urlscan.io logo urlscan.io
SecurityTrails logo

www.nib.com.au Open in urlscan Pro
104.16.168.44  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://223.27.18.121/
Effective URL: https://www.nib.com.au/expat-health
Submission: On August 08 via manual from AU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 6 countries across 16 domains to perform 44 HTTP transactions. The main IP is 104.16.168.44, located in and belongs to CLOUDFLARENET, US. The main domain is www.nib.com.au.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 28th 2022. Valid for: a year.
This is the only time www.nib.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 223.27.18.121 55803 (HOSTOPIA-...)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
10 104.16.168.44 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 34.96.102.137 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.16.194 15169 (GOOGLE)
1 2 142.250.186.38 15169 (GOOGLE)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2.18.233.201 16625 (AKAMAI-AS)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:27::... 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
2 20.120.124.64 8075 (MICROSOFT...)
1 2 20.234.93.27 8075 (MICROSOFT...)
44 20
1    223.27.18.121 (Australia)

ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU)
PTR: vmx17181.hosting24.com.au
223.27.18.121
1    2606:4700::6811:8b5a (United States)

ASN13335 (CLOUDFLARENET, US)
www.nibglobalhealth.com
10    104.16.168.44 (None, )

ASN13335 (CLOUDFLARENET, US)
www.nib.com.au
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
3    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net
www.googleadservices.com
2    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
8918913.fls.doubleclick.net
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2620:1ec:27::cafe:1995 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
adservice.google.de
2    20.120.124.64 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
m.clarity.ms
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
Apex Domain
Subdomains		 Transfer
10 nib.com.au
www.nib.com.au
472 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 547
m.clarity.ms — Cisco Umbrella Rank: 5494
c.clarity.ms — Cisco Umbrella Rank: 996
26 KB
4 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 968
4 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 351
c.bing.com — Cisco Umbrella Rank: 195
13 KB
4 doubleclick.net
8918913.fls.doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
stats.g.doubleclick.net — Cisco Umbrella Rank: 118
3 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 5596
adservice.google.de — Cisco Umbrella Rank: 8117
1 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 10
adservice.google.com — Cisco Umbrella Rank: 98
1 KB
3 gstatic.com
fonts.gstatic.com
75 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
33 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
2 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5182
2 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
297 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 125
15 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
90 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
1 KB
1 nibglobalhealth.com
www.nibglobalhealth.com
578 B
44 16
Domain Requested by
10 www.nib.com.au www.nib.com.au
4 pixel.mathtag.com www.googletagmanager.com
pixel.mathtag.com
www.nib.com.au
3 bat.bing.com www.googletagmanager.com
bat.bing.com
www.nib.com.au
3 fonts.gstatic.com fonts.googleapis.com
2 c.clarity.ms 1 redirects
2 m.clarity.ms www.clarity.ms
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 www.google.de www.nib.com.au
2 www.google.com www.nib.com.au
2 connect.facebook.net www.nib.com.au
connect.facebook.net
2 www.google-analytics.com www.nib.com.au
2 8918913.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 dev.visualwebsiteoptimizer.com www.nib.com.au
1 c.bing.com 1 redirects
1 adservice.google.de adservice.google.com
1 adservice.google.com 8918913.fls.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.facebook.com www.nib.com.au
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com www.nib.com.au
1 fonts.googleapis.com www.nib.com.au
1 www.nibglobalhealth.com 1 redirects
44 23

This site contains links to these domains. Also see Links.

Domain
international.axappphealthcare.co.uk
nib.we.com.au
Subject Issuer Validity Valid
nib.com.au
Cloudflare Inc ECC CA-3		 2022-03-28 -
2023-03-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2022-07-04 -
2023-08-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-06-10 -
2022-12-10		 6 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-05		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-05-17 -
2022-08-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www.nib.com.au/expat-health
Frame ID: A4C8274CFE24F705020F3D56E0B6EAD2
Requests: 39 HTTP requests in this frame

Frame: https://8918913.fls.doubleclick.net/activityi;dc_pre=CI-C8J7_tfkCFSNJHQkdRmEJdA;src=8918913;type=landi0;cat=expat0;ord=3232324666644;gtm=2wg830;auiddc=1513770367.1659918757;~oref=https%3A%2F%2Fwww.nib.com.au%2Fexpat-health
Frame ID: 3EFB420B963EC3082B78EB9EFDF17D62
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=443a62f0-59a4-4600-927d-901197f641e8&no_iframe=1&mt_adid=157855&source=mathtag
Frame ID: B39A5A54D11BB5490C0CD61663BE5D7A
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CI-C8J7_tfkCFSNJHQkdRmEJdA;src=8918913;type=landi0;cat=expat0;ord=3232324666644;gtm=2wg830;auiddc=1513770367.1659918757;~oref=https%3A%2F%2Fwww.nib.com.au%2Fexpat-health
Frame ID: 4285870221A27DF7459A4CAAF90BA262
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CI-C8J7_tfkCFSNJHQkdRmEJdA;src=8918913;type=landi0;cat=expat0;ord=3232324666644;gtm=2wg830;auiddc=1513770367.1659918757;~oref=https%3A%2F%2Fwww.nib.com.au%2Fexpat-health
Frame ID: F7E8052AE5F07B4809A182E4D9A25972
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Expatriate International Health Insurance | nib

