www.medibankclassaction.com.au Open in urlscan Pro
172.67.190.80 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://medibankclassaction.au/
Effective URL:
https://www.medibankclassaction.com.au/
Submission: On April 21 via api (April 21st 2024, 1:43:36 am UTC) from US — Scanned from AU

Summary HTTP 24 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 7 domains to perform 24 HTTP transactions. The main IP is 172.67.190.80, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.medibankclassaction.com.au.
TLS certificate: Issued by GTS CA 1P5 on February 26th 2024. Valid for: 3 months.

This is the only time www.medibankclassaction.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.224.212.39 103.224.212.39	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
2	172.67.190.80 172.67.190.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.67.74.167 172.67.74.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.70.200 142.250.70.200	15169 (GOOGLE) (GOOGLE)
9	142.250.70.187 142.250.70.187	15169 (GOOGLE) (GOOGLE)
4	216.239.36.54 216.239.36.54	15169 (GOOGLE) (GOOGLE)
2	142.250.70.206 142.250.70.206	15169 (GOOGLE) (GOOGLE)
24	6

1 103.224.212.39 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: fwd.drop.com.au

medibankclassaction.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.190.80 (United States)

ASN13335 (CLOUDFLARENET, US)

www.medibankclassaction.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.74.167 (United States)

ASN13335 (CLOUDFLARENET, US)

fonts.heyflow.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.70.200 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: mel05s01-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.70.187 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: mel04s02-in-f27.1e100.net

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.239.36.54 (United States)

ASN15169 (GOOGLE, US)

europe-west1-niro-tracking.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.70.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: mel05s01-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 361	219 KB
5	heyflow.cloud fonts.heyflow.cloud — Cisco Umbrella Rank: 305202	82 KB
4	cloudfunctions.net europe-west1-niro-tracking.cloudfunctions.net	315 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	318 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	162 KB
2	medibankclassaction.com.au www.medibankclassaction.com.au	188 KB
1	medibankclassaction.au 1 redirects medibankclassaction.au	215 B
24	7

	Domain	Requested by
9	storage.googleapis.com	www.medibankclassaction.com.au
5	fonts.heyflow.cloud	www.medibankclassaction.com.au fonts.heyflow.cloud
4	europe-west1-niro-tracking.cloudfunctions.net	www.medibankclassaction.com.au
2	www.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	www.medibankclassaction.com.au www.googletagmanager.com
2	www.medibankclassaction.com.au	www.medibankclassaction.com.au
1	medibankclassaction.au	1 redirects
24	7

This site contains links to these domains. Also see Links.

Domain
bannisterlaw.com.au
www.austlii.edu.au
justice.org.au
www.beyondblue.org.au
www.lifeline.org.au
kidshelpline.com.au
au.reachout.com
headtohealth.gov.au

Subject Issuer	Validity	Valid
www.medibankclassaction.com.au GTS CA 1P5	`2024-02-26` - `2024-05-26`	3 months	crt.sh
heyflow.cloud GTS CA 1P5	`2024-04-13` - `2024-07-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.medibankclassaction.com.au/
Frame ID: 5C46A9175DBFAD22C2A38D786776C95F
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Medibank Data Breach Investigation | Register Here

Page URL History Show full URLs

http://medibankclassaction.au/ HTTP 307
https://medibankclassaction.au/ HTTP 307
http://medibankclassaction.au/ HTTP 301
https://www.medibankclassaction.com.au/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

24
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

6
IPs

2
Countries

652 kB
Transfer

1978 kB
Size

2
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://bannisterlaw.com.au/

Search URL Search Domain Scan URL

URL: http://www.austlii.edu.au/cgi-bin/viewdoc/au/cases/nsw/NSWSC/2019/1781.html
Title: Evans v Health Administration Corporation [2019] NSWC 1781

