 Jun 2022 15:20:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://vxml4.plavxml.com/sited/ref/integration.jsp?sessid=e568f6d6d7b248c2a08a87c336f53691&google_gid=CAESEGPsUCUKVRG0AjsoYCaqjqo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
349
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

238 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| dataLayer number| settings_timer number| _vwo_settings_timer object| _vwo_code number| _vwo_acc_id object| vwoCode object| _vwo_style string| _vwo_css string| _vwo_cookieDomain string| _vwo_uuid string| _vis_opt_file number| _vwo_library_timer string| _vis_opt_lib undefined| b number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| VWO object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp object| VWOOmni object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| Krux string| GoogleAnalyticsObject function| ga object| __lc function| fbq function| _fbq function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment object| _vwo_evq function| _vwo_ev boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_t object| _vwo_editorOperationTracker function| _vwo_handleMutations object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath number| _vis_opt_experiment_id boolean| _vwo_settings_timed_out boolean| __lc_inited object| LC_API object| gaplugins object| gaGlobal object| gaData function| _UA-611799-1_sendHitTask object| google_optimize function| _UA-71530115-1_sendHitTask function| gtag function| _googWcmImpl string| _googWcmAk function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| _googWccDebug function| _googCallTrackingImpl function| _gaPhoneImpl string| google_wcc_status function| delaTrackNumberClick object| _delatrkvar string| ucidstr boolean| ucidsent string| extTrkStr string| extTrkAction boolean| extTrkSent string| autoNumberUpdate string| sessidcookieval object| pm object| ddd object| lll object| sss string| refStr string| refStr1 string| cids string| gcids string| orilpg string| refStr2 string| ajflg function| findAndReplaceCallTrackingNumber function| _ctlink function| _dgactlink function| cookieGet function| _getuaidstr function| getDelaconPhoneInfo function| findFragmentsToUpdatePhoneNumber function| updatePhoneNumber function| getExtTrkParameters function| plaPageReload function| callTrackingPhoneNumber function| getTrackingPhoneNumber function| makePhoneCall function| dela_247_call function| dela_fs_call function| dela_maxym_call function| delaGetGlobalVar function| delaMergeCids function| delaTrackingRef function| delaGetOriginalPage function| getRtDomain function| delaGet247Var function| delaGetMaxymizerVar object| dctrk function| to164format function| insprefix string| domainstr string| plaserverpath string| plamid string| pladstr number| placbtimer string| plasessid string| placids object| placidsarray function| chkIfCallMade function| dela_dfa_check function| dela_check function| dela_ua_check boolean| dela_nospantag boolean| dela_event_no_stop object| _gaq number| chkIntervalId boolean| delaconreq number| chkIfCall_Counter function| onOptimizelyCampaignDecidedTriggerDela function| onOptimizelyInitializedTriggerDela function| onOptimizelyActivatedTriggerDela function| onOptimizelyPageActivatedTriggerDela undefined| szktmrid number| szretrycnt undefined| tealiumtmrid number| tealiumretrycnt boolean| plaanupd boolean| mzrqd boolean| opmxrqd boolean| dckrqd string| dclkurl boolean| adbrqd boolean| szkrqd boolean| tealiumrqd boolean| phoneNumUpdateCompleted object| optimizely string| delaconphonenums function| _toConsumableArray function| _nonIterableSpread function| _unsupportedIterableToArray function| _iterableToArray function| _arrayWithoutHoles function| _arrayLikeToArray function| objectFitImages function| setTravellerName