Page URL History Show full URLs

  1. http://223.27.18.121/ HTTP 301
    http://www.nibglobalhealth.com/ HTTP 301
    https://www.nib.com.au/expat-health Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

44
Requests

98 %
HTTPS

64 %
IPv6

16
Domains

23
Subdomains

20
IPs

6
Countries

757 kB
Transfer

1471 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://223.27.18.121/ HTTP 301
    http://www.nibglobalhealth.com/ HTTP 301
    https://www.nib.com.au/expat-health Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://8918913.fls.doubleclick.net/activityi;src=8918913;type=landi0;cat=expat0;ord=3232324666644;gtm=2wg830;auiddc=1513770367.1659918757;~oref=https%3A%2F%2Fwww.nib.com.au%2Fexpat-health HTTP 302
  • https://8918913.fls.doubleclick.net/activityi;dc_pre=CI-C8J7_tfkCFSNJHQkdRmEJdA;src=8918913;type=landi0;cat=expat0;ord=3232324666644;gtm=2wg830;auiddc=1513770367.1659918757;~oref=https%3A%2F%2Fwww.nib.com.au%2Fexpat-health
Request Chain 41
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=DB41AD869FF54665BE43861487CD784B&RedC=c.clarity.ms&MXFR=2508498831506E4A02C158723550600E HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=DB41AD869FF54665BE43861487CD784B&MUID=14B5214F3E236DA92EB830B53FF16C7F

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request expat-health
www.nib.com.au/
Redirect Chain
  • http://223.27.18.121/
  • http://www.nibglobalhealth.com/
  • https://www.nib.com.au/expat-health
15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nib.com.au/expat-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dabd68aa668305fc1cb1fae0ece84d54161675b5e2d90a2d242aa43f2bc037b3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
737427ca1eb3917a-FRA
content-encoding
br
content-security-policy
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'
content-type
text/html
date
Mon, 08 Aug 2022 00:32:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Fri, 12 Jul 2019 01:34:34 GMT
server
cloudflare
strict-transport-security
max-age=15768000
x-amz-id-2
8PUtvYYhQJt5ITkVv3/mG976xJte3hfy07NTfuCjhi0SR8QOWM0OoZt84gU+9UWNhLXfOL1vw5Y=
x-amz-request-id
A57KXEV1PSH69TRG
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block;