Search URL Search Domain Scan URL

URL: https://justice.org.au/
Title: National Justice Project

Search URL Search Domain Scan URL

URL: https://www.beyondblue.org.au/support-service/Email
Title: email

Search URL Search Domain Scan URL

URL: https://www.lifeline.org.au/crisis-chat/
Title: Lifeline’s online chat service

Search URL Search Domain Scan URL

URL: https://kidshelpline.com.au/get-help/webchat-counselling
Title: chat to a web counsellor

Search URL Search Domain Scan URL

URL: https://kidshelpline.com.au/get-help/email-counselling/
Title: email

Search URL Search Domain Scan URL

URL: https://au.reachout.com/
Title: au.reachout.com

Search URL Search Domain Scan URL

URL: https://headtohealth.gov.au/
Title: headtohealth.gov.au

Search URL Search Domain Scan URL

URL: https://bannisterlaw.com.au/disclaimer/
Title: terms and conditions

Search URL Search Domain Scan URL

URL: https://bannisterlaw.com.au/privacy-policy/
Title: privacy policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://medibankclassaction.au/ HTTP 307
https://medibankclassaction.au/ HTTP 307
http://medibankclassaction.au/ HTTP 301
https://www.medibankclassaction.com.au/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www.medibankclassaction.com.au/
Redirect Chain

http://medibankclassaction.au/
https://medibankclassaction.au/
http://medibankclassaction.au/
https://www.medibankclassaction.com.au/

1 MB
187 KB

693ms
669ms

Document
text/html

172.67.190.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medibankclassaction.com.au/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 33c424c3b6bc120e7f0879d6785a1891460ecec0ad46da55a6742239bdd5ddea

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8779aee34a085551-SYD
content-encoding: br
content-type: text/html
date: Sun, 21 Apr 2024 01:43:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qoy%2F0Pzk6%2FV%2BAJ%2BqUjBVA73Ov1gQRAmOn6SX8YgLqEQE0q7J9Omfj2FDHX5Wd5VwmU%2BXsmcvcsxU0v8Akq00NHF9GnnILzOzyIZMMy3lu3NCcuY7jE9n5nAUP3GrtUQxeAGXQ6jIUX1bd7Bm1XuKOF0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 google, 1.1 google
x-cloud-trace-context: 86d83ed2ee52a5012b87a6ea3a9f64cb
x-powered-by: Express

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sun, 21 Apr 2024 01:43:25 GMT
Location: https://www.medibankclassaction.com.au
Server: Apache

GET
H2 200 icon
fonts.heyflow.cloud/ 472 B
645 B 377ms
50ms Stylesheet
text/css 172.67.74.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.heyflow.cloud/icon?family=Material+Icons
Requested by: Host: www.medibankclassaction.com.au
URL: https://www.medibankclassaction.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.167 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: bc75d2bf05221927704d5d29a4ed8e67b6436a2eebc3cd2c83f476ca6875895d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.medibankclassaction.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 01:43:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 345880
cf-polished: origSize=571
x-powered-by: Express
last-modified: Wed, 17 Apr 2024 01:38:47 GMT
cf-bgj: minify
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j14aqoLCGCFTUSVdGasUcmjvLp0Eo%2Fsx4ZZ3oKCnMpWZrue%2FLIOSnx1xtpV7VotoRrL0D9Ts%2FWYi9NjkCYH25lStqt2SdYxf9Wzmuhv34qEd6OI3yscOGybK%2BbFdkb45Kk2MNQw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 1103ef27fea8ef183d89a5a367a7f824
cache-control: private, max-age=604800
cf-ray: 8779aee99b8ea97d-SYD