function| setEmcConfirmationMsg function| getUrlVars function| activeMultiPlan function| activeSinglePlan function| addonsErrorScroll function| slickLoad function| $ function| jQuery object| drupalSettings object| Drupal object| tabbable object| Foundation object| CoreUtils object| Box function| onImagesLoaded object| MediaQuery object| Motion object| Nest function| Timer object| Triggers function| Abide function| Accordion function| AccordionMenu function| Drilldown function| Dropdown function| DropdownMenu function| Equalizer function| Interchange function| Magellan function| OffCanvas function| Orbit function| ResponsiveMenu function| ResponsiveToggle function| Reveal function| Slider function| SmoothScroll function| Sticky function| Tabs function| Toggler function| Tooltip function| ResponsiveAccordionTabs object| default object| MotionUI function| cssVars function| Sifter object| MicroPlugin function| Selectize function| moment function| daterangepicker function| Inputmask function| extendDefaults function| extendDefinitions function| extendAliases function| format function| unmask function| isValid function| remove function| setValue function| dependencyLib object| selectizeOption function| smartlook

20 Cookies

Domain/Path Name / Value
.accounts.livechatinc.com/v2/customer/token Name: __lc_cid
Value: a5eb9d87-7cfc-4218-4dbf-de1fa858c61d
.accounts.livechatinc.com/v2/customer/token Name: __lc_cst
Value: 74f82023d0b4123db9cf1a3034090e33a2d4ba5de6452233f88e4583ad23bded55d1a1a61d282fbd8b0f0cf9b9bebf319ff2b62278884e8576daae686d7a
.accounts.livechatinc.com/customer/token Name: __lc_cid
Value: a5eb9d87-7cfc-4218-4dbf-de1fa858c61d
.accounts.livechatinc.com/customer/token Name: __lc_cst
Value: 74f82023d0b4123db9cf1a3034090e33a2d4ba5de6452233f88e4583ad23bded55d1a1a61d282fbd8b0f0cf9b9bebf319ff2b62278884e8576daae686d7a
.travel.medibank.com.au/ Name: SSESS9c6dec1a3e6a98bba4f52b68efcb9fc1
Value: 6wlraKjsj9qyWq-suRPFgQP%2CRbc4zi6vWyaCyLE03NJXbu2J
.travel.medibank.com.au/ Name: _vwo_uuid_v2
Value: D1259075142AEB65DC7E7C13F8AB4E0AC|ce7813fad5e95b3f185e25ee7dcbec5d
.medibank.com.au/ Name: _gcl_au
Value: 1.1.433758813.1654615223
.medibank.com.au/ Name: _vis_opt_s
Value: 1%7C
.medibank.com.au/ Name: _vis_opt_test_cookie
Value: 1
.medibank.com.au/ Name: _ga
Value: GA1.3.2039096479.1654615223
.medibank.com.au/ Name: _gid
Value: GA1.3.599716205.1654615223
.medibank.com.au/ Name: _dc_gtm_UA-611799-1
Value: 1
.travel.medibank.com.au/ Name: _ga
Value: GA1.4.2039096479.1654615223
.travel.medibank.com.au/ Name: _gid
Value: GA1.4.599716205.1654615223
.travel.medibank.com.au/ Name: _gat_UA-71530115-1
Value: 1
.medibank.com.au/ Name: _fbp
Value: fb.2.1654615223060.1251663879
.krxd.net/ Name: _kuid_
Value: O4lyyL8w
.medibank.com.au/ Name: delaconsessid
Value: e568f6d6d7b248c2a08a87c336f53691
.medibank.com.au/ Name: delaconphonenums
Value: 86757,1300 584 859,true,134 190,au,|
.doubleclick.net/ Name: IDE
Value: AHWqTUlAENt5Exg6E9NJrga63_5f5KgFq8gGQW0zByFRcsfuq_XEK3GNY9tAatVVEPU

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.livechatinc.com
api.livechatinc.com
beacon.krxd.net
cdn.krxd.net
cdn.livechatinc.com
cm.g.doubleclick.net
connect.facebook.net
consumer.krxd.net
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
platform.cloud-iq.com.au
rec.smartlook.com
secure.livechatinc.com
stats.g.doubleclick.net
travel.medibank.com.au
vxml4.plavxml.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
142.250.185.226
142.250.186.98
151.101.194.133
175.45.98.52
2.16.186.211
23.36.162.25
2606:4700::6812:63f
2a00:1450:4001:800::200e
2a00:1450:4001:803::2008
2a00:1450:4001:812::2003
2a00:1450:4001:812::2004
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2003
2a00:1450:400c:c07::9d
2a02:6ea0:c700::10
2a03:2880:f006:21:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.255.204.3