Redirect headers

CF-RAY
737427c9b9755be5-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 08 Aug 2022 00:32:32 GMT
Expires
Mon, 08 Aug 2022 01:32:32 GMT
Location
https://www.nib.com.au/expat-health
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700,800|Roboto:300,400,700
Requested by
Host: www.nib.com.au
URL: https://www.nib.com.au/expat-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
855614c7bb76fa53501ff0870ea52c074ef81527f01d217c65a12f656703d0ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 00:32:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 08 Aug 2022 00:32:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Aug 2022 00:32:32 GMT
1486dd7a.css
www.nib.com.au/expat-health/styles/ 		95 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nib.com.au/expat-health/styles/1486dd7a.css
Requested by
Host: www.nib.com.au
URL: https://www.nib.com.au/expat-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3282afdbe8a58340b74605e3b07ea16b22833c44abe09113be441fa51dbfe8a9
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/expat-health
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:32:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-amz-request-id
Z1JKZQ2J8YDD14PA
vary
Accept-Encoding
x-amz-id-2
LHhsaRQhkbnl6kn2hEl3WZKSSC7QD1flK0SC1lx15uWMmIGREa/KvXa+kdlgOVEjxdxMlXmtgdo=
last-modified
Fri, 12 Jul 2019 01:34:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1486dd7ae43376a7e683b41d45b19719"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
text/css
x-xss-protection
1; mode=block;
cache-control
public, max-age=14400
content-security-policy
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'
cf-ray
737427cc499e917a-FRA
expires
Mon, 08 Aug 2022 04:32:34 GMT
logo.5092eada.svg
www.nib.com.au/expat-health/files/ 		1 KB
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nib.com.au/expat-health/files/logo.5092eada.svg
Requested by
Host: www.nib.com.au
URL: https://www.nib.com.au/expat-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4117b4438897837c60542511c94d1dedc2c6d349ee3929c9e6c0ec3f554738b
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/expat-health
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:32:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-amz-request-id
XC4G3VYKT94C89J8
vary
Accept-Encoding
x-amz-id-2
AgVhUctUVBDy5fzBL2ufNvdh0ev/s3Yjw+g88TqPnV6EZFKhOF+f1Bu4h9yVF6Oj7+G3JblZ0LU=
last-modified
Fri, 12 Jul 2019 01:34:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5092eada3b720f0a692054938383d776"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
image/svg+xml
x-xss-protection
1; mode=block;
cache-control
public, max-age=14400
content-security-policy
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'
cf-ray
737427d7c9d1917a-FRA
expires
Mon, 08 Aug 2022 04:32:35 GMT
heroTablet.7eda2bf0.jpg
www.nib.com.au/expat-health/files/ 		137 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nib.com.au/expat-health/files/heroTablet.7eda2bf0.jpg
Requested by
Host: www.nib.com.au
URL: https://www.nib.com.au/expat-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c6050f1202ce653da0d702e45873739186a77ac96f7295d5e32b943f93be0b9
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/expat-health
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:32:36 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-amz-request-id
XC4M0MVRXF8JDJ3C
vary
Accept-Encoding
content-length
140494
x-amz-id-2
2zU4vU5KeplusEB3EnMjPVYHeQsFhVa/ya57WuHCxwE2Psw4KzHVWznxq+3QFk/MSIjXLb/Cd+Q=
last-modified
Fri, 12 Jul 2019 01:34:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"7eda2bf01c50a8f8b61d8f52fc25a1fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
image/jpeg
x-xss-protection
1; mode=block;
cache-control
public, max-age=14400
content-security-policy
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'
accept-ranges
bytes
cf-ray
737427d7c9d2917a-FRA
expires
Mon, 08 Aug 2022 04:32:35 GMT
camp-fire.7ad15573.jpg
www.nib.com.au/expat-health/files/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nib.com.au/expat-health/files/camp-fire.7ad15573.jpg
Requested by
Host: www.nib.com.au
URL: https://www.nib.com.au/expat-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56b5f45480d4946cec0afbd8f2d233edf6ad88d60d20ae68d8e6e00bf6d7c76b
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/expat-health