GET
H2 200 css
fonts.heyflow.cloud/ 38 KB
2 KB 350ms
25ms Stylesheet
text/css 172.67.74.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Roboto:300,400,500,600,700,800&display=swap
Requested by: Host: www.medibankclassaction.com.au
URL: https://www.medibankclassaction.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.167 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d54a7ac96517fceb0ecb9f7a3faac0fe5b4a635607ec69e8dfc951281c20c6d9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.medibankclassaction.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 01:43:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 330358
cf-polished: origSize=44426
x-powered-by: Express
last-modified: Wed, 17 Apr 2024 05:57:28 GMT
cf-bgj: minify
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cd9zEeTKkq3ill6LeXEvRQRDlQHWEGwfgR5gUwas%2Fm8RQ3SCfI5zvAMsEh3zuZsQg%2FlCgpRhEJf0Z7zTXXUC9%2FMANaLKuMEoR2dVOGfA7Dl6b2b0uDJp47TUGkMl2ccDCqPYMXw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 58053f6a7b189e4ee5746d6248dd49c3
cache-control: private, max-age=604800
cf-ray: 8779aee99b8aa97d-SYD

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 191 KB
67 KB 542ms
121ms Script
application/javascript 142.250.70.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PNQS68M

Requested by

Host: www.medibankclassaction.com.au
URL: https://www.medibankclassaction.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.70.200 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

mel05s01-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1aedd9d7631bade0996a3208501592bb93a9b815fd19be0d2f189cf07a985f8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.medibankclassaction.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 01:43:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68542
x-xss-protection: 0
last-modified: Sun, 21 Apr 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 21 Apr 2024 01:43:27 GMT

GET
H2 200 709c71df-118a-4488-bef3-d08766ee54bc.jpeg
storage.googleapis.com/builder.zenflow.de/medibank-class-action/www/assets/ 65 KB
66 KB 4007ms
465ms Image
image/jpeg 142.250.70.187
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/builder.zenflow.de/medibank-class-action/www/assets/709c71df-118a-4488-bef3-d08766ee54bc.jpeg
Requested by: Host: www.medibankclassaction.com.au
URL: https://www.medibankclassaction.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.70.187 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: mel04s02-in-f27.1e100.net
Software: UploadServer /
Resource Hash: fed76d7c8d1e5632649059478504b9bccaa976c7a62f2fd865d6ff6b0656d6e1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.medibankclassaction.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 01:43:31 GMT
x-guploader-uploadid: ABPtcPqG0EGb_yKfBlq3LOHqmR4ILhlgNVFrwGExTvimJQAiNqwiLuyggj9zG6atpIGnEOw03SQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Mon, 07 Nov 2022 05:24:09 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1667798649086092
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=ONhZHg==, md5=2dEdj6gIIKcmOpWJfIO+WA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=0, s-maxage=31104000
x-goog-stored-content-length: 59345
accept-ranges: none
expires: Wed, 16 Apr 2025 01:43:31 GMT

GET
H2 200 ea749bc8-4c35-42fb-9dd2-d587bec1f3f0.jpeg
storage.googleapis.com/builder.zenflow.de/medibank-class-action/www/assets/ 52 KB
52 KB 4038ms
496ms Image
image/jpeg 142.250.70.187
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/builder.zenflow.de/medibank-class-action/www/assets/ea749bc8-4c35-42fb-9dd2-d587bec1f3f0.jpeg
Requested by: Host: www.medibankclassaction.com.au
URL: https://www.medibankclassaction.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.70.187 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: mel04s02-in-f27.1e100.net
Software: UploadServer /
Resource Hash: 97ffc393c722c8746749daf849572ddfd7716ebe9b2b4b5d38e6876b960fbb5d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.medibankclassaction.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 01:43:31 GMT
x-guploader-uploadid: ABPtcPqITSY-1L3X2Ly-eto_vKgEci6SqjoZ2uRISXQP38kLKQBDIykJuviTEuPiunQsauiiDz8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Mon, 07 Nov 2022 21:03:17 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1667854997378845
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=CtlAuA==, md5=6g9hw2aaa4dh9QyZZ4u79A==
access-control-expose-headers: Content-Type
cache-control: public, max-age=0, s-maxage=31104000
x-goog-stored-content-length: 37308
accept-ranges: none
expires: Wed, 16 Apr 2025 01:43:31 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.heyflow.cloud/s/roboto/v30/ 15 KB
16 KB 341ms
25ms Font
font/woff2 172.67.74.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.heyflow.cloud/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by: Host: fonts.heyflow.cloud
URL: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Roboto:300,400,500,600,700,800&display=swap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.167 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Roboto:300,400,500,600,700,800&display=swap
Origin: https://www.medibankclassaction.com.au
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 01:43:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176040
x-powered-by: Express
content-length: 15860
last-modified: Fri, 19 Apr 2024 00:49:27 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wZPp12sPgZmE4A4az92Wy9x2Av7hp3Dw7IkHEPEHmAYVGiOcShhBtEphnFbPcKtsWxTmlqxsa8y%2BcpKW%2FCYCBTvhaIsxlK%2BMOPcLyzc3GnG26XSgYs%2FcwR4hDoGlMe671sRH9zo%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
x-cloud-trace-context: fae64f99c5e0c21c61f5f051aa1e75d8
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8779aeeefd5fa880-SYD