34.96.102.137
35.189.0.5
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
02d9013227fe1f829d732d48a65845d6e8209d964fe5b31e6164603f0d02f394
0526fbacac4f69153a2717d79975c3f5898f88faf874a2b0211a2368977b6f91
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13613dc77ebfc95d8e657fcfb91f9096282dd3fdf2a2ce3d28b6b38f911eb1d2
19313031f4c638e9d3a421230237024ff29a2d50ea0eb414a414e85157e48a76
1eb7f96550baa7122111f189a87c107d654f037f92b6c6f305a2ec4925de238e
1ee5c517d2cba6d898ee3d4bc63b202e586260888e3d28d37dc32f7b6323602c
222fc5cfa2d5af473b67a5a393d724d9f12e65269d17d6e0da9db3931e05e93d
2431f2676befcb26b9b2881ec4c6199e17d80bb85769b57098d4d9ac868de0c8
2ad4c2b3e85f54dfebca7fa0b37417cd3702f2accbd2eee0b9ddf3bc1073f13c
2c8ea1fe11c29b08a015b17f0b5c31f8d80064f2f445e48ac80a0cbda58ab9db
2f1d110f99e1c5b6de8f60679f654469d0849b4447b000bcf6a8d941b14a2580
327c53faaaa94c4bc54fe45897d85db5d1f23288ef0bda01aadcd2c9670b6dea
33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3c28111ddfdf5e6b44ca770b1b8c118fa41254b606d07601d6707a751483bfb1
3d7ab1cb1f1dac47256801355e92d1f6c7b018730daeffe4f30cbdf577d9904a
4410a2caa657e6798aea0f08c267d2484a79be71322afbce28e6147d70751095
468c139eadb67c474f5cf5ed00fc117ab07298284b55c1dee696236c8f085806
47cefdb4021d407ec237bafb2d2ebb74d7d9e17d8d8978b893f06817f777794a
4a7068ee97d6df02dcbf81a6c757a224b0d9d1420e0dde139c140bbeb2d4afeb
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4b2ce49c2e1bbc6d07b51852956c56cfb29c0b618e6dacd8281c5e01e7ebbc28
4ce2e29fbc4e24edb01b73f09bb5a9e616af2cbc270c23d3b804e251ef247f13
576f7d32f586b2a033e0731d1a7c534da76ea0a6fe7b72eab9cb68684fac0d87
5ca9c204b9932959b9ee359f6d0817e6553aec32d437c3f11af82672cf64c81e
5f7f3252bba9e84ccc76f92fcb3fb9dc51b30f2478bfbbfa75325225237e047f
6ad45887c62450ca2d1eed50c5337b933a0fb8ce75b2a0d642360887d0032da0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
74c260f86ed695e723b0d2f010ecb330bedcd4c7d2dcffbb9cda590a7222dc7d
7e0fa2ac90d54524957e136bbcba4257d79dbcecb689365d9a937ba7db252460
8154c292a456247d78c3b606c4f262243d3b2ac99fef32cc156f39b200220039
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
870a3b56ce7e6fae915464d87f3480b90b3c777be5b9ba34faf94a01308e04d9
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
929ece59ac21f73bac659d0edcf4c2587025e8e25932740a13014524b8f12939
968c3b2efeec9a16bf9807e9d782a7c66d5dc3a1fd3d05b4bdd72f1a89df3508
98ce472258444a2a0672181433f997e39f8b5274215a4632374756722011a135
9be868b95bcca2a0bc7fbea65da439ddfef1e98e1eaeb992fff6b20d91cdcea5
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1f0571e990a300c140106dab790d76fa31b28a8965827eacb407c290dee19d9
a8e10f270db9892f49eba89913b39531becbe5b0b2fec66a7bf1c2dce0eac426
a9d7bfb74f1dceb0a265283cd59570160b900554010b602dac4588a1f8d5143c
b44522a3f7fbf840453a45760d6cc73f65e380dd66fea563daa1b2cadad85a61
b81275abd7716feb066ee5614d928ebf3fca743f32aff15d7ed4227f84cdb377
ba242b34f968040fee3717849825fd8e4870951e6dcbd5bf92e3bfceac6e3892
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
c6fe877d800ec3265f82ce491b1e55b722c05ebce97760cfcc53536167f064f1
d1872ace7c3af8a214bec239d58ad3d4f3e0d5eee7a18bb416aa9cd28fff233d
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b75b80fe390765bbba79d438b25a30328cbf806858a322edca956beb4b6e39
e6553a0fa0bf123d9f440170fcef70aaed32b27b9baa983fc375ea6e2abb4422
e83ccc5b8534cfae494d559972047e80598026b7d533a52a86d269f9fc900b85
eb6fbc4fe2354ff5d0e1fbfeb78fe45edab1f9f30d88b60b2278e080457fec6a
ed775afe5fbe1ddccf9541a1ff8ae41d9f840e272166a1175bf3a31dd291023e
edae08b4bc872809af49dfdf398aa5f0c1edb1ffdacfbd650462d108e96cdda9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4c125e9ded037230bcd9ec2459a80bbc612b862f979532f1f9f273c916ed75e
fcb935c02e6ee68276b6c7fe1ee21052c4ff4ee86b2208dd98af282f5686bdd8
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df