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:32:36 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-amz-request-id
XC4NRP84T08T8551
vary
Accept-Encoding
content-length
89207
x-amz-id-2
w5Fe6ONHWxYhLRDVEXgpHa7E99phCOqPgsAzm4JfuYP55//zZuLuLt2R8uBWXMFOEiISeDWFe2s=
last-modified
Fri, 12 Jul 2019 01:34:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"7ad155738162b2b0b26e3e2956f53041"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
image/jpeg
x-xss-protection
1; mode=block;
cache-control
public, max-age=14400
content-security-policy
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'
accept-ranges
bytes
cf-ray
737427d7c9d3917a-FRA
expires
Mon, 08 Aug 2022 04:32:35 GMT
travel-bag.cf23830e.svg
www.nib.com.au/expat-health/files/ 		907 B
756 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nib.com.au/expat-health/files/travel-bag.cf23830e.svg
Requested by
Host: www.nib.com.au
URL: https://www.nib.com.au/expat-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e61e8a3545471f8de2b29500c558bb32e75f911d921ded5c6da7b3393bc1fc1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/expat-health
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:32:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-amz-request-id
XC4VGD5H5ZPA50WD
vary
Accept-Encoding
x-amz-id-2
yHN74P/IY8BJ6PuOz6OJ8NUaTYAtfTIKmA4gqkOwBiVzQgU087Mk+GyA7IT5AJT4nx+PTjL08hg=
last-modified
Fri, 12 Jul 2019 01:34:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"cf23830e40c2f6bcf332be214aef60a5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
image/svg+xml
x-xss-protection
1; mode=block;
cache-control
public, max-age=14400
content-security-policy
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'
cf-ray
737427d7c9d6917a-FRA
expires
Mon, 08 Aug 2022 04:32:35 GMT
02ff90be.js
www.nib.com.au/expat-health/scripts/ 		143 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nib.com.au/expat-health/scripts/02ff90be.js
Requested by
Host: www.nib.com.au
URL: https://www.nib.com.au/expat-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cd49edf2a337109f42820734c3cee662ce1f364ccc4046f0b8a04aa63f13ea7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/expat-health
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:32:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-amz-request-id
Z1JX53AFZRZFP8M6
vary
Accept-Encoding
x-amz-id-2
xw0ZodVhR4XXzerMcbq9kKbeoVgf/GG51PVbm9DV+osLsEtOPuG2x34EeLldqcHn4+DulkyDhAQ=
last-modified
Fri, 12 Jul 2019 01:34:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6c8b76d20e3cff171b85e2d94c72b730"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
application/javascript
x-xss-protection
1; mode=block;
cache-control
public, max-age=14400
content-security-policy
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'
cf-ray
737427cd1a56917a-FRA
expires
Mon, 08 Aug 2022 04:32:34 GMT
204ae6df.js
www.nib.com.au/expat-health/scripts/ 		142 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nib.com.au/expat-health/scripts/204ae6df.js
Requested by
Host: www.nib.com.au
URL: https://www.nib.com.au/expat-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be29a9ce7cf5abe969aa0e7fce65ae0f1b4989308531945cbd6674437e8b4819
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/expat-health
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:32:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-amz-request-id
XC4Q3AZ3DY0XC25N
vary
Accept-Encoding
x-amz-id-2
yq5lk1Pnby9CkvpDtUdfPrbADzrQFtRTE9bHT32kbp50PLNJV1tixcVZHqc5Fc3jS73wPm/8DHU=
last-modified
Fri, 12 Jul 2019 01:34:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2cb306d119dc0b45ee8ab786e2e2b0bb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
application/javascript
x-xss-protection
1; mode=block;
cache-control
public, max-age=14400
content-security-policy
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'
cf-ray
737427d7386d917a-FRA
expires
Mon, 08 Aug 2022 04:32:35 GMT
js_visitor_settings.php
dev.visualwebsiteoptimizer.com/deploy/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=215379&url=https%3A%2F%2Fwww.nib.com.au%2Fexpat-health&random=0.10732811320036961
Requested by
Host: www.nib.com.au
URL: https://www.nib.com.au/expat-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
909b3be101f275433bedd074903181d433fb6a33288fd02d3261cc1d4bcde888