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.heyflow.cloud/s/opensans/v40/ 47 KB
47 KB 348ms
33ms Font
font/woff2 172.67.74.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.heyflow.cloud/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by: Host: fonts.heyflow.cloud
URL: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Roboto:300,400,500,600,700,800&display=swap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.167 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Roboto:300,400,500,600,700,800&display=swap
Origin: https://www.medibankclassaction.com.au
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 01:43:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169931
x-powered-by: Express
content-length: 48236
last-modified: Fri, 19 Apr 2024 02:31:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xleSET58w4FeiWTJiwWAlsxuLw2VmKraeviliR5QQDpBYY952aDVJfNY4JfcmGtkiJx9NQur9A0bCQmRcEuQlvho5S2Ej0WvNl6mJ%2BRQ8cDBRS5yZ4WLs4rNksFCQzyItrOh0bg%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
x-cloud-trace-context: faf616bb5f41875ee21f3083bd75ea8b
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8779aeeefd61a880-SYD

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.heyflow.cloud/s/roboto/v30/ 15 KB
16 KB 347ms
32ms Font
font/woff2 172.67.74.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.heyflow.cloud/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by: Host: fonts.heyflow.cloud
URL: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Roboto:300,400,500,600,700,800&display=swap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.167 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Roboto:300,400,500,600,700,800&display=swap
Origin: https://www.medibankclassaction.com.au
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 01:43:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 180929
x-powered-by: Express
content-length: 15744
last-modified: Thu, 18 Apr 2024 23:27:58 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wdpIjfx6aTpaPN9oCieyrZrgWLxJpKnsOiqU8k7y6f%2FNEjWuw9sP0qzHOa4Sv7smst%2BIY9YZwlGlefGjVzd1y5XrxwSGCUle2weiaqyOXtJsaJNS%2BcXPwOgwYQjk%2FA9rfGVaOS8%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
x-cloud-trace-context: 6c610616b9b11a33a3b06f086bddc333
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8779aeeefd62a880-SYD

GET
H2 200 e0ff27e8-fc1a-429d-918e-eadb6a0521c8.png
storage.googleapis.com/builder.zenflow.de/medibank-class-action/www/assets/ 32 KB
33 KB 3994ms
552ms Image
image/png 142.250.70.187
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/builder.zenflow.de/medibank-class-action/www/assets/e0ff27e8-fc1a-429d-918e-eadb6a0521c8.png
Requested by: Host: www.medibankclassaction.com.au
URL: https://www.medibankclassaction.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.70.187 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: mel04s02-in-f27.1e100.net
Software: UploadServer /
Resource Hash: 4f3d4a4f973d6d0065fbe696d51e4551a3da8871889ea5cee903df32af92f0b7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.medibankclassaction.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 01:43:31 GMT
x-guploader-uploadid: ABPtcPphaPEnNkPlTHE4M3QyUPcBolJDfTDpwJzt7UddwHo1xfSQkD0RcQ7ayaUWyK3X_3MnsYw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Mon, 07 Nov 2022 03:46:57 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1667792817422418
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=i554lg==, md5=yKBFTHLS7Pn7z7zpbrbj5A==
access-control-expose-headers: Content-Type
cache-control: public, max-age=0, s-maxage=31104000
x-goog-stored-content-length: 30859
accept-ranges: none
expires: Wed, 16 Apr 2025 01:43:31 GMT