Request headers

Referer
https://www.nib.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 08 Aug 2022 00:32:33 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=215379&d=nib.com.au&u=DAF27F7BBB87F1D4CB25734314203C31B&h=c460133396b350040d4165b8cd3e47a4&r=0.07425489632201154
Requested by
Host: www.nib.com.au
URL: https://www.nib.com.au/expat-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv3c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:32:33 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv3c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
heroDesktop.7eda2bf0.jpg
www.nib.com.au/expat-health/files/ 		137 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nib.com.au/expat-health/files/heroDesktop.7eda2bf0.jpg
Requested by
Host: www.nib.com.au
URL: https://www.nib.com.au/expat-health/styles/1486dd7a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c6050f1202ce653da0d702e45873739186a77ac96f7295d5e32b943f93be0b9
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/expat-health/styles/1486dd7a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:32:36 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-amz-request-id
XC4VFHG5M69QRBGM
vary
Accept-Encoding
content-length
140494
x-amz-id-2
Mra0pdH5q6faPRYPdfwa2u1Q8nNI8zAhJ7A6Axvlf0m0WGswNqAwij96cqeJHa2+16agRmIAehQ=
last-modified
Fri, 12 Jul 2019 01:34:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"7eda2bf01c50a8f8b61d8f52fc25a1fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
image/jpeg
x-xss-protection
1; mode=block;
cache-control
public, max-age=14400
content-security-policy
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'
accept-ranges
bytes
cf-ray
737427d7c9d7917a-FRA
expires
Mon, 08 Aug 2022 04:32:35 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800|Roboto:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nib.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 23:10:25 GMT
x-content-type-options
nosniff
age
523329
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Aug 2023 23:10:25 GMT
nibdings.5896812c.woff
www.nib.com.au/expat-health/files/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nib.com.au/expat-health/files/nibdings.5896812c.woff
Requested by
Host: www.nib.com.au
URL: https://www.nib.com.au/expat-health/styles/1486dd7a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce9583dd4eee3ecedf21aec6d5f204a11b9e3dd4abc4a183bcb3222e0f90e2c6
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://www.nib.com.au/expat-health/styles/1486dd7a.css
Origin
https://www.nib.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:32:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-amz-request-id
XC4TE3F5GE7KRYCW
vary
Accept-Encoding
content-length
11980
x-amz-id-2
CvlF+Mw87HMZ+tUo4pAQFUcoRxy0CbduuD1AF7Cc6iqO0AImuSvZwcFi6mlvtwNTXq5n+tElzI4=
last-modified
Fri, 12 Jul 2019 01:34:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5896812c679966bbf03fc0262522893f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
font/woff
x-xss-protection
1; mode=block;
cache-control
public, max-age=14400
content-security-policy
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'
accept-ranges
bytes
cf-ray
737427d7c9d8917a-FRA
expires
Mon, 08 Aug 2022 04:32:35 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800|Roboto:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nib.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 16:39:45 GMT
x-content-type-options
nosniff
age
546769
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Aug 2023 16:39:45 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800|Roboto:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nib.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 19:07:55 GMT
x-content-type-options
nosniff
age
537879
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Aug 2023 19:07:55 GMT
gtm.js
www.googletagmanager.com/ 		297 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-VQN8
Requested by
Host: www.nib.com.au
URL: https://www.nib.com.au/expat-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
273f59294654bbe637c1afc285783d72356194730473fcbfcee1a9751cb92bb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:32:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91757
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 08 Aug 2022 00:32:36 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-VQN8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:32:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15160
x-xss-protection
0
server
cafe
etag
9823212955285023900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 08 Aug 2022 00:32:36 GMT
activityi;dc_pre=CI-C8J7_tfkCFSNJHQkdRmEJdA;src=8918913;type=landi0;cat=expat0;ord=3232324666644;gtm=2wg830;auiddc=1513770367.1659918757;~oref=https%3A%2F%2Fwww.nib.com.au%2Fexpat-health
8918913.fls.doubleclick.net/ Frame 3EFB
Redirect Chain
  • https://8918913.fls.doubleclick.net/activityi;src=8918913;type=landi0;cat=expat0;ord=3232324666644;gtm=2wg830;auiddc=1513770367.1659918757;~oref=https%3A%2F%2Fwww.nib.com.au%2Fexpat-health?
  • https://8918913.fls.doubleclick.net/activityi;dc_pre=CI-C8J7_tfkCFSNJHQkdRmEJdA;src=8918913;type=landi0;cat=expat0;ord=3232324666644;gtm=2wg830;auiddc=1513770367.1659918757;~oref=https%3A%2F%2Fwww....
491 B
411 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8918913.fls.doubleclick.net/activityi;dc_pre=CI-C8J7_tfkCFSNJHQkdRmEJdA;src=8918913;type=landi0;cat=expat0;ord=3232324666644;gtm=2wg830;auiddc=1513770367.1659918757;~oref=https%3A%2F%2Fwww.nib.com.au%2Fexpat-health?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-VQN8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
cf27eb8760e397c3989942f2223be1ecede5b41b433ca9cfa9d53b8c6ba36c35
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 00:32:36 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 00:32:36 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8918913.fls.doubleclick.net/activityi;dc_pre=CI-C8J7_tfkCFSNJHQkdRmEJdA;src=8918913;type=landi0;cat=expat0;ord=3232324666644;gtm=2wg830;auiddc=1513770367.1659918757;~oref=https%3A%2F%2Fwww.nib.com.au%2Fexpat-health?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-VQN8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 97C9913AD437407C8742A485B876A78F Ref B: FRAEDGE1210 Ref C: 2022-08-08T00:32:36Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Mon, 08 Aug 2022 00:32:36 GMT
accept-ranges
bytes
content-length
11367
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.nib.com.au