GET
H2 200 ac74a8fa-7c8e-465e-9909-a9f9093c928c.png
storage.googleapis.com/builder.zenflow.de/medibank-class-action/www/assets/ 11 KB
12 KB 3845ms
404ms Image
image/png 142.250.70.187
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/builder.zenflow.de/medibank-class-action/www/assets/ac74a8fa-7c8e-465e-9909-a9f9093c928c.png
Requested by: Host: www.medibankclassaction.com.au
URL: https://www.medibankclassaction.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.70.187 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: mel04s02-in-f27.1e100.net
Software: UploadServer /
Resource Hash: a34d2f47bbdd1b27e661c2372abd6c6375a6aa5a743152cccd89e32779ecae0c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.medibankclassaction.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 01:43:31 GMT
x-guploader-uploadid: ABPtcPrfv3JCP-WGRwzCgyzYCMlALLLIujzMbm3be2fu3-UcduaNKegsWw9ODUPBBY_YRxvS0oM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Mon, 07 Nov 2022 03:47:11 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1667792831211131
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=LXKGyg==, md5=87d3oraLYQSJu0krXypkPg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=0, s-maxage=31104000
x-goog-stored-content-length: 10895
accept-ranges: none
expires: Wed, 16 Apr 2025 01:43:31 GMT

GET
H2 200 72b0d9e7-c761-455d-90d6-5988f30952db.jpeg
storage.googleapis.com/builder.zenflow.de/medibank-class-action/www/assets/ 11 KB
11 KB 3886ms
445ms Image
image/jpeg 142.250.70.187
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/builder.zenflow.de/medibank-class-action/www/assets/72b0d9e7-c761-455d-90d6-5988f30952db.jpeg
Requested by: Host: www.medibankclassaction.com.au
URL: https://www.medibankclassaction.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.70.187 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: mel04s02-in-f27.1e100.net
Software: UploadServer /
Resource Hash: f00c50fd8483d0a59ef65e19598f878ec23b83b1a911ef5f4dd109f0d949005c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.medibankclassaction.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 01:43:31 GMT
x-guploader-uploadid: ABPtcPqw55Fch_KnG3DKEox0nbRUyTSOCvtwzIy1YtEabB4WnhaZt2rDZF27abhqMEf074hJLxA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Fri, 20 Jan 2023 22:58:55 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1674255535596286
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=QMD7wA==, md5=EJDUNZYnKLkDZ1D/UaNtKw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=0, s-maxage=31104000
x-goog-stored-content-length: 10457
accept-ranges: none
expires: Wed, 16 Apr 2025 01:43:31 GMT

GET
H2 200 8eb966fe-3f5e-4e5e-b6b4-dbc4762677d0.png
storage.googleapis.com/builder.zenflow.de/medibank-class-action/www/assets/ 11 KB
11 KB 3923ms
482ms Image
image/png 142.250.70.187
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/builder.zenflow.de/medibank-class-action/www/assets/8eb966fe-3f5e-4e5e-b6b4-dbc4762677d0.png
Requested by: Host: www.medibankclassaction.com.au
URL: https://www.medibankclassaction.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.70.187 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: mel04s02-in-f27.1e100.net
Software: UploadServer /
Resource Hash: a34d2f47bbdd1b27e661c2372abd6c6375a6aa5a743152cccd89e32779ecae0c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.medibankclassaction.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 01:43:31 GMT
x-guploader-uploadid: ABPtcPomfzwG1tKqZlNE1D3GToxE_3uA12zd9rtsqq5m2EHNFVXgUPBm0X9hS8jP0ICvzUhSWuI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Sun, 22 Jan 2023 01:51:42 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1674352302741621
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=LXKGyg==, md5=87d3oraLYQSJu0krXypkPg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=0, s-maxage=31104000
x-goog-stored-content-length: 10895
accept-ranges: none
expires: Wed, 16 Apr 2025 01:43:31 GMT

GET
H2 200 5822e4f3-9461-4970-8253-ec8a2fb8005c.png
storage.googleapis.com/builder.zenflow.de/medibank-class-action/www/assets/ 32 KB
33 KB 456ms
456ms Image
image/png 142.250.70.187
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/builder.zenflow.de/medibank-class-action/www/assets/5822e4f3-9461-4970-8253-ec8a2fb8005c.png
Requested by: Host: www.medibankclassaction.com.au
URL: https://www.medibankclassaction.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.70.187 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: mel04s02-in-f27.1e100.net
Software: UploadServer /
Resource Hash: 4f3d4a4f973d6d0065fbe696d51e4551a3da8871889ea5cee903df32af92f0b7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.medibankclassaction.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 01:43:31 GMT
x-guploader-uploadid: ABPtcPrkzkxM8VRB-w0pefpr25iweS0wttU-OYr-nd-lZN5Ld6KBPvd7cVOVIfDB-UsSF5Sk3Pw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Sun, 22 Jan 2023 01:50:36 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1674352236261078
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=i554lg==, md5=yKBFTHLS7Pn7z7zpbrbj5A==
access-control-expose-headers: Content-Type
cache-control: public, max-age=0, s-maxage=31104000
x-goog-stored-content-length: 30859
accept-ranges: none
expires: Wed, 16 Apr 2025 01:43:31 GMT

GET
H3 200 email-decode.min.js Show response
www.medibankclassaction.com.au/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 7ms
6ms Script
application/javascript 172.67.190.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medibankclassaction.com.au/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.medibankclassaction.com.au
URL: https://www.medibankclassaction.com.au/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.190.80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.medibankclassaction.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 01:43:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Apr 2024 15:45:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661e9d00-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a6e8r%2BgmjvMFqmhFbiXEILBWuRJjOQw%2BToE%2FaKRXhM%2BpbbWUY4S4n%2BjLJzUjMUNBbteZXOKO1lm9xfaGdjUX2nAaXJ7MMxiZtQVEoER0TzHsa7zuzeBuIMc5HVS7FiWyiY2dVGIE2piyaT7K204CRMo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8779aeed5ff75551-SYD
expires: Tue, 23 Apr 2024 01:43:27 GMT

POST
H2 200 onEvent Show response
europe-west1-niro-tracking.cloudfunctions.net/ 2 B
122 B 393ms
392ms XHR
text/plain 216.239.36.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://europe-west1-niro-tracking.cloudfunctions.net/onEvent
Requested by: Host: www.medibankclassaction.com.au
URL: https://www.medibankclassaction.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://www.medibankclassaction.com.au/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 01:43:31 GMT
content-encoding: gzip
server: Google Frontend
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.medibankclassaction.com.au
x-cloud-trace-context: 58bab715b41dcc5411591fcc05e3d741
cache-control: private
function-execution-id: s0ul4t1tf57p
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22

OPTIONS
H2 204 onEvent
europe-west1-niro-tracking.cloudfunctions.net/ 0
0 3687ms
291ms Preflight
text/html 216.239.36.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://europe-west1-niro-tracking.cloudfunctions.net/onEvent
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.medibankclassaction.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.medibankclassaction.com.au
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 21 Apr 2024 01:43:31 GMT
function-execution-id: s0ulkj7zvrxj
server: Google Frontend
vary: Origin, Access-Control-Request-Headers
x-cloud-trace-context: e5243ebcbdd770bf91ad3a282d810c48