URL: https://www.nib.com.au/expat-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5436
date
Sun, 07 Aug 2022 23:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 08 Aug 2022 01:02:00 GMT
js
pixel.mathtag.com/event/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_id=1109029&mt_adid=157855&mt_excl=&mt_exem=&s1=https%3A%2F%2Fwww.nib.com.au%2Fexpat-health&s2=&s3=Expatriate%20International%20Health%20Insurance%20%7C%20nib&v1=&v2=&v3=&v4=&v5=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-VQN8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4475 c1dc35a master hkg-pixel-x21 config:1.0.0 /
Resource Hash
ad0bd3223e1d61baeaac33a50254bb4e7ec23d18abc3eb1b51c6a73ba122bc24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 00:32:36 GMT
Server
MT3 4475 c1dc35a master hkg-pixel-x21 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1485
Expires
Mon, 08 Aug 2022 00:32:35 GMT
fbevents.js
connect.facebook.net/en_US/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.nib.com.au
URL: https://www.nib.com.au/expat-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e75555ca161f289d4830a84a1856b37a9cb0077f78af600fb47c67c135baa8fd
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26506
x-xss-protection
0
pragma
public
x-fb-debug
UOJTb/PtqkwX0cIRDemLQHg4+l59U/PWox/BuO01GW1MqxGTe3D0uLMKMKR9Zy3ehsMf/HWumQnl5iOawHscVA==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Mon, 08 Aug 2022 00:32:36 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
187879108595624
connect.facebook.net/signals/config/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/187879108595624?v=2.9.73&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5d333a0bd8fd0707aff74469aabdb07ed2d3f453a25213d3de8f3fc1517f3124
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
sLiTiFMhpEmGfKznVwwbYSW3ZQfRybcT+yHC6Cl8ARxFX6LeMbx9gAHmd2q8rGX7/tD+iZLftD9qztPtOQlQ0w==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 08 Aug 2022 00:32:36 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1659918756858
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
13005477.js
bat.bing.com/p/action/ 		1 KB
842 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/13005477.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
00ba56f48a632c50ef7af5fa8d77beb8fdacbf0e7543e9dba32bef701daebd07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: ED7CD8A3F022441BA62109138FE8644B Ref B: FRAEDGE1210 Ref C: 2022-08-08T00:32:36Z
date
Mon, 08 Aug 2022 00:32:36 GMT
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private,max-age=60
content-length
667
0
bat.bing.com/action/ 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=13005477&tm=gtm002&Ver=2&mid=6f0ee2b4-fe18-4ac4-bd5d-ce3c6687cba6&sid=9a144fc016b111ed882a478548a2075d&vid=9a146e8016b111edaeb481af14a7b9cb&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Expatriate%20International%20Health%20Insurance%20%7C%20nib&p=https%3A%2F%2Fwww.nib.com.au%2Fexpat-health&r=&lt=4835&evt=pageLoad&sv=1&rn=577659
Requested by
Host: www.nib.com.au
URL: https://www.nib.com.au/expat-health
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 70267D4373374166917E2786D42B2B50 Ref B: FRAEDGE1210 Ref C: 2022-08-08T00:32:36Z
date
Mon, 08 Aug 2022 00:32:36 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=187879108595624&ev=PageView&dl=https%3A%2F%2Fwww.nib.com.au%2Fexpat-health&rl=&if=false&ts=1659918756870&sw=1600&sh=1200&v=2.9.73&r=stable&ec=0&o=28&fbp=fb.2.1659918756869.1384706379&it=1659918756811&coo=false&rqm=GET
Requested by
Host: www.nib.com.au
URL: https://www.nib.com.au/expat-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:32:36 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 08 Aug 2022 00:32:36 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1065538426/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1065538426/?random=1659918756902&cv=9&fst=1659918756902&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg830&sendb=1&ig=1&data=pagetype%3Dother&frm=0&url=https%3A%2F%2Fwww.nib.com.au%2Fexpat-health&tiba=Expatriate%20International%20Health%20Insurance%20%7C%20nib&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
479cf8d8507b0a0763ac20b5281646ea20450cd2ad11275170e3a71648cfa0a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:32:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1058
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2919239-1&cid=1247689266.1659918757&jid=348131255&gjid=1002760793&_gid=1223024477.1659918757&_u=YGBAgEABAAAAAE~&z=1037218597
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nib.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 08 Aug 2022 00:32:36 GMT
content-type
text/plain
access-control-allow-origin
https://www.nib.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=61030658&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nib.com.au%2Fexpat-health&ul=en-us&de=UTF-8&dt=Expatriate%20International%20Health%20Insurance%20%7C%20nib&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=348131255&gjid=1002760793&cid=1247689266.1659918757&tid=UA-2919239-1&_gid=1223024477.1659918757&cd1=4721861659918756771&z=955176307
Requested by
Host: www.nib.com.au
URL: https://www.nib.com.au/expat-health
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Aug 2022 16:23:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
29336
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2919239-1&cid=1247689266.1659918757&jid=348131255&_u=YGBAgEABAAAAAE~&z=278633517
Requested by
Host: www.nib.com.au
URL: https://www.nib.com.au/expat-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:32:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2919239-1&cid=1247689266.1659918757&jid=348131255&_u=YGBAgEABAAAAAE~&z=278633517
Requested by
Host: www.nib.com.au
URL: https://www.nib.com.au/expat-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:32:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe
pixel.mathtag.com/sync/ Frame B39A 		705 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/iframe?mt_uuid=443a62f0-59a4-4600-927d-901197f641e8&no_iframe=1&mt_adid=157855&source=mathtag
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1109029&mt_adid=157855&mt_excl=&mt_exem=&s1=https%3A%2F%2Fwww.nib.com.au%2Fexpat-health&s2=&s3=Expatriate%20International%20Health%20Insurance%20%7C%20nib&v1=&v2=&v3=&v4=&v5=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4475 c1dc35a master hkg-pixel-x21 config:1.0.0 /
Resource Hash
0a02cb2d7190c4675ee2cb667418b06615b563bc0b541fa4964518f48e98dfd2