POST
H2 200 onEvent Show response
europe-west1-niro-tracking.cloudfunctions.net/ 2 B
193 B 370ms
370ms XHR
text/plain 216.239.36.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://europe-west1-niro-tracking.cloudfunctions.net/onEvent
Requested by: Host: www.medibankclassaction.com.au
URL: https://www.medibankclassaction.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://www.medibankclassaction.com.au/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 01:43:31 GMT
content-encoding: gzip
server: Google Frontend
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.medibankclassaction.com.au
x-cloud-trace-context: 95fb3552bf899a4c135c5672f9073962;o=1
cache-control: private
function-execution-id: xi2qmv7djqw3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22

OPTIONS
H2 204 onEvent
europe-west1-niro-tracking.cloudfunctions.net/ 0
0 3672ms
296ms Preflight
text/html 216.239.36.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://europe-west1-niro-tracking.cloudfunctions.net/onEvent
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.medibankclassaction.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.medibankclassaction.com.au
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 21 Apr 2024 01:43:31 GMT
function-execution-id: cb2v0o9qds6n
server: Google Frontend
vary: Origin, Access-Control-Request-Headers
x-cloud-trace-context: deb34de92096de047cde6fa47ff2e6ec;o=1

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 280 KB
95 KB 124ms
123ms Script
application/javascript 142.250.70.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-LJSMJ1F559&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNQS68M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.70.200 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

mel05s01-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

fe08f12eb47adadd8cbf7000210796e92c00e94bd763576799cc396d501465db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.medibankclassaction.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 01:43:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97026
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 21 Apr 2024 01:43:27 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
264 B 525ms
103ms Ping
text/plain 142.250.70.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LJSMJ1F559&gtm=45je44h0v896511737z8896505561za200&_p=1713663807025&gcd=13l3l3l3l1&npa=0&dma=0&cid=556690106.1713663811&ul=en-au&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&dl=%2F%7Bheyflow%2Fmedibank-class-action&dt=Heyflow%20%E2%80%93%20medibank-class-action&dr=%2Fheyflow%2Fmedibank-class-action&sid=1713663811&sct=1&seg=0&en=heyflow_start&_fv=1&_nsi=1&_ss=1&tfd=5855
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-LJSMJ1F559&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.70.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: mel05s01-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.medibankclassaction.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 21 Apr 2024 01:43:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.medibankclassaction.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 515ms
103ms Ping
text/plain 142.250.70.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LJSMJ1F559&gtm=45je44h0v896511737z8896505561za200&_p=1713663807025&gcd=13l3l3l3l1&npa=0&dma=0&cid=556690106.1713663811&ul=en-au&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=2&dl=%2Fheyflow%2Fmedibank-class-action%2Fstart&dr=%2Fheyflow%2Fmedibank-class-action%2F&dt=Heyflow%20%E2%80%93%20medibank-class-action%20%E2%80%93%20start&sid=1713663811&sct=1&seg=1&en=page_view&_et=3&tfd=5867
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-LJSMJ1F559&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.70.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: mel05s01-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.medibankclassaction.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 21 Apr 2024 01:43:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.medibankclassaction.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 43f18f96-ae75-427f-acf8-a3a5e09ba3ad.png
storage.googleapis.com/builder.zenflow.de/medibank-class-action/www/assets/ 2 KB
2 KB 378ms
377ms Other
image/png 142.250.70.187
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/builder.zenflow.de/medibank-class-action/www/assets/43f18f96-ae75-427f-acf8-a3a5e09ba3ad.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.70.187 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: mel04s02-in-f27.1e100.net
Software: UploadServer /
Resource Hash: 06fbb46f8ad413b2b227b5c288f16ec544916a9b357b852d62b03c072a1621fa

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.medibankclassaction.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 01:43:32 GMT
x-guploader-uploadid: ABPtcPp4iD7zoTft3rXGLSBsPqxwF_Sp4bBNZ98m6yk90qXVXCanXXguTFB4kMnJFS5TikD5GE4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Mon, 07 Nov 2022 09:56:03 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1667814963046262
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=Xe134g==, md5=QmHFpbiHA/cjgf48FeQBEw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=0, s-maxage=31104000
x-goog-stored-content-length: 1569
accept-ranges: none
expires: Wed, 16 Apr 2025 01:43:32 GMT

GET
H2 200 43f18f96-ae75-427f-acf8-a3a5e09ba3ad.png
storage.googleapis.com/builder.zenflow.de/medibank-class-action/www/assets/ 2 KB
12 B 17ms
16ms Other
image/png 142.250.70.187
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/builder.zenflow.de/medibank-class-action/www/assets/43f18f96-ae75-427f-acf8-a3a5e09ba3ad.png
Protocol: H2
Security: QUIC, , AES_128_GCM
Server: 142.250.70.187 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: mel04s02-in-f27.1e100.net
Software: UploadServer /
Resource Hash: 06fbb46f8ad413b2b227b5c288f16ec544916a9b357b852d62b03c072a1621fa

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.medibankclassaction.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 01:43:32 GMT
age: 0
x-guploader-uploadid: ABPtcPp4iD7zoTft3rXGLSBsPqxwF_Sp4bBNZ98m6yk90qXVXCanXXguTFB4kMnJFS5TikD5GE4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Mon, 07 Nov 2022 09:56:03 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1667814963046262
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=Xe134g==, md5=QmHFpbiHA/cjgf48FeQBEw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=0, s-maxage=31104000
x-goog-stored-content-length: 1569
accept-ranges: none
expires: Wed, 16 Apr 2025 01:43:32 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.medibankclassaction.com.au/	1970-01-21 05:37:03	Name: _ga Value: GA1.1.556690106.1713663811
			.medibankclassaction.com.au/	1970-01-21 05:37:03	Name: _ga_LJSMJ1F559 Value: GS1.1.1713663811.1.1.1713663811.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

europe-west1-niro-tracking.cloudfunctions.net
fonts.heyflow.cloud
medibankclassaction.au
storage.googleapis.com
www.google-analytics.com
www.googletagmanager.com
www.medibankclassaction.com.au
103.224.212.39
142.250.70.187
142.250.70.200
142.250.70.206
172.67.190.80
172.67.74.167
216.239.36.54
06fbb46f8ad413b2b227b5c288f16ec544916a9b357b852d62b03c072a1621fa
1aedd9d7631bade0996a3208501592bb93a9b815fd19be0d2f189cf07a985f8c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
33c424c3b6bc120e7f0879d6785a1891460ecec0ad46da55a6742239bdd5ddea
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4f3d4a4f973d6d0065fbe696d51e4551a3da8871889ea5cee903df32af92f0b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
97ffc393c722c8746749daf849572ddfd7716ebe9b2b4b5d38e6876b960fbb5d
a34d2f47bbdd1b27e661c2372abd6c6375a6aa5a743152cccd89e32779ecae0c
bc75d2bf05221927704d5d29a4ed8e67b6436a2eebc3cd2c83f476ca6875895d
d54a7ac96517fceb0ecb9f7a3faac0fe5b4a635607ec69e8dfc951281c20c6d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f00c50fd8483d0a59ef65e19598f878ec23b83b1a911ef5f4dd109f0d949005c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fe08f12eb47adadd8cbf7000210796e92c00e94bd763576799cc396d501465db
fed76d7c8d1e5632649059478504b9bccaa976c7a62f2fd865d6ff6b0656d6e1

www.medibankclassaction.com.au Open in urlscan Pro 172.67.190.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

0 %IPv6

7 Domains

7 Subdomains

6 IPs

2 Countries

652 kBTransfer

1978 kBSize

2 Cookies

11 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

2 Cookies

Indicators

www.medibankclassaction.com.au Open in urlscan Pro
172.67.190.80 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

6
IPs

2
Countries

652 kB
Transfer

1978 kB
Size

2
Cookies

24 HTTP transactions
0 data transactions