Request headers

Referer
https://www.nib.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
705
Content-Type
text/html
Date
Mon, 08 Aug 2022 00:32:37 GMT
Expires
Mon, 08 Aug 2022 00:32:36 GMT
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4475 c1dc35a master hkg-pixel-x21 config:1.0.0
img
pixel.mathtag.com/misc/ 		43 B
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: www.nib.com.au
URL: https://www.nib.com.au/expat-health
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4475 c1dc35a master hkg-pixel-x18 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 00:32:37 GMT
Server
MT3 4475 c1dc35a master hkg-pixel-x18 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Aug 2022 00:32:36 GMT
13005477
www.clarity.ms/tag/uet/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/13005477
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/13005477.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1995 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
e637de232419dad7d937407840ff323f3366568f5d4a46216c8b6af94bc47790

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:32:37 GMT
x-powered-by
ASP.NET
x-azure-ref
0pVnwYgAAAABR90BRWbzmR7C/Q5/U/VxPUEFSMDJFREdFMDYxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
expires
-1
cache-control
no-cache, no-store
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
dc_pre=CI-C8J7_tfkCFSNJHQkdRmEJdA;src=8918913;type=landi0;cat=expat0;ord=3232324666644;gtm=2wg830;auiddc=1513770367.1659918757;~oref=https%3A%2F%2Fwww.nib.com.au%2Fexpat-health
adservice.google.com/ddm/fls/i/ Frame 4285 		490 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CI-C8J7_tfkCFSNJHQkdRmEJdA;src=8918913;type=landi0;cat=expat0;ord=3232324666644;gtm=2wg830;auiddc=1513770367.1659918757;~oref=https%3A%2F%2Fwww.nib.com.au%2Fexpat-health
Requested by
Host: 8918913.fls.doubleclick.net
URL: https://8918913.fls.doubleclick.net/activityi;dc_pre=CI-C8J7_tfkCFSNJHQkdRmEJdA;src=8918913;type=landi0;cat=expat0;ord=3232324666644;gtm=2wg830;auiddc=1513770367.1659918757;~oref=https%3A%2F%2Fwww.nib.com.au%2Fexpat-health?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c31a27be4e5762b0f59a4e35738351928b482a46b601100125217e8db1a8998c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8918913.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 00:32:37 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/1065538426/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1065538426/?random=1659918756902&cv=9&fst=1659916800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg830&sendb=1&data=pagetype%3Dother&frm=0&url=https%3A%2F%2Fwww.nib.com.au%2Fexpat-health&tiba=Expatriate%20International%20Health%20Insurance%20%7C%20nib&async=1&fmt=3&is_vtc=1&random=1225639694&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.nib.com.au
URL: https://www.nib.com.au/expat-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:32:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1065538426/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1065538426/?random=1659918756902&cv=9&fst=1659916800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg830&sendb=1&data=pagetype%3Dother&frm=0&url=https%3A%2F%2Fwww.nib.com.au%2Fexpat-health&tiba=Expatriate%20International%20Health%20Insurance%20%7C%20nib&async=1&fmt=3&is_vtc=1&random=1225639694&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.nib.com.au
URL: https://www.nib.com.au/expat-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:32:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/eus-f/s/0.6.37/ 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus-f/s/0.6.37/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/13005477
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1995 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
9e8ba124b0c73a351df657b54d58db545fe810e16c0d9b07824a64864792a20d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 00:32:37 GMT
content-encoding
br
etag
"1d8aa4ff65ff896"
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
0pVnwYgAAAAD80APAALyqSbxlzQ0CNeWzUEFSMDJFREdFMDYxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
content-length
23115
request-context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
dc_pre=CI-C8J7_tfkCFSNJHQkdRmEJdA;src=8918913;type=landi0;cat=expat0;ord=3232324666644;gtm=2wg830;auiddc=1513770367.1659918757;~oref=https%3A%2F%2Fwww.nib.com.au%2Fexpat-health
adservice.google.de/ddm/fls/i/ Frame F7E8 		194 B
657 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CI-C8J7_tfkCFSNJHQkdRmEJdA;src=8918913;type=landi0;cat=expat0;ord=3232324666644;gtm=2wg830;auiddc=1513770367.1659918757;~oref=https%3A%2F%2Fwww.nib.com.au%2Fexpat-health
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CI-C8J7_tfkCFSNJHQkdRmEJdA;src=8918913;type=landi0;cat=expat0;ord=3232324666644;gtm=2wg830;auiddc=1513770367.1659918757;~oref=https%3A%2F%2Fwww.nib.com.au%2Fexpat-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
177
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 00:32:37 GMT
expires
Mon, 08 Aug 2022 00:32:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
img
pixel.mathtag.com/misc/ Frame B39A 		43 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=443a62f0-59a4-4600-927d-901197f641e8&no_iframe=1&mt_adid=157855&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4475 c1dc35a master hkg-pixel-x2 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=443a62f0-59a4-4600-927d-901197f641e8&no_iframe=1&mt_adid=157855&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 00:32:37 GMT
Server
MT3 4475 c1dc35a master hkg-pixel-x2 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Aug 2022 00:32:36 GMT
collect
m.clarity.ms/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus-f/s/0.6.37/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.120.124.64 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.nib.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
https://www.nib.com.au
date
Mon, 08 Aug 2022 00:32:37 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=DB41AD869FF54665BE43861487CD784B&RedC=c.clarity.ms&MXFR=2508498831506E4A02C158723550600E
  • https://c.clarity.ms/c.gif?CtsSyncId=DB41AD869FF54665BE43861487CD784B&MUID=14B5214F3E236DA92EB830B53FF16C7F
42 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=DB41AD869FF54665BE43861487CD784B&MUID=14B5214F3E236DA92EB830B53FF16C7F
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nib.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:32:37 GMT
last-modified
Thu, 28 Jul 2022 20:41:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"82531c78c2a2d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 08 Aug 2022 00:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B63FF5F6FA914FEC94DAE85EC9CC7E79 Ref B: FRAEDGE1210 Ref C: 2022-08-08T00:32:37Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=DB41AD869FF54665BE43861487CD784B&MUID=14B5214F3E236DA92EB830B53FF16C7F
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
m.clarity.ms/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus-f/s/0.6.37/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.120.124.64 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.nib.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
https://www.nib.com.au
date
Mon, 08 Aug 2022 00:32:37 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| Modernizr number| _vis_opt_account_id string| _vis_opt_protocol string| _vwo_mt string| _vwo_tm object| vwo_iehack_queue object| __INITIAL_STATE__ function| vendor object| dataLayer object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| onYouTubeIframeAPIReady object| metas string| vid object| expires string| bucket string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| UET function| UET_init function| UET_push object| ueto_984c775f45 object| uetq function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| gaplugins object| gaGlobal object| gaData function| MtBts function| metric function| clarity

21 Cookies

Domain/Path Name / Value
.nib.com.au/ Name: __cf_bm
Value: bSdjh.9Pu11fNgikmlV47T4J.KJ0M6oWzserFz0_fQU-1659918752-0-AdFLC0vP2q/xjkqSdHPMJ8Ow9hCkizv1SOa7y/vryBpT3hXOeO3LtM7ZSWXtcz/QnOfD9d21r/GBKl/7PfwBiHo=
.nib.com.au/ Name: _vwo_uuid_v2
Value: DAF27F7BBB87F1D4CB25734314203C31B|c460133396b350040d4165b8cd3e47a4
.nib.com.au/ Name: _gcl_au
Value: 1.1.1513770367.1659918757
www.nib.com.au/ Name: nib_vid
Value: 4721861659918756771
.bing.com/ Name: MUID
Value: 14B5214F3E236DA92EB830B53FF16C7F
.nib.com.au/ Name: _uetsid
Value: 9a144fc016b111ed882a478548a2075d
.nib.com.au/ Name: _uetvid
Value: 9a146e8016b111edaeb481af14a7b9cb
.nib.com.au/ Name: _fbp
Value: fb.2.1659918756869.1384706379
.nib.com.au/ Name: _ga
Value: GA1.3.1247689266.1659918757
.nib.com.au/ Name: _gid
Value: GA1.3.1223024477.1659918757
.nib.com.au/ Name: _gat
Value: 1
.mathtag.com/ Name: uuid
Value: 443a62f0-59a4-4600-927d-901197f641e8
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
www.clarity.ms/ Name: CLID
Value: b7012b01e9be489b835233736f58b4be.20220808.20230808
.nib.com.au/ Name: _clck
Value: k1ulxu|1|f3u|0
.c.bing.com/ Name: SRM_B
Value: 14B5214F3E236DA92EB830B53FF16C7F
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 14B5214F3E236DA92EB830B53FF16C7F
.c.clarity.ms/ Name: ANONCHK
Value: 0
.nib.com.au/ Name: _clsk
Value: u0p5ar|1659918757783|1|1|m.clarity.ms/collect

2 Console Messages

Source Level URL
Text
javascript warning URL: https://www.nib.com.au/expat-health(Line 4)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=215379&url=https%3A%2F%2Fwww.nib.com.au%2Fexpat-health&random=0.10732811320036961, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.nib.com.au/expat-health(Line 4)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=215379&url=https%3A%2F%2Fwww.nib.com.au%2Fexpat-health&random=0.10732811320036961, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8918913.fls.doubleclick.net
adservice.google.com
adservice.google.de
bat.bing.com
c.bing.com
c.clarity.ms
connect.facebook.net
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
m.clarity.ms
pixel.mathtag.com
stats.g.doubleclick.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.nib.com.au
www.nibglobalhealth.com
104.16.168.44
142.250.186.38
172.217.16.194
2.18.233.201
20.120.124.64
20.234.93.27
223.27.18.121
2606:4700::6811:8b5a
2620:1ec:27::cafe:1995
2620:1ec:c11::200
2a00:1450:4001:806::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2003
2a00:1450:400c:c1b::9d
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.96.102.137
00ba56f48a632c50ef7af5fa8d77beb8fdacbf0e7543e9dba32bef701daebd07
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0a02cb2d7190c4675ee2cb667418b06615b563bc0b541fa4964518f48e98dfd2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
273f59294654bbe637c1afc285783d72356194730473fcbfcee1a9751cb92bb6
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
3282afdbe8a58340b74605e3b07ea16b22833c44abe09113be441fa51dbfe8a9
479cf8d8507b0a0763ac20b5281646ea20450cd2ad11275170e3a71648cfa0a4
56b5f45480d4946cec0afbd8f2d233edf6ad88d60d20ae68d8e6e00bf6d7c76b
5d333a0bd8fd0707aff74469aabdb07ed2d3f453a25213d3de8f3fc1517f3124
6cd49edf2a337109f42820734c3cee662ce1f364ccc4046f0b8a04aa63f13ea7
7e61e8a3545471f8de2b29500c558bb32e75f911d921ded5c6da7b3393bc1fc1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855614c7bb76fa53501ff0870ea52c074ef81527f01d217c65a12f656703d0ca
8c6050f1202ce653da0d702e45873739186a77ac96f7295d5e32b943f93be0b9
909b3be101f275433bedd074903181d433fb6a33288fd02d3261cc1d4bcde888
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9e8ba124b0c73a351df657b54d58db545fe810e16c0d9b07824a64864792a20d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
ad0bd3223e1d61baeaac33a50254bb4e7ec23d18abc3eb1b51c6a73ba122bc24
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
be29a9ce7cf5abe969aa0e7fce65ae0f1b4989308531945cbd6674437e8b4819
c31a27be4e5762b0f59a4e35738351928b482a46b601100125217e8db1a8998c
ce9583dd4eee3ecedf21aec6d5f204a11b9e3dd4abc4a183bcb3222e0f90e2c6
cf27eb8760e397c3989942f2223be1ecede5b41b433ca9cfa9d53b8c6ba36c35
d4117b4438897837c60542511c94d1dedc2c6d349ee3929c9e6c0ec3f554738b
dabd68aa668305fc1cb1fae0ece84d54161675b5e2d90a2d242aa43f2bc037b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e637de232419dad7d937407840ff323f3366568f5d4a46216c8b6af94bc47790
e75555ca161f289d4830a84a1856b37a9cb0077f78af600fb47c67c135baa8fd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef