www.tsb.co.nz Open in urlscan Pro
2403:4800:2003:4::cb86:559a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.tsb.co.nz/
Submission Tags: @phish_report
Submission: On September 03 via api (September 3rd 2024, 11:32:11 pm UTC) from FI — Scanned from NZ

Summary HTTP 78 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 16 domains to perform 78 HTTP transactions. The main IP is 2403:4800:2003:4::cb86:559a, located in Australia and belongs to VOCUS-RETAIL-AU Vocus Retail, AU. The main domain is www.tsb.co.nz.
TLS certificate: Issued by R11 on July 24th 2024. Valid for: 3 months.

This is the only time www.tsb.co.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2403:4800:200... 2403:4800:2003:4::cb86:559a	9443 (VOCUS-RET...) (VOCUS-RETAIL-AU Vocus Retail)
36	203.134.79.57 203.134.79.57	9443 (VOCUS-RET...) (VOCUS-RETAIL-AU Vocus Retail)
1	18.67.110.51 18.67.110.51	16509 (AMAZON-02) (AMAZON-02)
1	18.67.110.105 18.67.110.105	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:f5cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2404:6800:400... 2404:6800:4006:80f::2008	15169 (GOOGLE) (GOOGLE)
3	23.77.150.189 23.77.150.189	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2620:1ec:bdf::31 2620:1ec:bdf::31	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	23.77.150.29 23.77.150.29	16625 (AKAMAI-AS) (AKAMAI-AS)
2	157.240.8.23 157.240.8.23	32934 (FACEBOOK) (FACEBOOK)
2	151.101.1.175 151.101.1.175	54113 (FASTLY) (FASTLY)
1	103.237.104.82 103.237.104.82	53580 (MARKETO) (MARKETO)
2	2a03:2880:f11... 2a03:2880:f119:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2404:6800:400... 2404:6800:4006:804::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c05::9a	15169 (GOOGLE) (GOOGLE)
1	172.217.24.35 172.217.24.35	15169 (GOOGLE) (GOOGLE)
1 2	142.250.76.102 142.250.76.102	15169 (GOOGLE) (GOOGLE)
8	103.237.104.73 103.237.104.73	53580 (MARKETO) (MARKETO)
1 2	52.231.230.148 52.231.230.148	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.241.45.82 35.241.45.82	15169 (GOOGLE) (GOOGLE)
78	21

2 2403:4800:2003:4::cb86:559a (Australia)

ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU)

www.tsb.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 203.134.79.57 (Sydney, Australia)

ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU)
PTR: 57.79.134.203.core.vocus.network

www.tsb.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.110.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-110-51.syd62.r.cloudfront.net

shielded.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.110.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-110-105.syd62.r.cloudfront.net

staticcdn.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f5cb (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4006:80f::2008 (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.77.150.189 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-77-150-189.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::31 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.77.150.29 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-77-150-29.deploy.static.akamaitechnologies.com

snrtp-cdn.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtp-static.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.175 (San Francisco, United States)

ASN54113 (FASTLY, US)

nebula-cdn.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.237.104.82 (United States)

ASN53580 (MARKETO, US)

454-ize-737.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f119:8083:face:b00c:0:25de (Sydney, Australia)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:804::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c05::9a (Singapore, Singapore)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.24.35 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f3.1e100.net

www.google.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.76.102 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f6.1e100.net

4214544.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 103.237.104.73 (United States)

ASN53580 (MARKETO, US)

snrtp1.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.231.230.148 (Busan, Korea, Republic Of) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com

udc-neb.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	tsb.co.nz www.tsb.co.nz	351 KB
13	marketo.com snrtp-cdn.marketo.com rtp-static.marketo.com — Cisco Umbrella Rank: 56055 snrtp1.marketo.com	213 KB
4	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1114 p.clarity.ms Failed c.clarity.ms — Cisco Umbrella Rank: 1838	29 KB
3	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 252 4214544.fls.doubleclick.net ad.doubleclick.net Failed	979 B
3	kampyle.com nebula-cdn.kampyle.com — Cisco Umbrella Rank: 7396 udc-neb.kampyle.com — Cisco Umbrella Rank: 3965	83 KB
3	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 8471	7 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	296 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	72 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 341	773 B
1	google.co.nz www.google.co.nz — Cisco Umbrella Rank: 20621	63 B
1	google.com analytics.google.com — Cisco Umbrella Rank: 238
1	mktoresp.com 454-ize-737.mktoresp.com	487 B
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1314	10 KB
1	staticcdn.co.nz staticcdn.co.nz — Cisco Umbrella Rank: 430861	1 KB
1	shielded.co.nz shielded.co.nz — Cisco Umbrella Rank: 728267	6 KB
78	16

	Domain	Requested by
38	www.tsb.co.nz	www.tsb.co.nz www.googletagmanager.com www.clarity.ms
8	snrtp1.marketo.com	snrtp-cdn.marketo.com rtp-static.marketo.com
4	rtp-static.marketo.com	snrtp-cdn.marketo.com
3	munchkin.marketo.net	www.tsb.co.nz munchkin.marketo.net
3	www.googletagmanager.com	www.tsb.co.nz www.googletagmanager.com
2	c.clarity.ms	1 redirects
2	4214544.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.facebook.com	www.tsb.co.nz
2	nebula-cdn.kampyle.com	www.googletagmanager.com nebula-cdn.kampyle.com
2	connect.facebook.net	www.tsb.co.nz connect.facebook.net
2	www.clarity.ms	www.tsb.co.nz www.clarity.ms
1	udc-neb.kampyle.com
1	c.bing.com	1 redirects
1	www.google.co.nz	www.tsb.co.nz
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	454-ize-737.mktoresp.com	munchkin.marketo.net
1	snrtp-cdn.marketo.com	www.tsb.co.nz
1	unpkg.com	www.tsb.co.nz
1	staticcdn.co.nz	www.tsb.co.nz
1	shielded.co.nz	www.tsb.co.nz
0	p.clarity.ms Failed	www.clarity.ms
0	ad.doubleclick.net Failed	www.tsb.co.nz
78	23

This site contains links to these domains. Also see Links.

Domain
homebank.tsbbank.co.nz
apply.tsb.co.nz
www.facebook.com
www.instagram.com
nz.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
www.tsb.co.nz R11	`2024-07-24` - `2024-10-22`	3 months	crt.sh
shielded.co.nz Amazon RSA 2048 M02	`2024-08-23` - `2025-09-20`	a year	crt.sh
staticcdn.co.nz Amazon RSA 2048 M02	`2024-08-30` - `2025-09-27`	a year	crt.sh
unpkg.com WE1	`2024-07-28` - `2024-10-26`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.marketo.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-13` - `2024-09-11`	3 months	crt.sh
*.kampyle.com SSL.com RSA SSL subCA	`2023-11-07` - `2024-12-07`	a year	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-15` - `2025-09-15`	a year	crt.sh
*.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.google.co.nz WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.tsb.co.nz/
Frame ID: 583A36D1711D7FC42ED495BB189E305C
Requests: 78 HTTP requests in this frame

Frame: https://4214544.fls.doubleclick.net/activityi;dc_pre=CIbVq7n3p4gDFRsFgwMdBQIDBg;src=4214544;type=Remar0;cat=tsbba0;ord=5635838136407;npa=0;auiddc=576915555.1725406325;u1=%2F;ps=1;pcor=1660190384;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4930v9190070958z89111675971za201zb9111675971;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.tsb.co.nz%2F
Frame ID: C7694DFC3C8C65B1120F0C598F09BA12
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: F35ECA0872B3BD5627DB72570D7C4E19
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: C1583B87947C0AD65E9138F26A620D94
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The perfect amount of bank | TSB

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

78
Requests

95 %
HTTPS

38 %
IPv6

16
Domains

23
Subdomains

21
IPs

4
Countries

1070 kB
Transfer

3358 kB
Size

23
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://homebank.tsbbank.co.nz/
Title: Log In

Search URL Search Domain Scan URL

URL: https://apply.tsb.co.nz/cip/tsb/p/tsb/onlinehomeloan/application.html
Title: Apply online

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TSBNewZealand/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tsb_nz/

Search URL Search Domain Scan URL

URL: https://nz.linkedin.com/company/tsb_nz

Search URL Search Domain Scan URL

URL: https://www.youtube.com/TSBNewZealand

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://4214544.fls.doubleclick.net/activityi;src=4214544;type=Remar0;cat=tsbba0;ord=5635838136407;npa=0;auiddc=576915555.1725406325;u1=%2F;ps=1;pcor=1660190384;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4930v9190070958z89111675971za201zb9111675971;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.tsb.co.nz%2F HTTP 302
https://4214544.fls.doubleclick.net/activityi;dc_pre=CIbVq7n3p4gDFRsFgwMdBQIDBg;src=4214544;type=Remar0;cat=tsbba0;ord=5635838136407;npa=0;auiddc=576915555.1725406325;u1=%2F;ps=1;pcor=1660190384;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4930v9190070958z89111675971za201zb9111675971;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.tsb.co.nz%2F

Request Chain 77

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B4A5DF82EACC4780A0E5646F8564DABF&RedC=c.clarity.ms&MXFR=10699AA6EEE36B1F17A58E49EAE365E3 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B4A5DF82EACC4780A0E5646F8564DABF&MUID=2629B44F348C6B8322AFA0A0351C6A9C

78 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.tsb.co.nz/ 119 KB
19 KB 1080ms
814ms Document
text/html 2403:4800:2003:4::cb86:559a
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tsb.co.nz/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2403:4800:2003:4::cb86:559a , Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

Software

Resource Hash

f27e41b578d9b114aaef1174c8291fc2f487adc5c977b4bf59f463f5c76d331c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'nonce-WnRlY2M4b0FVeW9pNzV0Y1hxaFNBd0FBQUFF'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRlY2M4b0FVeW9pNzV0Y1hxaFNBd0FBQUFF'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRlY2M4b0FVeW9pNzV0Y1hxaFNBd0FBQUFF'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Alt-Svc: h3=":443"; ma=93600
Cache-Control: max-age=600, public
Connection: keep-alive
Content-Encoding: br
Content-Language: en
Content-Length: 17394
Content-Security-Policy: default-src 'self' 'nonce-WnRlY2M4b0FVeW9pNzV0Y1hxaFNBd0FBQUFF'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRlY2M4b0FVeW9pNzV0Y1hxaFNBd0FBQUFF'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRlY2M4b0FVeW9pNzV0Y1hxaFNBd0FBQUFF'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
Content-Type: text/html; charset=UTF-8
Date: Tue, 03 Sep 2024 23:32:03 GMT
ETag: "1725406323-br"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Tue, 03 Sep 2024 23:32:03 GMT
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Cookie,Accept-Encoding
X-Amz-Cf-Id: dTL8HXSeoK9HnQbbJSr81PKUWFhrfe4nCux6Px_WkHqOzlFqZ6Q1uA==
X-Amz-Cf-Pop: SYD62-P3
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 0

GET
H/1.1 200
OK A.css_sMsR2RcmDsLB9okt2MV6kb3pePXV2JfAzhcEzWhebi8.css,,qdelta==0,,alanguage==en,,atheme==TSB,,ainclude==eJxFjMEJwzAMABdyox2yQvsPciwcgSIZSaak0xdKIa877nFxRdIJFYPK67ne0sUqyiPyEtZednMCNT9R-ENloGN3HEdA8...
www.tsb.co.nz/sites/default/files/css/ 250 KB
39 KB 109ms
108ms Stylesheet
text/css 2403:4800:2003:4::cb86:559a
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tsb.co.nz/sites/default/files/css/A.css_sMsR2RcmDsLB9okt2MV6kb3pePXV2JfAzhcEzWhebi8.css,,qdelta==0,,alanguage==en,,atheme==TSB,,ainclude==eJxFjMEJwzAMABdyox2yQvsPciwcgSIZSaak0xdKIa877nFxRdIJFYPK67ne0sUqyiPyEtZednMCNT9R-ENloGN3HEdA8zlQlrssU8eswnFQK2kmyQP-_K3VGpXgpDc32lDIE1g5v4tHNYM+css_BygZZ239nmdlXBeZ0B7rT5Vr0ipuCIlTOCmEr_qvfok.css,,qdelta==1,,alanguage==en,,atheme==TSB,,ainclude==eJxFjMEJwzAMABdyox2yQvsPciwcgSIZSaak0xdKIa877nFxRdIJFYPK67ne0sUqyiPyEtZednMCNT9R-ENloGN3HEdA8zlQlrssU8eswnFQK2kmyQP-_K3VGpXgpDc32lDIE1g5v4tHNYM,Mcc.qgO1HN889X.css.pagespeed.cf.MS8_j7Drir.css

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2403:4800:2003:4::cb86:559a , Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

Software

Resource Hash

9d1d52b444c1502f4c23e43b6747412c054ca65157dfe908d599dedff425d626

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 03 Sep 2024 23:32:03 GMT
X-Original-Content-Length: 256022
X-Amz-Cf-Pop: SYD62-P3
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Content-Length: 39746
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 03 Sep 2024 03:24:34 GMT
ETag: W/"0"
Vary: Cookie,Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=31463560
X-Amz-Cf-Id: izxRLGar79g2_W1EaehU5YnpJR1QDncEjxMx0BaHiFs4UV5xzJ47Dw==
Expires: Wed, 03 Sep 2025 03:24:43 GMT

GET
H3 200 js_zXHb2_fi6Lu3Ud9-zDEneUSRmOFdnxjr7fY4Fs2Jwb8.js,qscope=header,adelta=0,alanguage=en,atheme=TSB,ainclude=eJyNi0EOwjAQAz8Umj_wBbhHabKA6TYbEreov0eIXrj1ZMszvl7O_q42Rj311FDZHfsY5tgmofl5KekxofyNWaraFhq... Show response
www.tsb.co.nz/sites/default/files/js/ 92 KB
32 KB 303ms
191ms Script
application/javascript 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tsb.co.nz/sites/default/files/js/js_zXHb2_fi6Lu3Ud9-zDEneUSRmOFdnxjr7fY4Fs2Jwb8.js,qscope=header,adelta=0,alanguage=en,atheme=TSB,ainclude=eJyNi0EOwjAQAz8Umj_wBbhHabKA6TYbEreov0eIXrj1ZMszvl7O_q42Rj311FDZHfsY5tgmofl5KekxofyNWaraFhqrSwop7MgS1qjIkbASnq9F2ubTOvzasDM56qdJMmjtqI-bOJopUf2eroPy_h6jSqNHAT-BE14J.pagespeed.ce.Hy26AaXkjQ.js

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

54c3efbdfca5f0a68b2fe25942ec652c41ae5ce6e07baca2b9f1a895409adfbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 03 Sep 2024 23:32:04 GMT
x-original-content-length: 94588
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 32606
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Aug 2024 11:53:53 GMT
etag: W/"0-gzip"
vary: Cookie,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31463452
x-amz-cf-id: EDv-7vcd6mSsavPsFllPF8khIeIVTBdqEgMhZbwBvQ5rVEIrTVAvYQ==
expires: Wed, 03 Sep 2025 03:22:56 GMT

GET
H3 200 logo.svg
www.tsb.co.nz/themes/TSB/ 2 KB
900 B 260ms
148ms Image
image/svg+xml 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tsb.co.nz/themes/TSB/logo.svg

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

b8710e59c134288dfa22585733639c1e70b133850bf414ee097f9e73eb4d8eee

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'nonce-WnRiT2ZZUVNkMXVDZGViQ2RXQ0t1UUFBQUJN'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRiT2ZZUVNkMXVDZGViQ2RXQ0t1UUFBQUJN'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRiT2ZZUVNkMXVDZGViQ2RXQ0t1UUFBQUJN'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'nonce-WnRiT2ZZUVNkMXVDZGViQ2RXQ0t1UUFBQUJN'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRiT2ZZUVNkMXVDZGViQ2RXQ0t1UUFBQUJN'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRiT2ZZUVNkMXVDZGViQ2RXQ0t1UUFBQUJN'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
date: Tue, 03 Sep 2024 23:32:03 GMT
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 871
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Aug 2024 10:31:17 GMT
etag: W/"763-620bbdbb1bb28"
x-frame-options: SAMEORIGIN
vary: Cookie,Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: 4TD5hEQpQWC-CjsWL9aE-GlUD7NnEuvCjyxQygH_5RpCeJrC6EigGg==
expires: Wed, 03 Sep 2025 07:50:48 GMT

GET
H3 200 44x44xphone-cropped_360.png.pagespeed.ic.FLEQNCv2oY.png
www.tsb.co.nz/sites/default/files/menu_icons/ 2 KB
2 KB 728ms
726ms Image
image/png 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tsb.co.nz/sites/default/files/menu_icons/44x44xphone-cropped_360.png.pagespeed.ic.FLEQNCv2oY.png

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

5b38685c3ce8b9d7e1bdf8779cd7ac5983028f904dfeccdd350d83c416ba1c3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 03 Sep 2024 23:32:04 GMT
x-content-type-options: nosniff
x-original-content-length: 2349
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 2167
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 30 Aug 2024 21:22:50 GMT
etag: W/"0"
vary: Cookie
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31456644
link: <https://www.tsb.co.nz/sites/default/files/menu_icons/phone-cropped_360.png>; rel="canonical"
x-amz-cf-id: i94TYE-URqxGnxP6KJ5VIhiolkmfm7hMYtRWnV75HSUVWqKsZGwZLg==
expires: Wed, 03 Sep 2025 01:29:28 GMT

GET
H3 200 44x44xmarker-pin-01.png.pagespeed.ic.zrahnGoRhi.png
www.tsb.co.nz/sites/default/files/menu_icons/ 1 KB
2 KB 730ms
727ms Image
image/png 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tsb.co.nz/sites/default/files/menu_icons/44x44xmarker-pin-01.png.pagespeed.ic.zrahnGoRhi.png

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

229153c7c6646487031d2e5f8be0ec43a58bb341dcb5417fb0ae480efd4ac162

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 03 Sep 2024 23:32:04 GMT
x-content-type-options: nosniff
x-original-content-length: 3416
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 1532
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 31 Aug 2024 11:22:15 GMT
etag: W/"0"
vary: Cookie
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31463466
link: <https://www.tsb.co.nz/sites/default/files/menu_icons/marker-pin-01.png>; rel="canonical"
x-amz-cf-id: eqaGcG_sIr14wOTUjgJenEnU3BsriZM9vuVqgwipyM-BzEDDoHaTxg==
expires: Wed, 03 Sep 2025 03:23:10 GMT

GET
H3 200 send-cropped_360.png.pagespeed.ce.5QoYwDWBj9.png
www.tsb.co.nz/sites/default/files/menu_icons/ 2 KB
2 KB 579ms
576ms Image
image/png 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tsb.co.nz/sites/default/files/menu_icons/send-cropped_360.png.pagespeed.ce.5QoYwDWBj9.png

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

6d85c6b6712f50bf6b61aeb1d96103d99903abb4d3fdba53ccf96552d9f86fcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 03 Sep 2024 23:32:04 GMT
x-content-type-options: nosniff
x-original-content-length: 1652
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 1652
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 12 Jun 2023 21:45:34 GMT
etag: W/"0"
vary: Cookie
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31442959
link: <https://www.tsb.co.nz/sites/default/files/menu_icons/send-cropped_360.png>; rel="canonical"
x-amz-cf-id: fzstTmbYlH76wl36uW2ZH1MR6Dkt7SKfDdOD--gulhNM8FAld1ibKQ==
expires: Tue, 02 Sep 2025 21:41:23 GMT

GET
H3 200 Homepage-transparent.webp
www.tsb.co.nz/sites/default/files/styles/home_hero_large_1x/public/2023-06/ 18 KB
18 KB 283ms
171ms Image
image/webp 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tsb.co.nz/sites/default/files/styles/home_hero_large_1x/public/2023-06/Homepage-transparent.webp?itok=lOPxUY1-

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

e9b29db4f9339b5c9320c9dc1a64c95d0b099c3529514803addc148ec8774b2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Tue, 03 Sep 2024 23:32:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 03 Sep 2024 23:32:04 GMT
x-content-type-options: nosniff
x-original-content-length: 19136
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 18854
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
etag: W/"PSA-aj-UPvd9KIQUj"
vary: Cookie
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=0, no-cache, no-store
x-amz-cf-id: mzs-afYXWh-9ZH1BkhC-_veBiQWWZfA8myDWTtt30Y83xKRfiVOD8Q==
quic-version: 0x00000001

GET
H3 200 ApplyPay-now-at-TSB.webp
www.tsb.co.nz/sites/default/files/styles/image_cta_desktop_1x/public/2024-08/ 7 KB
7 KB 336ms
336ms Image
image/webp 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tsb.co.nz/sites/default/files/styles/image_cta_desktop_1x/public/2024-08/ApplyPay-now-at-TSB.webp?h=94a077d4&itok=wiOdVOc4

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

a2df8a1ea57ff1a48259665a5aae51c21df18d91406f0a3e3623afb26c60c31d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Tue, 03 Sep 2024 23:32:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 03 Sep 2024 23:32:04 GMT
x-content-type-options: nosniff
x-original-content-length: 7416
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 7322
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
etag: W/"PSA-aj-34gZ9OeJlY"
vary: Cookie
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=0, no-cache, no-store
x-amz-cf-id: p650uMk9iQPqrikpe4qMKx-Vxz4cxtlNUlg4xe9s0VMqg0ReGXCdbw==
quic-version: 0x00000001

GET
H3 200 Splayed_credit_cards_DF2305161%20WEB%20-%20Website%20refresh%20project%20images%201224x918px%20R02-Audi%20%282%29_1.webp
www.tsb.co.nz/sites/default/files/styles/image_cta_desktop_1x/public/2023-07/ 9 KB
9 KB 278ms
277ms Image
text/plain 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tsb.co.nz/sites/default/files/styles/image_cta_desktop_1x/public/2023-07/Splayed_credit_cards_DF2305161%20WEB%20-%20Website%20refresh%20project%20images%201224x918px%20R02-Audi%20%282%29_1.webp?h=94a077d4&itok=WKQCQTiZ

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

6acd54f2994ad7633ebed65bf2bf2349922118b715731763482a6cb2f802bf18

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'nonce-WnRlQS1lWHBtRE4xeno4MWVQOHdoQUFBQUFF'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRlQS1lWHBtRE4xeno4MWVQOHdoQUFBQUFF'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRlQS1lWHBtRE4xeno4MWVQOHdoQUFBQUFF'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' 'nonce-WnRlQS1lWHBtRE4xeno4MWVQOHdoQUFBQUFF'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRlQS1lWHBtRE4xeno4MWVQOHdoQUFBQUFF'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRlQS1lWHBtRE4xeno4MWVQOHdoQUFBQUFF'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
x-content-type-options: nosniff
date: Tue, 03 Sep 2024 23:32:04 GMT
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 9686
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 03 Sep 2024 06:03:32 GMT
etag: "25d6-62130d132c480"
x-frame-options: SAMEORIGIN
vary: Cookie
cache-control: max-age=31528913
accept-ranges: bytes
x-amz-cf-id: 9-0YzKFb6ir60XrDW--27OYiiSwliYlNxWzdbci2JCFhLsJWB81T5A==
expires: Wed, 03 Sep 2025 21:33:57 GMT

GET
H3 200 xTSB-card-control.png.webp,qitok=itPKiWa2.pagespeed.ic.lc-QTU6_g1.webp
www.tsb.co.nz/sites/default/files/styles/webp/public/2024-08/ 5 KB
5 KB 195ms
194ms Image
image/webp 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tsb.co.nz/sites/default/files/styles/webp/public/2024-08/xTSB-card-control.png.webp,qitok=itPKiWa2.pagespeed.ic.lc-QTU6_g1.webp

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

0c91d9180a4fbd8d7a81f954632dfcc5570720d01ff2be2f3cd3f899e1d65677

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 03 Sep 2024 23:32:04 GMT
x-content-type-options: nosniff
x-original-content-length: 5320
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 5222
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 01 Sep 2024 18:45:05 GMT
etag: W/"0"
vary: Cookie
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=31456192
link: <https://www.tsb.co.nz/sites/default/files/styles/webp/public/2024-08/TSB-card-control.png.webp?itok=itPKiWa2>; rel="canonical"
x-amz-cf-id: AeLJ0ULoHoz1AveICmCB1snZg7SNfR7LRdsKvpYWeWjaKGcADTVKnA==
expires: Wed, 03 Sep 2025 01:21:56 GMT

GET
H3 200 xChubb-Insurance.png.webp,qitok=DPhNUIiZ.pagespeed.ic.r_d9XGaysi.webp
www.tsb.co.nz/sites/default/files/styles/webp/public/2024-08/ 55 KB
55 KB 729ms
727ms Image
image/webp 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tsb.co.nz/sites/default/files/styles/webp/public/2024-08/xChubb-Insurance.png.webp,qitok=DPhNUIiZ.pagespeed.ic.r_d9XGaysi.webp

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

e79b999464b8a504fef7e85f011be9ccdbd7442d324d6d6af8dbba5bb590a0c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 03 Sep 2024 23:32:04 GMT
x-content-type-options: nosniff
x-original-content-length: 56580
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 55848
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 02 Sep 2024 23:38:35 GMT
etag: W/"0"
vary: Cookie
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=31464521
link: <https://www.tsb.co.nz/sites/default/files/styles/webp/public/2024-08/Chubb-Insurance.png.webp?itok=DPhNUIiZ>; rel="canonical"
x-amz-cf-id: aW0ZjgBCxFVwY8w7IC97z6glK5xSYWBCNS3iRk8HlEuWUAwMNQadJA==
expires: Wed, 03 Sep 2025 03:40:45 GMT

GET
H3 200 xTSB-stay-safe-from-cyber-crime.png.webp,qitok=8hofcVoQ.pagespeed.ic.enr7ONJ7IC.webp
www.tsb.co.nz/sites/default/files/styles/webp/public/2024-08/ 14 KB
14 KB 579ms
577ms Image
image/webp 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tsb.co.nz/sites/default/files/styles/webp/public/2024-08/xTSB-stay-safe-from-cyber-crime.png.webp,qitok=8hofcVoQ.pagespeed.ic.enr7ONJ7IC.webp

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

0c82a95daa5ef40bf810ade32aad3a375ed14df6966ea1bd65520d6a85029975

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 03 Sep 2024 23:32:04 GMT
x-content-type-options: nosniff
x-original-content-length: 14844
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 14204
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 01 Sep 2024 19:16:25 GMT
etag: W/"0"
vary: Cookie
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=31456353
link: <https://www.tsb.co.nz/sites/default/files/styles/webp/public/2024-08/TSB-stay-safe-from-cyber-crime.png.webp?itok=8hofcVoQ>; rel="canonical"
x-amz-cf-id: UcMrTzFh3LDfmESXnUY-t4Hy4PI1ht-HDX25nSgbNtCeQfIzU1s9mQ==
expires: Wed, 03 Sep 2025 01:24:37 GMT

GET
H3 200 44x44xlogo-fb.png.pagespeed.ic.Ionhj6-_zy.png
www.tsb.co.nz/sites/default/files/menu_icons/ 838 B
873 B 882ms
880ms Image
image/png 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tsb.co.nz/sites/default/files/menu_icons/44x44xlogo-fb.png.pagespeed.ic.Ionhj6-_zy.png

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

9e056e574bfbca2ce3ec6cb73b68750db9bd29d91c3471add8b8db217f78a275

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 03 Sep 2024 23:32:04 GMT
x-content-type-options: nosniff
x-original-content-length: 1967
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 838
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 01 Sep 2024 10:00:46 GMT
etag: W/"0"
vary: Cookie
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31462740
link: <https://www.tsb.co.nz/sites/default/files/menu_icons/logo-fb.png>; rel="canonical"
x-amz-cf-id: X-rRhIwJxlR-A8GYYpASbAlvBrLI5ts2BWWzbwbpZU1eNlIct-_ttg==
expires: Wed, 03 Sep 2025 03:11:04 GMT

GET
H3 200 44x44xlogo-ig.png.pagespeed.ic.keeuOmrj0q.png
www.tsb.co.nz/sites/default/files/menu_icons/ 1 KB
1 KB 882ms
880ms Image
image/png 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tsb.co.nz/sites/default/files/menu_icons/44x44xlogo-ig.png.pagespeed.ic.keeuOmrj0q.png

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

79caa592cde5bfd0a417bf66926410d967a5334c9f0d1990671456e5bd4f5ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 03 Sep 2024 23:32:04 GMT
x-content-type-options: nosniff
x-original-content-length: 3284
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 1172
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 30 Aug 2024 03:46:57 GMT
etag: W/"0"
vary: Cookie
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31535352
link: <https://www.tsb.co.nz/sites/default/files/menu_icons/logo-ig.png>; rel="canonical"
x-amz-cf-id: pUgLMMXlEGTTJiXxQNK6vmhLFuHvS-QlWBMpUkuCL-Ltmk9fHrc3HQ==
expires: Wed, 03 Sep 2025 23:21:16 GMT

GET
H3 200 44x44xlogo-ln.png.pagespeed.ic.pn2yfO5xMn.png
www.tsb.co.nz/sites/default/files/menu_icons/ 911 B
945 B 882ms
880ms Image
image/png 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tsb.co.nz/sites/default/files/menu_icons/44x44xlogo-ln.png.pagespeed.ic.pn2yfO5xMn.png

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

00e23df10377c1a86b7e881fd0e8e209b08c89a0fd3a9437d3e56d6087398f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 03 Sep 2024 23:32:04 GMT
x-content-type-options: nosniff
x-original-content-length: 2135
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 911
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 29 Aug 2024 21:33:11 GMT
etag: W/"0"
vary: Cookie
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31535047
link: <https://www.tsb.co.nz/sites/default/files/menu_icons/logo-ln.png>; rel="canonical"
x-amz-cf-id: e2WP8USwzvBiQIJrVJTo0qemOsEs6MeVdNCHLj3adw9lHoq8haiHlA==
expires: Wed, 03 Sep 2025 23:16:11 GMT

GET
H3 200 44x44xlogo-yt.png.pagespeed.ic.jqV-2ZATyE.png
www.tsb.co.nz/sites/default/files/menu_icons/ 1017 B
1 KB 882ms
881ms Image
image/png 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tsb.co.nz/sites/default/files/menu_icons/44x44xlogo-yt.png.pagespeed.ic.jqV-2ZATyE.png

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

5a33562cad9eb06c691cb48e26df44406a7eab40b986d508d0927d70d77dd0d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 03 Sep 2024 23:32:04 GMT
x-content-type-options: nosniff
x-original-content-length: 2300
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 1017
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 29 Aug 2024 21:33:11 GMT
etag: W/"0"
vary: Cookie
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31456630
link: <https://www.tsb.co.nz/sites/default/files/menu_icons/logo-yt.png>; rel="canonical"
x-amz-cf-id: ao9Mf2sHNuTuleEY5KqvpqM6anbQCDSqneRGmC8zq4OAyqvVkzCoUg==
expires: Wed, 03 Sep 2025 01:29:14 GMT

GET
H2 200 custom-logo.png
shielded.co.nz/img/ 5 KB
6 KB 208ms
68ms Image
image/png 18.67.110.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shielded.co.nz/img/custom-logo.png
Requested by: Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.110.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-110-51.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4589441ac97df1033c946f3403b0199cfb05e8ba3e406e21013d1af6965dd06a

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:28:00 GMT
via: 1.1 f10eedb52fc0d82204e85d20112deafa.cloudfront.net (CloudFront)
last-modified: Sun, 18 Aug 2024 23:43:34 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P2
age: 54245
x-amz-server-side-encryption: AES256
etag: "2f18dfdc1b2bd0a11ee9f61d44043a91"
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 5432
x-amz-cf-id: 3dZChZVcPw6aymnkoYNnV7kE3djBI4_ahN9YlAEmF2YL5Wa1fmGoKw==

GET
H2 200 embed.js Show response
staticcdn.co.nz/embed/ 2 KB
1 KB 206ms
66ms Script
application/javascript 18.67.110.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://staticcdn.co.nz/embed/embed.js
Requested by: Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.110.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-110-105.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6a8996a4866b94877454218ae2202c8d1ac982a1a7d4870b07820d1b88fd576a

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: NaB52IBAvuJ49tFzlqzcmR789FA.blOC
content-encoding: br
via: 1.1 f3405208f368b682f8c8a96590ab1596.cloudfront.net (CloudFront)
date: Tue, 03 Sep 2024 08:28:00 GMT
last-modified: Sun, 18 Aug 2024 23:16:04 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P2
age: 54245
x-amz-server-side-encryption: AES256
etag: W/"a1c190aa2496322a03d0e1a782b5f5f5"
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800, public
x-amz-cf-id: 8WnnXN0bQ8WKQt8fijRor8K1iojAV9jF0YcEvNd7QGvOxUevNaJSrA==

GET
H3 200 js_O5H1FEGhTszFqn8qgxi6dJLbg5wYmeAvKE2AS9eqZ64.js,qscope=footer,adelta=0,alanguage=en,atheme=TSB,ainclude=eJyNi0EOwjAQAz8Umj_wBbhHabKA6TYbEreov0eIXrj1ZMszvl7O_q42Rj311FDZHfsY5tgmofl5KekxofyNWaraFhq... Show response
www.tsb.co.nz/sites/default/files/js/ 158 KB
42 KB 538ms
536ms Script
application/javascript 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tsb.co.nz/sites/default/files/js/js_O5H1FEGhTszFqn8qgxi6dJLbg5wYmeAvKE2AS9eqZ64.js,qscope=footer,adelta=0,alanguage=en,atheme=TSB,ainclude=eJyNi0EOwjAQAz8Umj_wBbhHabKA6TYbEreov0eIXrj1ZMszvl7O_q42Rj311FDZHfsY5tgmofl5KekxofyNWaraFhqrSwop7MgS1qjIkbASnq9F2ubTOvzasDM56qdJMmjtqI-bOJopUf2eroPy_h6jSqNHAT-BE14J.pagespeed.ce.yUwXvse6_K.js

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

1af1da6717bf645b3f5b8af41f16f7a149f0bf11e817492a2b3f711f50a6bef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 03 Sep 2024 23:32:04 GMT
x-original-content-length: 161838
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 43166
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 29 Aug 2024 01:50:52 GMT
etag: W/"0-gzip"
vary: Cookie,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31463273
x-amz-cf-id: 52TjMFvcdxt54Bw3_lLdx6uogIJcjF6qhtn4t2me7KhY4Pl2aqvj7A==
expires: Wed, 03 Sep 2025 03:19:57 GMT

GET
H2 200 popper.min.js Show response
unpkg.com/@popperjs/core@2.11.8/dist/umd/ 20 KB
10 KB 148ms
75ms Script
application/javascript 2606:4700::6811:f5cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@popperjs/core@2.11.8/dist/umd/popper.min.js

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c212f4b505a86352aed62b24a8f16f999f821ecbe6456c7f3c8a04bc87968782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 23:32:04 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 10473214
last-modified: Fri, 26 May 2023 17:27:16 GMT
fly-request-id: 01HX4ZN5KAD01M4H9QPFJAKR7Z-syd
server: cloudflare
etag: "4e9a-hx1u8QcL02PqOQ4MjDhOR9zn84k"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8bd9897659bd50ae-AKL

GET
H3 200 js_A7PiLUJY9f__2yDcQR6N8Z1OxRbelk2M465IoQkqJM8.js,qscope=footer,adelta=2,alanguage=en,atheme=TSB,ainclude=eJyNi0EOwjAQAz8Umj_wBbhHabKA6TYbEreov0eIXrj1ZMszvl7O_q42Rj311FDZHfsY5tgmofl5KekxofyNWaraFhq... Show response
www.tsb.co.nz/sites/default/files/js/ 8 KB
2 KB 656ms
653ms Script
application/javascript 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tsb.co.nz/sites/default/files/js/js_A7PiLUJY9f__2yDcQR6N8Z1OxRbelk2M465IoQkqJM8.js,qscope=footer,adelta=2,alanguage=en,atheme=TSB,ainclude=eJyNi0EOwjAQAz8Umj_wBbhHabKA6TYbEreov0eIXrj1ZMszvl7O_q42Rj311FDZHfsY5tgmofl5KekxofyNWaraFhqrSwop7MgS1qjIkbASnq9F2ubTOvzasDM56qdJMmjtqI-bOJopUf2eroPy_h6jSqNHAT-BE14J.pagespeed.ce.jeb9tqdAtJ.js

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

4c0e86b58a95d6cc42324dc9f51d082538b49b3762b4b210accb9b190a58443b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 03 Sep 2024 23:32:04 GMT
x-original-content-length: 8294
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 2457
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Aug 2024 12:14:54 GMT
etag: W/"0-gzip"
vary: Cookie,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31520637
x-amz-cf-id: hIXFARTzBT9uBZ_j_3z-mbisRoSroG719rZ4Vkg0kmit8yMLXPmVgA==
expires: Wed, 03 Sep 2025 19:16:01 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 365 KB
112 KB 673ms
275ms Script
application/javascript 2404:6800:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N8RN5F7

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80f::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32bfeaf402f2f470f6aa3eb5397418b0a29f3ff51d10c8303933f3c516c5b1e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 23:32:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113921
x-xss-protection: 0
last-modified: Tue, 03 Sep 2024 22:55:21 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 Sep 2024 23:32:04 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 424ms
155ms Script
application/x-javascript 23.77.150.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js?aid=tsbco
Requested by: Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.77.150.189 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-77-150-189.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 03 Sep 2024 23:32:04 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H3 200 2e11868c8988e285301c.woff2
www.tsb.co.nz/themes/TSB/dist/ 18 KB
18 KB 554ms
553ms Font
application/font-woff2 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tsb.co.nz/themes/TSB/dist/2e11868c8988e285301c.woff2

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/sites/default/files/css/A.css_sMsR2RcmDsLB9okt2MV6kb3pePXV2JfAzhcEzWhebi8.css,,qdelta==0,,alanguage==en,,atheme==TSB,,ainclude==eJxFjMEJwzAMABdyox2yQvsPciwcgSIZSaak0xdKIa877nFxRdIJFYPK67ne0sUqyiPyEtZednMCNT9R-ENloGN3HEdA8zlQlrssU8eswnFQK2kmyQP-_K3VGpXgpDc32lDIE1g5v4tHNYM+css_BygZZ239nmdlXBeZ0B7rT5Vr0ipuCIlTOCmEr_qvfok.css,,qdelta==1,,alanguage==en,,atheme==TSB,,ainclude==eJxFjMEJwzAMABdyox2yQvsPciwcgSIZSaak0xdKIa877nFxRdIJFYPK67ne0sUqyiPyEtZednMCNT9R-ENloGN3HEdA8zlQlrssU8eswnFQK2kmyQP-_K3VGpXgpDc32lDIE1g5v4tHNYM,Mcc.qgO1HN889X.css.pagespeed.cf.MS8_j7Drir.css

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'nonce-WnRQbUlPUWdCTlZpNDVYVzBldVdKZ0FBQUFn'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRQbUlPUWdCTlZpNDVYVzBldVdKZ0FBQUFn'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRQbUlPUWdCTlZpNDVYVzBldVdKZ0FBQUFn'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/sites/default/files/css/A.css_sMsR2RcmDsLB9okt2MV6kb3pePXV2JfAzhcEzWhebi8.css,,qdelta==0,,alanguage==en,,atheme==TSB,,ainclude==eJxFjMEJwzAMABdyox2yQvsPciwcgSIZSaak0xdKIa877nFxRdIJFYPK67ne0sUqyiPyEtZednMCNT9R-ENloGN3HEdA8zlQlrssU8eswnFQK2kmyQP-_K3VGpXgpDc32lDIE1g5v4tHNYM+css_BygZZ239nmdlXBeZ0B7rT5Vr0ipuCIlTOCmEr_qvfok.css,,qdelta==1,,alanguage==en,,atheme==TSB,,ainclude==eJxFjMEJwzAMABdyox2yQvsPciwcgSIZSaak0xdKIa877nFxRdIJFYPK67ne0sUqyiPyEtZednMCNT9R-ENloGN3HEdA8zlQlrssU8eswnFQK2kmyQP-_K3VGpXgpDc32lDIE1g5v4tHNYM,Mcc.qgO1HN889X.css.pagespeed.cf.MS8_j7Drir.css
Origin: https://www.tsb.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' 'nonce-WnRQbUlPUWdCTlZpNDVYVzBldVdKZ0FBQUFn'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRQbUlPUWdCTlZpNDVYVzBldVdKZ0FBQUFn'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRQbUlPUWdCTlZpNDVYVzBldVdKZ0FBQUFn'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
x-content-type-options: nosniff
date: Tue, 03 Sep 2024 23:32:04 GMT
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 18664
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Aug 2024 10:35:05 GMT
etag: "48e8-620bbe952e0b3"
x-frame-options: SAMEORIGIN
vary: Cookie,accept-encoding
content-type: application/font-woff2
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: h4uZ8E6fl6Cw38ZUCqJntfUUdJLTBnEZH9nG3aLejxkNf3lqJ6gpYg==
expires: Wed, 03 Sep 2025 01:57:48 GMT

GET
DATA 200
OK truncated
/ 504 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba2e65e6de11b597587bdb304a49174e41a23ccd9bf20e7dec7fca7d07ffb439

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 18b322a60320289ab2b8.woff2
www.tsb.co.nz/themes/TSB/dist/ 18 KB
18 KB 562ms
561ms Font
application/font-woff2 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tsb.co.nz/themes/TSB/dist/18b322a60320289ab2b8.woff2

Requested by

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

752ac7b6a1d83373e07af1ee17b3a0e4a304e9b9304b55e49d93c7ab6a1c394e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'nonce-WnRaVy13ME9yWktJNEV1UkNFS19SQUFBQUJF'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRaVy13ME9yWktJNEV1UkNFS19SQUFBQUJF'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRaVy13ME9yWktJNEV1UkNFS19SQUFBQUJF'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/sites/default/files/css/A.css_sMsR2RcmDsLB9okt2MV6kb3pePXV2JfAzhcEzWhebi8.css,,qdelta==0,,alanguage==en,,atheme==TSB,,ainclude==eJxFjMEJwzAMABdyox2yQvsPciwcgSIZSaak0xdKIa877nFxRdIJFYPK67ne0sUqyiPyEtZednMCNT9R-ENloGN3HEdA8zlQlrssU8eswnFQK2kmyQP-_K3VGpXgpDc32lDIE1g5v4tHNYM+css_BygZZ239nmdlXBeZ0B7rT5Vr0ipuCIlTOCmEr_qvfok.css,,qdelta==1,,alanguage==en,,atheme==TSB,,ainclude==eJxFjMEJwzAMABdyox2yQvsPciwcgSIZSaak0xdKIa877nFxRdIJFYPK67ne0sUqyiPyEtZednMCNT9R-ENloGN3HEdA8zlQlrssU8eswnFQK2kmyQP-_K3VGpXgpDc32lDIE1g5v4tHNYM,Mcc.qgO1HN889X.css.pagespeed.cf.MS8_j7Drir.css
Origin: https://www.tsb.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' 'nonce-WnRaVy13ME9yWktJNEV1UkNFS19SQUFBQUJF'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRaVy13ME9yWktJNEV1UkNFS19SQUFBQUJF'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRaVy13ME9yWktJNEV1UkNFS19SQUFBQUJF'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
x-content-type-options: nosniff
date: Tue, 03 Sep 2024 23:32:04 GMT
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 18628
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Aug 2024 10:35:05 GMT
etag: "48c4-620bbe952e0b3"
x-frame-options: SAMEORIGIN
vary: Cookie,accept-encoding
content-type: application/font-woff2
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: MpN35LPQ-PL1u1z_9kqpSDnB2qkFiiEnSewLnTXXhzh59AAa70jzjA==
expires: Wed, 03 Sep 2025 00:23:23 GMT

GET
H3 200 33c6485cbb8a07c48900.woff2
www.tsb.co.nz/themes/TSB/dist/ 18 KB
18 KB 574ms
573ms Font
application/font-woff2 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tsb.co.nz/themes/TSB/dist/33c6485cbb8a07c48900.woff2

Requested by

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

af5a9628858b383c6257068c476c25b5a8a6421b686a349a828c47f526e7f877

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'nonce-WnRhdXlOUHl0d2Z0OHlUTTRlcFdpZ0FBQUFj'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRhdXlOUHl0d2Z0OHlUTTRlcFdpZ0FBQUFj'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRhdXlOUHl0d2Z0OHlUTTRlcFdpZ0FBQUFj'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/sites/default/files/css/A.css_sMsR2RcmDsLB9okt2MV6kb3pePXV2JfAzhcEzWhebi8.css,,qdelta==0,,alanguage==en,,atheme==TSB,,ainclude==eJxFjMEJwzAMABdyox2yQvsPciwcgSIZSaak0xdKIa877nFxRdIJFYPK67ne0sUqyiPyEtZednMCNT9R-ENloGN3HEdA8zlQlrssU8eswnFQK2kmyQP-_K3VGpXgpDc32lDIE1g5v4tHNYM+css_BygZZ239nmdlXBeZ0B7rT5Vr0ipuCIlTOCmEr_qvfok.css,,qdelta==1,,alanguage==en,,atheme==TSB,,ainclude==eJxFjMEJwzAMABdyox2yQvsPciwcgSIZSaak0xdKIa877nFxRdIJFYPK67ne0sUqyiPyEtZednMCNT9R-ENloGN3HEdA8zlQlrssU8eswnFQK2kmyQP-_K3VGpXgpDc32lDIE1g5v4tHNYM,Mcc.qgO1HN889X.css.pagespeed.cf.MS8_j7Drir.css
Origin: https://www.tsb.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' 'nonce-WnRhdXlOUHl0d2Z0OHlUTTRlcFdpZ0FBQUFj'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRhdXlOUHl0d2Z0OHlUTTRlcFdpZ0FBQUFj'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRhdXlOUHl0d2Z0OHlUTTRlcFdpZ0FBQUFj'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
x-content-type-options: nosniff
date: Tue, 03 Sep 2024 23:32:04 GMT
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 18628
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Aug 2024 10:35:05 GMT
etag: "48c4-620bbe952e0b3"
x-frame-options: SAMEORIGIN
vary: Cookie,accept-encoding
content-type: application/font-woff2
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: OIlv3CFsVQoVrptmi5d8LV8dQ94pF9Z2spFBL0eYvK8Idfb1k2q7Lg==
expires: Wed, 03 Sep 2025 02:49:08 GMT

GET
H3 200 50c16efb37ef13080c94.woff2
www.tsb.co.nz/themes/TSB/dist/ 18 KB
18 KB 600ms
600ms Font
application/font-woff2 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tsb.co.nz/themes/TSB/dist/50c16efb37ef13080c94.woff2

Requested by

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

023cf8b8a67fe94bcef10d2a02505f939fe00978a20638cc40de1d7842b3521c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'nonce-WnRaYkdkTUxlRTc5Rm9qdEJCVTQ3UUFBQUFF'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRaYkdkTUxlRTc5Rm9qdEJCVTQ3UUFBQUFF'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRaYkdkTUxlRTc5Rm9qdEJCVTQ3UUFBQUFF'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/sites/default/files/css/A.css_sMsR2RcmDsLB9okt2MV6kb3pePXV2JfAzhcEzWhebi8.css,,qdelta==0,,alanguage==en,,atheme==TSB,,ainclude==eJxFjMEJwzAMABdyox2yQvsPciwcgSIZSaak0xdKIa877nFxRdIJFYPK67ne0sUqyiPyEtZednMCNT9R-ENloGN3HEdA8zlQlrssU8eswnFQK2kmyQP-_K3VGpXgpDc32lDIE1g5v4tHNYM+css_BygZZ239nmdlXBeZ0B7rT5Vr0ipuCIlTOCmEr_qvfok.css,,qdelta==1,,alanguage==en,,atheme==TSB,,ainclude==eJxFjMEJwzAMABdyox2yQvsPciwcgSIZSaak0xdKIa877nFxRdIJFYPK67ne0sUqyiPyEtZednMCNT9R-ENloGN3HEdA8zlQlrssU8eswnFQK2kmyQP-_K3VGpXgpDc32lDIE1g5v4tHNYM,Mcc.qgO1HN889X.css.pagespeed.cf.MS8_j7Drir.css
Origin: https://www.tsb.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' 'nonce-WnRaYkdkTUxlRTc5Rm9qdEJCVTQ3UUFBQUFF'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRaYkdkTUxlRTc5Rm9qdEJCVTQ3UUFBQUFF'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRaYkdkTUxlRTc5Rm9qdEJCVTQ3UUFBQUFF'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
x-content-type-options: nosniff
date: Tue, 03 Sep 2024 23:32:04 GMT
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 18232
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Aug 2024 10:35:05 GMT
etag: "4738-620bbe952e0b3"
x-frame-options: SAMEORIGIN
vary: Cookie,accept-encoding
content-type: application/font-woff2
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: kqJSroop0ZroOvHkoDl7fK913H4JgVCw04rR9fxu9numoBP5p_SXaw==
expires: Wed, 03 Sep 2025 07:50:49 GMT

GET
H3 200 icon-whats_new_05102023.svg
www.tsb.co.nz/sites/default/files/svg_images/ 869 B
909 B 837ms
837ms Image
image/svg+xml 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tsb.co.nz/sites/default/files/svg_images/icon-whats_new_05102023.svg

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

86e6459d734e4861ef736467ab64fc8b433923d940fd39271fd923ae2c34f9b0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'nonce-WnRacEoxWDl4SjFRMDlHc2EzNlFVZ0FBQUFv'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRacEoxWDl4SjFRMDlHc2EzNlFVZ0FBQUFv'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRacEoxWDl4SjFRMDlHc2EzNlFVZ0FBQUFv'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' 'nonce-WnRacEoxWDl4SjFRMDlHc2EzNlFVZ0FBQUFv'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRacEoxWDl4SjFRMDlHc2EzNlFVZ0FBQUFv'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRacEoxWDl4SjFRMDlHc2EzNlFVZ0FBQUFv'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
x-content-type-options: nosniff
date: Tue, 03 Sep 2024 23:32:04 GMT
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 869
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 31 Oct 2023 10:08:25 GMT
etag: "365-6090055dea6e8"
x-frame-options: SAMEORIGIN
vary: Cookie,Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: YxqWFzFUvWW4JaJ6mTxl8HzFQgvIa1kpCuXg5CC3jkSK1CJTgmfK_Q==
expires: Wed, 03 Sep 2025 01:40:55 GMT

GET
H3 200 icon-products_services_05102023.svg
www.tsb.co.nz/sites/default/files/svg_images/ 3 KB
1 KB 838ms
837ms Image
image/svg+xml 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tsb.co.nz/sites/default/files/svg_images/icon-products_services_05102023.svg

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

414277d359e2c453607104f2495ac2af09fa15c2ccaf2e485d3933e5727f348d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'nonce-WnRabGFvMkpmWEl0aV85SzNLd1ZPd0FBQUFz'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRabGFvMkpmWEl0aV85SzNLd1ZPd0FBQUFz'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRabGFvMkpmWEl0aV85SzNLd1ZPd0FBQUFz'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'nonce-WnRabGFvMkpmWEl0aV85SzNLd1ZPd0FBQUFz'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRabGFvMkpmWEl0aV85SzNLd1ZPd0FBQUFz'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRabGFvMkpmWEl0aV85SzNLd1ZPd0FBQUFz'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
date: Tue, 03 Sep 2024 23:32:04 GMT
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 1079
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 31 Oct 2023 10:08:29 GMT
etag: W/"aa1-6090056170498"
x-frame-options: SAMEORIGIN
vary: Cookie,Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: kpLgVAi-IQ_E8ueKQZfyOEDp0Sl7gurercMrC93EWyBGrxrPMkOecw==
expires: Wed, 03 Sep 2025 01:24:58 GMT

GET
H3 200 icon-rates_05102023.svg
www.tsb.co.nz/sites/default/files/svg_images/ 3 KB
1 KB 839ms
837ms Image
image/svg+xml 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tsb.co.nz/sites/default/files/svg_images/icon-rates_05102023.svg

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

e2fed2719e47f4428f31b5f6d8584ed8b6848f9b3586644e070749341806344e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'nonce-WnRhOXhIM053ZEJWSERaTXRXZ0d5QUFBQUFN'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRhOXhIM053ZEJWSERaTXRXZ0d5QUFBQUFN'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRhOXhIM053ZEJWSERaTXRXZ0d5QUFBQUFN'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'nonce-WnRhOXhIM053ZEJWSERaTXRXZ0d5QUFBQUFN'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRhOXhIM053ZEJWSERaTXRXZ0d5QUFBQUFN'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRhOXhIM053ZEJWSERaTXRXZ0d5QUFBQUFN'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
date: Tue, 03 Sep 2024 23:32:04 GMT
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 1348
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 31 Oct 2023 10:08:30 GMT
etag: W/"d11-60900562fc488"
x-frame-options: SAMEORIGIN
vary: Cookie,Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: pr8C8b-WU0ZZ6maSKOqIMrnXVdNUih1bP0o4KN-CNxmKO9mEFF3j5g==
expires: Wed, 03 Sep 2025 07:41:56 GMT

GET
H3 200 icon-apply_05102023.svg
www.tsb.co.nz/sites/default/files/svg_images/ 3 KB
1 KB 838ms
837ms Image
image/svg+xml 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tsb.co.nz/sites/default/files/svg_images/icon-apply_05102023.svg

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

e5c2dd00df7892f31ac96aa60a9b2b2b28f90400fb38ffea648f1c9ba73769bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'nonce-WnRjd1VSdDFxT29HdEJBLURDVnBDd0FBQUFn'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRjd1VSdDFxT29HdEJBLURDVnBDd0FBQUFn'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRjd1VSdDFxT29HdEJBLURDVnBDd0FBQUFn'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'nonce-WnRjd1VSdDFxT29HdEJBLURDVnBDd0FBQUFn'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRjd1VSdDFxT29HdEJBLURDVnBDd0FBQUFn'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRjd1VSdDFxT29HdEJBLURDVnBDd0FBQUFn'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
date: Tue, 03 Sep 2024 23:32:04 GMT
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 1207
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 31 Oct 2023 10:08:32 GMT
etag: W/"aa0-609005643b218"
x-frame-options: SAMEORIGIN
vary: Cookie,Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: Dd8hnecc-znrgxw6QuykviReElvOMUBSGv9JAPbgMyHtIT-ktpjWsw==
expires: Wed, 03 Sep 2025 15:50:41 GMT

GET
H3 200 icon-calculators_05102023.svg
www.tsb.co.nz/sites/default/files/svg_images/ 4 KB
1 KB 947ms
946ms Image
image/svg+xml 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tsb.co.nz/sites/default/files/svg_images/icon-calculators_05102023.svg

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

bedfc97fc67ea23fe97336f8c0032203f1b08f889e0ee6bb3d8a2ff3da4f8baa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'nonce-WnRabVU1UFk2TmJsOXgxb0ZQY2EtZ0FBQUJJ'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRabVU1UFk2TmJsOXgxb0ZQY2EtZ0FBQUJJ'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRabVU1UFk2TmJsOXgxb0ZQY2EtZ0FBQUJJ'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'nonce-WnRabVU1UFk2TmJsOXgxb0ZQY2EtZ0FBQUJJ'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRabVU1UFk2TmJsOXgxb0ZQY2EtZ0FBQUJJ'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRabVU1UFk2TmJsOXgxb0ZQY2EtZ0FBQUJJ'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
date: Tue, 03 Sep 2024 23:32:04 GMT
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 1156
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 31 Oct 2023 10:08:33 GMT
etag: W/"ef3-609005650a680"
x-frame-options: SAMEORIGIN
vary: Cookie,Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: tJHwuwXWH0a45ejoWFnYz4YxClOVp8OnZlmPkhRcWp4pqWunozZogQ==
expires: Wed, 03 Sep 2025 01:28:51 GMT

GET
H3 200 icon-help_support_05102023.svg
www.tsb.co.nz/sites/default/files/svg_images/ 4 KB
2 KB 947ms
946ms Image
image/svg+xml 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tsb.co.nz/sites/default/files/svg_images/icon-help_support_05102023.svg

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

b8666c40390e333bbbef6b67ce910ed6fc73c7b7c4476f48b3be06fbe2198a2d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'nonce-WnRVU1B1b3pINmdEWFhyRXA0NE9Ud0FBQUFn'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRVU1B1b3pINmdEWFhyRXA0NE9Ud0FBQUFn'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRVU1B1b3pINmdEWFhyRXA0NE9Ud0FBQUFn'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'nonce-WnRVU1B1b3pINmdEWFhyRXA0NE9Ud0FBQUFn'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRVU1B1b3pINmdEWFhyRXA0NE9Ud0FBQUFn'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRVU1B1b3pINmdEWFhyRXA0NE9Ud0FBQUFn'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
date: Tue, 03 Sep 2024 23:32:04 GMT
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 2172
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 31 Oct 2023 10:08:33 GMT
etag: W/"11ae-60900565895c0"
x-frame-options: SAMEORIGIN
vary: Cookie,Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: jUCbwDvuLhKb8ekwE9PI9Yc63b-kkoEaKcZxfee7mFijFD_vD61qAQ==
expires: Tue, 02 Sep 2025 01:17:50 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 156ms
155ms Script
application/x-javascript 23.77.150.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/sites/default/files/js/js_O5H1FEGhTszFqn8qgxi6dJLbg5wYmeAvKE2AS9eqZ64.js,qscope=footer,adelta=0,alanguage=en,atheme=TSB,ainclude=eJyNi0EOwjAQAz8Umj_wBbhHabKA6TYbEreov0eIXrj1ZMszvl7O_q42Rj311FDZHfsY5tgmofl5KekxofyNWaraFhqrSwop7MgS1qjIkbASnq9F2ubTOvzasDM56qdJMmjtqI-bOJopUf2eroPy_h6jSqNHAT-BE14J.pagespeed.ce.yUwXvse6_K.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.77.150.189 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-77-150-189.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 03 Sep 2024 23:32:04 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H3 200 load Show response
www.tsb.co.nz/sitewide_alert/ 21 B
60 B 444ms
444ms Fetch
application/json 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tsb.co.nz/sitewide_alert/load

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/sites/default/files/js/js_A7PiLUJY9f__2yDcQR6N8Z1OxRbelk2M465IoQkqJM8.js,qscope=footer,adelta=2,alanguage=en,atheme=TSB,ainclude=eJyNi0EOwjAQAz8Umj_wBbhHabKA6TYbEreov0eIXrj1ZMszvl7O_q42Rj311FDZHfsY5tgmofl5KekxofyNWaraFhqrSwop7MgS1qjIkbASnq9F2ubTOvzasDM56qdJMmjtqI-bOJopUf2eroPy_h6jSqNHAT-BE14J.pagespeed.ce.jeb9tqdAtJ.js

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

884be02526ba926246005e45c6fd619fb4e0b53265d5d82db187a35a98690d55

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'nonce-WnRlY2NWdHRmbHlVWWJhN1dLNHBwQUFBQUFr'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRlY2NWdHRmbHlVWWJhN1dLNHBwQUFBQUFr'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRlY2NWdHRmbHlVWWJhN1dLNHBwQUFBQUFr'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'nonce-WnRlY2NWdHRmbHlVWWJhN1dLNHBwQUFBQUFr'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRlY2NWdHRmbHlVWWJhN1dLNHBwQUFBQUFr'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRlY2NWdHRmbHlVWWJhN1dLNHBwQUFBQUFr'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
date: Tue, 03 Sep 2024 23:32:05 GMT
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 25
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
vary: Cookie,Accept-Encoding
content-type: application/json
content-language: en
cache-control: max-age=15, public, s-maxage=15
x-amz-cf-id: wUnOV1xugfTKQGISciBAhK4k75DvdpABPZzPOZq9o6tNwTcP14e39A==
quic-version: 0x00000001

GET
H3 200 active_icon-whats_new_05102023.svg
www.tsb.co.nz/sites/default/files/svg_images/ 883 B
924 B 433ms
433ms Image
image/svg+xml 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tsb.co.nz/sites/default/files/svg_images/active_icon-whats_new_05102023.svg

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

09d3c01af7d1b64385f5aea38b33807177f382f8dc3ce411548e1beb6523263e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'nonce-WnRaam1jTFpDOEFvWXdFZWN0ZUdld0FBQUFB'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRaam1jTFpDOEFvWXdFZWN0ZUdld0FBQUFB'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRaam1jTFpDOEFvWXdFZWN0ZUdld0FBQUFB'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' 'nonce-WnRaam1jTFpDOEFvWXdFZWN0ZUdld0FBQUFB'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRaam1jTFpDOEFvWXdFZWN0ZUdld0FBQUFB'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRaam1jTFpDOEFvWXdFZWN0ZUdld0FBQUFB'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
x-content-type-options: nosniff
date: Tue, 03 Sep 2024 23:32:05 GMT
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 883
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 31 Oct 2023 10:08:25 GMT
etag: "373-6090055dff6d8"
x-frame-options: SAMEORIGIN
vary: Cookie,Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Ou8NAIuA94TL4W37F1Vh7TkiTIyQ12ZtCFfsO1EKtmRYbZt5AfU22g==
expires: Wed, 03 Sep 2025 01:17:13 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 156ms
156ms Script
application/x-javascript 23.77.150.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js?aid=tsbco
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.77.150.189 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-77-150-189.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 03 Sep 2024 23:32:05 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Thu, 12 Dec 2024 23:32:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 354 KB
107 KB 276ms
275ms Script
application/javascript 2404:6800:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VRLX9EH3CJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8RN5F7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80f::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ad712e613b52d57d048c978707e614d7ca0349736be941733aafab4770a9afa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 23:32:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 109731
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Sep 2024 23:32:05 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 215 KB
77 KB 353ms
353ms Script
application/javascript 2404:6800:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-4214544&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8RN5F7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80f::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eed2a93625f65152807f2de063360761b5c07c7792c13071a62ff84c8df726a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 23:32:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78926
x-xss-protection: 0
last-modified: Tue, 03 Sep 2024 22:55:21 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 Sep 2024 23:32:05 GMT

POST
H3 204 csp-report
www.tsb.co.nz/ 0
32 B 258ms
257ms Other
text/plain 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tsb.co.nz/csp-report

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8RN5F7

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'nonce-WnRlY2RmVHZpcFlhdkg4akNDLU5fQUFBQUFn'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRlY2RmVHZpcFlhdkg4akNDLU5fQUFBQUFn'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRlY2RmVHZpcFlhdkg4akNDLU5fQUFBQUFn'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

quic-version: 0x00000001
content-security-policy: default-src 'self' 'nonce-WnRlY2RmVHZpcFlhdkg4akNDLU5fQUFBQUFn'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRlY2RmVHZpcFlhdkg4akNDLU5fQUFBQUFn'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRlY2RmVHZpcFlhdkg4akNDLU5fQUFBQUFn'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
date: Tue, 03 Sep 2024 23:32:05 GMT
x-amz-cf-pop: SYD62-P3
vary: x-aws-env-psk,Cookie
x-frame-options: SAMEORIGIN
content-language: en
cache-control: must-revalidate, no-cache, private
alt-svc: h3=":443"; ma=93600
x-amz-cf-id: hTC1KcHNYyJlBAqXlYp0w0lGy_qZDpgqHrY4JYfOfMPN9cp52U4KDQ==
x-xss-protection: 0
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 g99432jddf Show response
www.clarity.ms/tag/ 688 B
1 KB 327ms
224ms Script
application/x-javascript 2620:1ec:bdf::31
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/g99432jddf?ref=gtm2
Requested by: Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 510ecafeb02c61c2879abef47858100e36fef86b0c1962dbb7b9337cfd95ea30

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
date: Tue, 03 Sep 2024 23:32:05 GMT
x-azure-ref: 20240903T233205Z-r17dfb6c698vsbs6g29qvv36en0000000qs000000000g9hy
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 688
expires: -1

GET
H/1.1 200
OK rtp.js Show response
snrtp-cdn.marketo.com/rtp-api/v1/ 152 KB
42 KB 484ms
167ms Script
application/x-javascript 23.77.150.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://snrtp-cdn.marketo.com/rtp-api/v1/rtp.js?aid=tsbco

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.77.150.29 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-77-150-29.deploy.static.akamaitechnologies.com

Software

Jetty(9.4.45.v20220203) /

Resource Hash

e3e3dee05a65cbc73efd4dde6ab68ddfcf623cef6d983adadfbab83ef86a571a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63113904
Content-Encoding: gzip
Date: Tue, 03 Sep 2024 23:32:05 GMT
Last-Modified: Sat, 24 Aug 2024 01:47:05 GMT
Server: Jetty(9.4.45.v20220203)
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=UTF-8
Cache-Control: public, max-age=72
Connection: keep-alive
Content-Length: 42641

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 135ms
67ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 03 Sep 2024 23:32:05 GMT
document-policy: force-load-at-top
x-fb-server-load: 33
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58936
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=64, rtx=0, c=23, mss=1232, tbw=4287, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: lBtDQ3GRgR9TQEnu46vrL0S7F58GZUxX/x8JWBssmw/CRVr1OpxjMP+lKIHh3IHmjbN0S1AWZfB0djPzan8O6g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 embed.js Show response
nebula-cdn.kampyle.com/wau/210973/onsite/ 1 KB
966 B 203ms
66ms Script
application/javascript 151.101.1.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/wau/210973/onsite/embed.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8RN5F7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.175 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6ec4b6051cb614a8091bd9f5d116d2e8b741159dbfe569e06eba730a3fae7e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: Tx6rxhisXFvoGMypcyJSuR0Ucv19Iirw
content-encoding: gzip
via: 1.1 varnish
date: Tue, 03 Sep 2024 23:32:05 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 1GJ8G8KT9JETDAZH
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 520
x-amz-id-2: bvjNiqWi4zoatOEfGa7Tz3Xp9SL9CLtlRXZV6GWGmoRB52b+FFn7SQrPqoxstr3g1vBRvqs1V+0=
x-served-by: cache-syd10181-SYD
last-modified: Wed, 28 Aug 2024 08:29:04 GMT
server: AmazonS3
x-timer: S1725406325.385973,VS0,VE0
etag: "7a794dfc3449133275a1682322437ba8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
x-cache-hits: 9

POST
H/1.1 200
OK visitWebPage
454-ize-737.mktoresp.com/webevents/ 2 B
487 B 1347ms
80ms Ping
text/plain 103.237.104.82
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL: https://454-ize-737.mktoresp.com/webevents/visitWebPage?_mchNc=1725406325219&_mchCn=&_mchId=454-IZE-737&_mchTk=_mch-tsb.co.nz-1725406325218-59851&_mchHo=www.tsb.co.nz&_mchPo=&_mchRu=%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.237.104.82 , United States, ASN53580 (MARKETO, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 03 Sep 2024 23:32:06 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 9371a7d3-2010-4aa5-8b16-2d1a6f9b07a5

GET
H3 200 344603409212329 Show response
connect.facebook.net/signals/config/ 65 KB
14 KB 66ms
66ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/344603409212329?v=2.9.166&r=stable&domain=www.tsb.co.nz&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

4b466aab4e8e67fc4a456707ba55c18938b6667be439c828c428d7070e603f76

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 03 Sep 2024 23:32:05 GMT
document-policy: force-load-at-top
x-fb-server-load: 22
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14057
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=64, rtx=0, c=74, mss=1232, tbw=66895, tp=62, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: wHpoMZeEFHSvfWtR2hqEmHwkv78TeCZXtiaD3VHLba3bgGsOirECibWB5z35DMe9L6g4S0SowOaQglAKSDEkfw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 612ms
203ms Image
text/plain 2a03:2880:f119:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=344603409212329&ev=PageView&dl=https%3A%2F%2Fwww.tsb.co.nz&rl=&if=false&ts=1725406325509&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=4124&fbp=fb.2.1725406325507.591965760737389193&pm=1&hrl=d27df4&ler=empty&cdl=API_unavailable&it=1725406325426&coo=false&cs_cc=1&cas=7623493194367735%2C2088552654520035%2C1901459769885203&rqm=GET

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f119:8083:face:b00c:0:25de Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: MODERATE; q=0.3, rtt=200, rtx=0, c=10, mss=1368, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 03 Sep 2024 23:32:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 876ms
468ms Image
image/png 2a03:2880:f119:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=344603409212329&ev=PageView&dl=https%3A%2F%2Fwww.tsb.co.nz&rl=&if=false&ts=1725406325509&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=4124&fbp=fb.2.1725406325507.591965760737389193&pm=1&hrl=d27df4&ler=empty&cdl=API_unavailable&it=1725406325426&coo=false&cs_cc=1&cas=7623493194367735%2C2088552654520035%2C1901459769885203&rqm=FGET

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f119:8083:face:b00c:0:25de Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Tue, 03 Sep 2024 23:32:06 GMT
document-policy: force-load-at-top
x-fb-server-load: 33
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7410563743718953393", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: MODERATE; q=0.3, rtt=201, rtx=0, c=10, mss=1368, tbw=3093, tp=-1, tpl=-1, uplat=265, ullat=0
pragma: no-cache
x-fb-debug: W5foniY1xeC62wiBlgqLJ6Sv/MiCeyxPAdngmcWnATF/H756n0T+t236XEmjUjnM/doMSr0a/VJtfTbcnfEKIg==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7410563743718953393"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.45/ 64 KB
27 KB 72ms
72ms Script
application/javascript 2620:1ec:bdf::31
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.45/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/g99432jddf?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 23:32:05 GMT
content-encoding: br
last-modified: Sun, 01 Sep 2024 12:45:29 GMT
etag: W/"0x8DCCA83F5A7F4DF"
vary: Accept-Encoding
x-azure-ref: 20240903T233205Z-r17dfb6c698vsbs6g29qvv36en0000000qs000000000g9k6
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: dd48e281-901e-0009-18ee-fc6b08000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

POST
H2 204 collect
analytics.google.com/g/ 0
0 644ms
246ms Fetch
text/plain 2404:6800:4006:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-VRLX9EH3CJ&gtm=45je4930v879078468z89111675971za200zb9111675971&_p=1725406323914&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1854330343.1725406326&ul=en-nz&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1725406325&sct=1&seg=0&dl=https%3A%2F%2Fwww.tsb.co.nz%2F&dt=The%20perfect%20amount%20of%20bank%20%7C%20TSB&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3102
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRLX9EH3CJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4006:804::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Sep 2024 23:32:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tsb.co.nz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 459ms
150ms Ping
text/plain 2404:6800:4003:c05::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VRLX9EH3CJ&cid=1854330343.1725406326&gtm=45je4930v879078468z89111675971za200zb9111675971&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRLX9EH3CJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c05::9a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Sep 2024 23:32:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tsb.co.nz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.nz/ads/ 42 B
63 B 329ms
167ms Image
image/gif 172.217.24.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.nz/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VRLX9EH3CJ&cid=1854330343.1725406326&gtm=45je4930v879078468z89111675971za200zb9111675971&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=1209686361

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.24.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Sep 2024 23:32:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csp-report
www.tsb.co.nz/ 0
32 B 249ms
248ms Other
text/plain 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tsb.co.nz/csp-report

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'nonce-WnRlY2RXUGVHaTZBenZVc1VsSlNNQUFBQUFB'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRlY2RXUGVHaTZBenZVc1VsSlNNQUFBQUFB'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRlY2RXUGVHaTZBenZVc1VsSlNNQUFBQUFB'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

quic-version: 0x00000001
content-security-policy: default-src 'self' 'nonce-WnRlY2RXUGVHaTZBenZVc1VsSlNNQUFBQUFB'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRlY2RXUGVHaTZBenZVc1VsSlNNQUFBQUFB'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRlY2RXUGVHaTZBenZVc1VsSlNNQUFBQUFB'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
date: Tue, 03 Sep 2024 23:32:06 GMT
x-amz-cf-pop: SYD62-P3
vary: x-aws-env-psk,Cookie
x-frame-options: SAMEORIGIN
content-language: en
cache-control: must-revalidate, no-cache, private
alt-svc: h3=":443"; ma=93600
x-amz-cf-id: 8x8HAsVIwK2HF-FQKCKbag9f_VO-QtNrzI3P-nsCO8ZZuUFEpgu67g==
x-xss-protection: 0
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2

200

activityi;dc_pre=CIbVq7n3p4gDFRsFgwMdBQIDBg;src=4214544;type=Remar0;cat=tsbba0;ord=5635838136407;npa=0;auiddc=576915555.1725406325;u1=%2F;ps=1;pcor=1660190384;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv...
4214544.fls.doubleclick.net/ Frame C769
Redirect Chain

https://4214544.fls.doubleclick.net/activityi;src=4214544;type=Remar0;cat=tsbba0;ord=5635838136407;npa=0;auiddc=576915555.1725406325;u1=%2F;ps=1;pcor=1660190384;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;ua...
https://4214544.fls.doubleclick.net/activityi;dc_pre=CIbVq7n3p4gDFRsFgwMdBQIDBg;src=4214544;type=Remar0;cat=tsbba0;ord=5635838136407;npa=0;auiddc=576915555.1725406325;u1=%2F;ps=1;pcor=1660190384;ua...

0
0

169ms
167ms

Document
text/html

142.250.76.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4214544.fls.doubleclick.net/activityi;dc_pre=CIbVq7n3p4gDFRsFgwMdBQIDBg;src=4214544;type=Remar0;cat=tsbba0;ord=5635838136407;npa=0;auiddc=576915555.1725406325;u1=%2F;ps=1;pcor=1660190384;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4930v9190070958z89111675971za201zb9111675971;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.tsb.co.nz%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-4214544&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.102 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 346
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Sep 2024 23:32:06 GMT
expires: Tue, 03 Sep 2024 23:32:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Sep 2024 23:32:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://4214544.fls.doubleclick.net/activityi;dc_pre=CIbVq7n3p4gDFRsFgwMdBQIDBg;src=4214544;type=Remar0;cat=tsbba0;ord=5635838136407;npa=0;auiddc=576915555.1725406325;u1=%2F;ps=1;pcor=1660190384;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4930v9190070958z89111675971za201zb9111675971;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.tsb.co.nz%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 csp-report
www.tsb.co.nz/ 0
33 B 199ms
198ms Other
text/plain 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tsb.co.nz/csp-report

Requested by

Host: www.tsb.co.nz
URL: https://www.tsb.co.nz/

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'nonce-WnRlY2RVLVl1NW81TDk5d1p6bU1ZZ0FBQUJj'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRlY2RVLVl1NW81TDk5d1p6bU1ZZ0FBQUJj'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRlY2RVLVl1NW81TDk5d1p6bU1ZZ0FBQUJj'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

quic-version: 0x00000001
content-security-policy: default-src 'self' 'nonce-WnRlY2RVLVl1NW81TDk5d1p6bU1ZZ0FBQUJj'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRlY2RVLVl1NW81TDk5d1p6bU1ZZ0FBQUJj'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRlY2RVLVl1NW81TDk5d1p6bU1ZZ0FBQUJj'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
date: Tue, 03 Sep 2024 23:32:06 GMT
x-amz-cf-pop: SYD62-P3
vary: x-aws-env-psk,Cookie
x-frame-options: SAMEORIGIN
content-language: en
cache-control: must-revalidate, no-cache, private
alt-svc: h3=":443"; ma=93600
x-amz-cf-id: OpDuDcBuXw21tvXBPOmfekmYtFC2YNKDuW8MTSioZxBF5znRqYzNWg==
x-xss-protection: 0
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET activity;register_conversion=1;src=4214544;type=Remar0;cat=tsbba0;ord=5635838136407;npa=0;auiddc=576915555.1725406325;u1=%2F;ps=1;pcor=1660190384;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl...
ad.doubleclick.net/ 0
0

GET
DATA 200
OK truncated
/ Frame F35E 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F35E 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK jquery.min.js Show response
rtp-static.marketo.com/rtp/libs/jquery/3.7.0/ 85 KB
30 KB 478ms
163ms Script
application/x-javascript 23.77.150.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery/3.7.0/jquery.min.js
Requested by: Host: snrtp-cdn.marketo.com
URL: https://snrtp-cdn.marketo.com/rtp-api/v1/rtp.js?aid=tsbco
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.77.150.29 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-77-150-29.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 03 Sep 2024 23:32:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 02 Jun 2023 14:58:35 GMT
Server: AkamaiNetStorage
ETag: "e6c2415c0ace414e5153670314ce99a9:1685718127.441272"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 30386

GET
H/1.1 200
OK jquery-ui-insightera-custom-1.9.6.css
rtp-static.marketo.com/rtp/libs/ 23 KB
4 KB 467ms
153ms Stylesheet
text/css 23.77.150.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery-ui-insightera-custom-1.9.6.css
Requested by: Host: snrtp-cdn.marketo.com
URL: https://snrtp-cdn.marketo.com/rtp-api/v1/rtp.js?aid=tsbco
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.77.150.29 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-77-150-29.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 143a1ee63c9fe87791cde6209d3716bf432ede02fc23ecbd064edfe1cc02bca9

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 03 Sep 2024 23:32:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 May 2024 05:08:51 GMT
Server: AkamaiNetStorage
ETag: "c89c0f4cc3c0f0f2bd846508a3cd504c:1715749730.923559"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 3762

GET
H/1.1 200
OK trw Show response
snrtp1.marketo.com/gw1/ 0
466 B 384ms
70ms Script
application/x-javascript 103.237.104.73
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://snrtp1.marketo.com/gw1/trw?aid=tsbco&trwv.uid=tsbco-1725406325927-c0685bd1&trwv.vc=1&trwsa.sid=tsbco-1725406325928-468d0270&trwsb.cpv=1&ctzo=+12:00&uri=https%3A%2F%2Fwww.tsb.co.nz%2F&ma=id%3A454-IZE-737%26token%3A_mch-tsb.co.nz-1725406325218-59851&pm=2273,2274,2275,2276,2277,2278&viewedTypes=&rts=1725406325929

Requested by

Host: snrtp-cdn.marketo.com
URL: https://snrtp-cdn.marketo.com/rtp-api/v1/rtp.js?aid=tsbco

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.237.104.73 , United States, ASN53580 (MARKETO, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 03 Sep 2024 23:32:06 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Connection: close
Content-Length: 0
Content-Type: application/x-javascript;charset=utf-8

GET
H/1.1 200
OK trw Show response
snrtp1.marketo.com/gw1/ 0
466 B 382ms
71ms Script
application/x-javascript 103.237.104.73
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://snrtp1.marketo.com/gw1/trw?aid=tsbco&trwv.uid=tsbco-1725406325927-c0685bd1&trwv.vc=1&trwsa.sid=tsbco-1725406325928-468d0270&trwsb.cpv=2&ctzo=+12:00&uri=https%3A%2F%2Fwww.tsb.co.nz%2F&ma=id%3A454-IZE-737%26token%3A_mch-tsb.co.nz-1725406325218-59851&pm=2273,2274,2275,2276,2277,2278&viewedTypes=&rts=1725406325930

Requested by

Host: snrtp-cdn.marketo.com
URL: https://snrtp-cdn.marketo.com/rtp-api/v1/rtp.js?aid=tsbco

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.237.104.73 , United States, ASN53580 (MARKETO, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 03 Sep 2024 23:32:06 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Connection: close
Content-Length: 0
Content-Type: application/x-javascript;charset=utf-8

GET
H/1.1 200
OK ga-integration-2.0.5.js Show response
rtp-static.marketo.com/rtp/libs/ 18 KB
6 KB 466ms
156ms Script
application/x-javascript 23.77.150.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.5.js
Requested by: Host: snrtp-cdn.marketo.com
URL: https://snrtp-cdn.marketo.com/rtp-api/v1/rtp.js?aid=tsbco
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.77.150.29 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-77-150-29.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bf6806d8c92e228249230195772afe2e68791d52763b782be9aa2855fab3b641

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 03 Sep 2024 23:32:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Jun 2023 08:00:53 GMT
Server: AkamaiNetStorage
ETag: "18a7b0f60655900c0010a35d07b9da0f:1686816053.163727"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 5654

GET
DATA 200
OK truncated
/ Frame C158 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C158 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 csp-report
www.tsb.co.nz/ 0
33 B 170ms
169ms Other
text/plain 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tsb.co.nz/csp-report

Requested by

Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.45/clarity.js

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'nonce-WnRlY2RqNFBSVVlINU1sTDB3MC0td0FBQUFF'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRlY2RqNFBSVVlINU1sTDB3MC0td0FBQUFF'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRlY2RqNFBSVVlINU1sTDB3MC0td0FBQUFF'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

quic-version: 0x00000001
content-security-policy: default-src 'self' 'nonce-WnRlY2RqNFBSVVlINU1sTDB3MC0td0FBQUFF'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRlY2RqNFBSVVlINU1sTDB3MC0td0FBQUFF'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRlY2RqNFBSVVlINU1sTDB3MC0td0FBQUFF'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
date: Tue, 03 Sep 2024 23:32:06 GMT
x-amz-cf-pop: SYD62-P3
vary: x-aws-env-psk,Cookie
x-frame-options: SAMEORIGIN
content-language: en
cache-control: must-revalidate, no-cache, private
alt-svc: h3=":443"; ma=93600
x-amz-cf-id: G5Od3_9NVlTwhWDUIURchSGTkOe0sY23c4-JgN5yNdAvMfeeGymG5A==
x-xss-protection: 0
expires: Sun, 19 Nov 1978 05:00:00 GMT

POST collect
p.clarity.ms/ 0
0

POST
H3 204 csp-report
www.tsb.co.nz/ 0
35 B 171ms
170ms Other
text/plain 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tsb.co.nz/csp-report

Requested by

Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.45/clarity.js

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'nonce-WnRlY2Rzb0FVeW9pNzV0Y1hxaFNEd0FBQUFF'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRlY2Rzb0FVeW9pNzV0Y1hxaFNEd0FBQUFF'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRlY2Rzb0FVeW9pNzV0Y1hxaFNEd0FBQUFF'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

quic-version: 0x00000001
content-security-policy: default-src 'self' 'nonce-WnRlY2Rzb0FVeW9pNzV0Y1hxaFNEd0FBQUFF'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRlY2Rzb0FVeW9pNzV0Y1hxaFNEd0FBQUFF'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRlY2Rzb0FVeW9pNzV0Y1hxaFNEd0FBQUFF'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
date: Tue, 03 Sep 2024 23:32:06 GMT
x-amz-cf-pop: SYD62-P3
vary: x-aws-env-psk,Cookie
x-frame-options: SAMEORIGIN
content-language: en
cache-control: must-revalidate, no-cache, private
alt-svc: h3=":443"; ma=93600
x-amz-cf-id: 3L4Dw_MCRnhlQtjMckgxkjj-pQIBLW0lyxCeeAp6WTDrdGrpslrszQ==
x-xss-protection: 0
expires: Sun, 19 Nov 1978 05:00:00 GMT

POST collect
p.clarity.ms/ 0
0

POST
H3 204 csp-report
www.tsb.co.nz/ 0
35 B 193ms
192ms Other
text/plain 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tsb.co.nz/csp-report

Requested by

Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.45/clarity.js

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'nonce-WnRlY2RuRGZwdmViNWluTUh0dk9hUUFBQUFV'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRlY2RuRGZwdmViNWluTUh0dk9hUUFBQUFV'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRlY2RuRGZwdmViNWluTUh0dk9hUUFBQUFV'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

quic-version: 0x00000001
content-security-policy: default-src 'self' 'nonce-WnRlY2RuRGZwdmViNWluTUh0dk9hUUFBQUFV'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRlY2RuRGZwdmViNWluTUh0dk9hUUFBQUFV'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRlY2RuRGZwdmViNWluTUh0dk9hUUFBQUFV'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
date: Tue, 03 Sep 2024 23:32:06 GMT
x-amz-cf-pop: SYD62-P3
vary: x-aws-env-psk,Cookie
x-frame-options: SAMEORIGIN
content-language: en
cache-control: must-revalidate, no-cache, private
alt-svc: h3=":443"; ma=93600
x-amz-cf-id: pgTcjaqfts7sasVgI_T5ZOBIyq2cLRYa8nKiTC0bEkHDSBOGhN9rBQ==
x-xss-protection: 0
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H/1.1 200
OK msg Show response
snrtp1.marketo.com/gw1/ 0
457 B 334ms
71ms Script
text/javascript 103.237.104.73
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://snrtp1.marketo.com/gw1/msg?a=2&sid=tsbco-1725406325928-468d0270&aid=tsbco&ma=id%3A454-IZE-737%26token%3A_mch-tsb.co.nz-1725406325218-59851&viewedTypes=&0.4267915613388953&rts=1725406325980

Requested by

Host: snrtp-cdn.marketo.com
URL: https://snrtp-cdn.marketo.com/rtp-api/v1/rtp.js?aid=tsbco

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.237.104.73 , United States, ASN53580 (MARKETO, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 03 Sep 2024 23:32:06 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Connection: close
Content-Length: 0
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK msg Show response
snrtp1.marketo.com/gw1/ 0
457 B 341ms
75ms Script
text/javascript 103.237.104.73
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://snrtp1.marketo.com/gw1/msg?a=2&sid=tsbco-1725406325928-468d0270&aid=tsbco&ma=id%3A454-IZE-737%26token%3A_mch-tsb.co.nz-1725406325218-59851&viewedTypes=&0.7168133098292928&rts=1725406325981

Requested by

Host: snrtp-cdn.marketo.com
URL: https://snrtp-cdn.marketo.com/rtp-api/v1/rtp.js?aid=tsbco

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.237.104.73 , United States, ASN53580 (MARKETO, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 03 Sep 2024 23:32:06 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Connection: close
Content-Length: 0
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK msg Show response
snrtp1.marketo.com/gw1/ 0
457 B 205ms
73ms Script
text/javascript 103.237.104.73
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://snrtp1.marketo.com/gw1/msg?a=2&sid=tsbco-1725406325928-468d0270&aid=tsbco&ma=id%3A454-IZE-737%26token%3A_mch-tsb.co.nz-1725406325218-59851&viewedTypes=&0.20810770221171349&rts=1725406326313

Requested by

Host: snrtp-cdn.marketo.com
URL: https://snrtp-cdn.marketo.com/rtp-api/v1/rtp.js?aid=tsbco

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.237.104.73 , United States, ASN53580 (MARKETO, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 03 Sep 2024 23:32:06 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Connection: close
Content-Length: 0
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK msg Show response
snrtp1.marketo.com/gw1/ 0
457 B 206ms
74ms Script
text/javascript 103.237.104.73
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://snrtp1.marketo.com/gw1/msg?a=2&sid=tsbco-1725406325928-468d0270&aid=tsbco&ma=id%3A454-IZE-737%26token%3A_mch-tsb.co.nz-1725406325218-59851&viewedTypes=&0.4853171105394618&rts=1725406326315

Requested by

Host: snrtp-cdn.marketo.com
URL: https://snrtp-cdn.marketo.com/rtp-api/v1/rtp.js?aid=tsbco

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.237.104.73 , United States, ASN53580 (MARKETO, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 03 Sep 2024 23:32:06 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Connection: close
Content-Length: 0
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK jquery-custom-ui.min.js Show response
rtp-static.marketo.com/rtp/libs/jqueryui/1.13.2/ 522 KB
126 KB 198ms
198ms Script
application/x-javascript 23.77.150.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jqueryui/1.13.2/jquery-custom-ui.min.js
Requested by: Host: snrtp-cdn.marketo.com
URL: https://snrtp-cdn.marketo.com/rtp-api/v1/rtp.js?aid=tsbco
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.77.150.29 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-77-150-29.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b122e173fb310c409d02c56e57eea40f1ea470fed839599c902b085d8fdb0129

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 03 Sep 2024 23:32:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Jun 2023 11:54:52 GMT
Server: AkamaiNetStorage
ETag: "85c4e68263c6de164e4bad3fb60222a5:1685620750.615377"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 generic1724833743586.js Show response
nebula-cdn.kampyle.com/au/wau/210973/onsite/ 359 KB
82 KB 66ms
65ms Script
application/javascript 151.101.1.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/au/wau/210973/onsite/generic1724833743586.js

Requested by

Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/wau/210973/onsite/embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.175 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cf9cbd57e982cfb1f39e141c1e3caab91e22c38a398bfccc51ea1aacdc15f791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: jZ3LcKd4HqcbhHFYvZhrTuovC2TyXc7c
content-encoding: gzip
via: 1.1 varnish
date: Tue, 03 Sep 2024 23:32:07 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 66228CQ5G120X3WG
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 83169
x-amz-id-2: B4zlFgLHTlJnjGcE8oYq5YuEaWJXRPst/eTdp466jomH/4vBiDDUbPAV6kw4KIQ4UGB55VnMo6Y=
x-served-by: cache-syd10181-SYD
last-modified: Wed, 28 Aug 2024 08:29:04 GMT
server: AmazonS3
x-timer: S1725406327.089685,VS0,VE0
etag: "750ae2ea48cf9c84d5a96a38677fc690"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 2

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B4A5DF82EACC4780A0E5646F8564DABF&RedC=c.clarity.ms&MXFR=10699AA6EEE36B1F17A58E49EAE365E3
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B4A5DF82EACC4780A0E5646F8564DABF&MUID=2629B44F348C6B8322AFA0A0351C6A9C

42 B
443 B

205ms
204ms

Image
image/gif

52.231.230.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B4A5DF82EACC4780A0E5646F8564DABF&MUID=2629B44F348C6B8322AFA0A0351C6A9C
Protocol: H2
Server: 52.231.230.148 Busan, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Sep 2024 23:32:07 GMT
last-modified: Tue, 13 Aug 2024 21:12:15 GMT
server: Microsoft-IIS/10.0
etag: "3bd2d078c5edda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 03 Sep 2024 23:32:07 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0AB3CBF26DC94E7FA27866FBC4A90EE7 Ref B: SYD03EDGE0813 Ref C: 2024-09-03T23:32:07Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B4A5DF82EACC4780A0E5646F8564DABF&MUID=2629B44F348C6B8322AFA0A0351C6A9C
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK visitor Show response
snrtp1.marketo.com/gw1/rtp/api/v1_1/ 287 B
1 KB 329ms
74ms XHR
application/json 103.237.104.73
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://snrtp1.marketo.com/gw1/rtp/api/v1_1/visitor?sid=tsbco-1725406325928-468d0270&aid=tsbco&1725406327060

Requested by

Host: rtp-static.marketo.com
URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.5.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.237.104.73 , United States, ASN53580 (MARKETO, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

982d4ceabf036a79bf17e2afe81995e9e5ea5d93793807fe55ce0191320be630

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: No-cache
Date: Tue, 03 Sep 2024 23:32:07 GMT
Strict-Transport-Security: max-age=63113904
Last-Modified: Tue Sep 03 18:32:07 CDT 2024
Server: Jetty(9.4.45.v20220203)
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tsb.co.nz
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sgm Show response
snrtp1.marketo.com/gw1/ga/ 48 B
532 B 361ms
104ms XHR
text/json 103.237.104.73
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://snrtp1.marketo.com/gw1/ga/sgm?sid=tsbco-1725406325928-468d0270&1725406327061

Requested by

Host: rtp-static.marketo.com
URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.5.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.237.104.73 , United States, ASN53580 (MARKETO, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

25b4e974dc91d718d1b66bf120388c20da6dfd3a886ec8401af1c269dd169a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 03 Sep 2024 23:32:07 GMT
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Content-Type: text/json;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Content-Length: 48

GET
H3 200 favicon.ico
www.tsb.co.nz/themes/TSB/ 15 KB
15 KB 121ms
120ms Other
image/vnd.microsoft.icon 203.134.79.57
VOCUS-RETAIL-AU V...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tsb.co.nz/themes/TSB/favicon.ico

Protocol

Security

QUIC, , AES_256_GCM

Server

203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),

Reverse DNS

57.79.134.203.core.vocus.network

Software

Resource Hash

c29898818975d404bc311ef4043893f26e1ad7b6c8760fe1984b3aba82444365

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'nonce-WnRab2hSbEI2UU1iOXpHbFcya2s2QUFBQUFJ'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRab2hSbEI2UU1iOXpHbFcya2s2QUFBQUFJ'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRab2hSbEI2UU1iOXpHbFcya2s2QUFBQUFJ'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version: 0x00000001
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' 'nonce-WnRab2hSbEI2UU1iOXpHbFcya2s2QUFBQUFJ'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRab2hSbEI2UU1iOXpHbFcya2s2QUFBQUFJ'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRab2hSbEI2UU1iOXpHbFcya2s2QUFBQUFJ'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
x-content-type-options: nosniff
date: Tue, 03 Sep 2024 23:32:07 GMT
x-amz-cf-pop: SYD62-P3
alt-svc: h3=":443"; ma=93600
content-length: 15406
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Aug 2024 10:31:17 GMT
etag: "3c2e-620bbdbb1ab88"
x-frame-options: SAMEORIGIN
vary: Cookie
content-type: image/vnd.microsoft.icon
cache-control: max-age=31457178
accept-ranges: bytes
x-amz-cf-id: RGkZ2SxmTJsL3BHXMC0aZiTUN5BEqCH0lLsrAapwoQGn4VgEVY_hHw==
expires: Wed, 03 Sep 2025 01:38:25 GMT

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
318 B 412ms
263ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI4LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiVGhlIHBlcmZlY3QgYW1vdW50IG9mIGJhbmsgfCBUU0IiLCJwYWdlX3VybCI6ICJodHRwczovL3d3dy50c2IuY28ubnovIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE3MjU0MDYzMjcyMjIiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAxMiwidXNlcl9pZCI6ICIxOTFiYTNiMzFhZmUwNy0wYjMyZGYyNjdhNjA0NS0xZjQ2MmM2Zi0xZDRjMDAtMTkxYmEzYjMxYjAxOWVmIiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXN5ZDEiLCJhY2NvdW50SWQiOiAyMTA5NzIsInVybCI6ICJodHRwczovL3d3dy50c2IuY28ubnovIiwid2Vic2l0ZUlkIjogMjEwOTczLCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI4NDI1LTE0YjgtNDBhNS01YmYyLTk1MjctMjg0NC0xZWRmLTllMjEiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTcyNTQwNjMyNzIyMCIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiA2MjUsImthbXB5bGVfdmVyc2lvbiI6ICIyLjU2LjEiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjU2LjEiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE3MjU0MDYzMjcyMjIsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tsb.co.nz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-mqhl
date: Tue, 03 Sep 2024 23:32:07 GMT
via: 1.1 google
alt-svc: clear
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad.doubleclick.net
URL: https://ad.doubleclick.net/activity;register_conversion=1;src=4214544;type=Remar0;cat=tsbba0;ord=5635838136407;npa=0;auiddc=576915555.1725406325;u1=%2F;ps=1;pcor=1660190384;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4930v9190070958z89111675971za201zb9111675971;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.tsb.co.nz%2F?

Domain: p.clarity.ms
URL: https://p.clarity.ms/collect

Domain: p.clarity.ms
URL: https://p.clarity.ms/collect

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tsb.co.nz/	1970-01-21 01:26:22	Name: _gcl_au Value: 1.1.576915555.1725406325
.tsb.co.nz/	1970-01-21 08:52:46	Name: _mkto_trk Value: id:454-IZE-737&token:_mch-tsb.co.nz-1725406325218-59851
.tsb.co.nz/	1970-01-21 01:26:22	Name: _fbp Value: fb.2.1725406325507.591965760737389193
www.clarity.ms/	1970-01-21 08:02:22	Name: CLID Value: 68046c12716f4a9fa428ca9866f63dbf.20240903.20250903
.tsb.co.nz/	1970-01-21 08:02:22	Name: _clck Value: k0yqhk%7C2%7Cfov%7C0%7C1707
.tsb.co.nz/	1970-01-21 08:52:46	Name: _ga_VRLX9EH3CJ Value: GS1.1.1725406325.1.0.1725406325.60.0.0
.tsb.co.nz/	1970-01-21 08:52:46	Name: _ga Value: GA1.1.1854330343.1725406326
.tsb.co.nz/	1970-01-21 08:52:46	Name: trwv.uid Value: tsbco-1725406325927-c0685bd1%3A1
.tsb.co.nz/	1970-01-20 23:16:48	Name: trwsa.sid Value: tsbco-1725406325928-468d0270%3A2
.doubleclick.net/	1970-01-20 23:16:47	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-21 03:35:58	Name: receive-cookie-deprecation Value: 1
www.tsb.co.nz/	1970-01-21 08:02:22	Name: mdLogger Value: false
www.tsb.co.nz/	1970-01-21 08:02:22	Name: kampyle_userid Value: 8425-14b8-40a5-5bf2-9527-2844-1edf-9e21
www.tsb.co.nz/	1970-01-21 08:02:22	Name: kampyleUserSession Value: 1725406327220
www.tsb.co.nz/	1970-01-21 08:02:22	Name: kampyleUserSessionsCount Value: 1
www.tsb.co.nz/	1970-01-21 08:02:22	Name: kampyleSessionPageCounter Value: 1
.bing.com/	1970-01-21 08:38:22	Name: MUID Value: 2629B44F348C6B8322AFA0A0351C6A9C
.c.bing.com/	1970-01-20 23:26:51	Name: MR Value: 0
.c.bing.com/	1970-01-21 08:38:22	Name: SRM_B Value: 2629B44F348C6B8322AFA0A0351C6A9C
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 08:38:22	Name: MUID Value: 2629B44F348C6B8322AFA0A0351C6A9C
.c.clarity.ms/	1970-01-20 23:26:51	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 23:16:46	Name: ANONCHK Value: 0

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8RN5F7(Line 785) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRlY2M4b0FVeW9pNzV0Y1hxaFNBd0FBQUFF'". Either the 'unsafe-inline' keyword, a hash ('sha256-vhd9OW9a3YnW0EMRks+cb33a+aRt/MsLGAMA/N8hqWo='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://www.googletagmanager.com/ Message: Refused to frame 'https://td.doubleclick.net/' because it violates the following Content Security Policy directive: "frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com".
security	error	URL: https://www.tsb.co.nz/ Message: Refused to load the image 'https://ad.doubleclick.net/activity;register_conversion=1;src=4214544;type=Remar0;cat=tsbba0;ord=5635838136407;npa=0;auiddc=576915555.1725406325;u1=%2F;ps=1;pcor=1660190384;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4930v9190070958z89111675971za201zb9111675971;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.tsb.co.nz%2F?' because it violates the following Content Security Policy directive: "img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com".
security	error	URL: https://www.googletagmanager.com/ Message: Refused to frame 'https://td.doubleclick.net/' because it violates the following Content Security Policy directive: "frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com".
security	error	URL: https://www.clarity.ms/s/0.7.45/clarity.js(Line 1) Message: Refused to connect to 'https://p.clarity.ms/collect' because it violates the following Content Security Policy directive: "connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com".
security	error	URL: https://www.clarity.ms/s/0.7.45/clarity.js(Line 1) Message: Refused to connect to 'https://p.clarity.ms/collect' because it violates the following Content Security Policy directive: "connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com".
security	error	URL: https://www.clarity.ms/s/0.7.45/clarity.js(Line 1) Message: Refused to connect to 'https://p.clarity.ms/collect' because it violates the following Content Security Policy directive: "connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com".
security	error	URL: https://www.clarity.ms/s/0.7.45/clarity.js(Line 1) Message: Refused to connect to 'https://p.clarity.ms/collect' because it violates the following Content Security Policy directive: "connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'nonce-WnRlY2M4b0FVeW9pNzV0Y1hxaFNBd0FBQUFF'; script-src 'self' staticcdn.co.nz snrtp-cdn.marketo.com connect.facebook.net jquery.validate.min.js polyfill.io munchkin.marketo.net rtp-static.marketo.com snrtp1.marketo.com cdn.jsdelivr.net www.googletagmanager.com www.google.co.nz www.googleoptimize.com googleoptimize.com script.hotjar.com maps.googleapis.com unpkg.com www.google.com www.gstatic.com www.clarity.ms md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com 'nonce-WnRlY2M4b0FVeW9pNzV0Y1hxaFNBd0FBQUFF'; font-src 'self' fonts.gstatic.com fonts.googleapis.com nebula-cdn.kampyle.com; img-src 'self' data: shielded.co.nz www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com www.google.co.nz www.facebook.com maps.googleapis.com maps.gstatic.com c.clarity.ms c.bing.com md-scp.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com; style-src 'self' fonts.googleapis.com md-scp.kampyle.com nebula-cdn.kampyle.com 'nonce-WnRlY2M4b0FVeW9pNzV0Y1hxaFNBd0FBQUFF'; frame-src 'self' 4214544.fls.doubleclick.net www.youtube.com youtu.be youtube.com www.google.com staticcdn.co.nz nebula-cdn.kampyle.com; connect-src 'self' tsb-prod-apim.azure-api.net tsb-nonprod-apim.azure-api.net *.mktoresp.com stats.g.doubleclick.net s.clarity.ms www.google-analytics.com analytics.google.com v.clarity.ms snrtp1.marketo.com www.googleoptimize.com googleoptimize.com maps.googleapis.com md-scp.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com; base-uri 'self' md-scp.kampyle.com; object-src 'none'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' fonts.googleapis.com www.facebook.com rtp-static.marketo.com 'unsafe-inline'; frame-ancestors 'self'; form-action 'self' online.tsb.co.nz; report-uri /csp-report;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4214544.fls.doubleclick.net
454-ize-737.mktoresp.com
ad.doubleclick.net
analytics.google.com
c.bing.com
c.clarity.ms
connect.facebook.net
munchkin.marketo.net
nebula-cdn.kampyle.com
p.clarity.ms
rtp-static.marketo.com
shielded.co.nz
snrtp-cdn.marketo.com
snrtp1.marketo.com
staticcdn.co.nz
stats.g.doubleclick.net
udc-neb.kampyle.com
unpkg.com
www.clarity.ms
www.facebook.com
www.google.co.nz
www.googletagmanager.com
www.tsb.co.nz
ad.doubleclick.net
p.clarity.ms
103.237.104.73
103.237.104.82
142.250.76.102
151.101.1.175
157.240.8.23
172.217.24.35
18.67.110.105
18.67.110.51
203.134.79.57
23.77.150.189
23.77.150.29
2403:4800:2003:4::cb86:559a
2404:6800:4003:c05::9a
2404:6800:4006:804::200e
2404:6800:4006:80f::2008
2606:4700::6811:f5cb
2620:1ec:bdf::31
2620:1ec:c11::237
2a03:2880:f119:8083:face:b00c:0:25de
35.241.45.82
52.231.230.148
00e23df10377c1a86b7e881fd0e8e209b08c89a0fd3a9437d3e56d6087398f60
023cf8b8a67fe94bcef10d2a02505f939fe00978a20638cc40de1d7842b3521c
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
09d3c01af7d1b64385f5aea38b33807177f382f8dc3ce411548e1beb6523263e
0c82a95daa5ef40bf810ade32aad3a375ed14df6966ea1bd65520d6a85029975
0c91d9180a4fbd8d7a81f954632dfcc5570720d01ff2be2f3cd3f899e1d65677
143a1ee63c9fe87791cde6209d3716bf432ede02fc23ecbd064edfe1cc02bca9
1af1da6717bf645b3f5b8af41f16f7a149f0bf11e817492a2b3f711f50a6bef7
229153c7c6646487031d2e5f8be0ec43a58bb341dcb5417fb0ae480efd4ac162
25b4e974dc91d718d1b66bf120388c20da6dfd3a886ec8401af1c269dd169a44
264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15
32bfeaf402f2f470f6aa3eb5397418b0a29f3ff51d10c8303933f3c516c5b1e1
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
414277d359e2c453607104f2495ac2af09fa15c2ccaf2e485d3933e5727f348d
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
4589441ac97df1033c946f3403b0199cfb05e8ba3e406e21013d1af6965dd06a
4b466aab4e8e67fc4a456707ba55c18938b6667be439c828c428d7070e603f76
4c0e86b58a95d6cc42324dc9f51d082538b49b3762b4b210accb9b190a58443b
510ecafeb02c61c2879abef47858100e36fef86b0c1962dbb7b9337cfd95ea30
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
54c3efbdfca5f0a68b2fe25942ec652c41ae5ce6e07baca2b9f1a895409adfbe
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a33562cad9eb06c691cb48e26df44406a7eab40b986d508d0927d70d77dd0d2
5b38685c3ce8b9d7e1bdf8779cd7ac5983028f904dfeccdd350d83c416ba1c3d
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6a8996a4866b94877454218ae2202c8d1ac982a1a7d4870b07820d1b88fd576a
6acd54f2994ad7633ebed65bf2bf2349922118b715731763482a6cb2f802bf18
6d85c6b6712f50bf6b61aeb1d96103d99903abb4d3fdba53ccf96552d9f86fcf
6ec4b6051cb614a8091bd9f5d116d2e8b741159dbfe569e06eba730a3fae7e1d
752ac7b6a1d83373e07af1ee17b3a0e4a304e9b9304b55e49d93c7ab6a1c394e
79caa592cde5bfd0a417bf66926410d967a5334c9f0d1990671456e5bd4f5ce8
86e6459d734e4861ef736467ab64fc8b433923d940fd39271fd923ae2c34f9b0
884be02526ba926246005e45c6fd619fb4e0b53265d5d82db187a35a98690d55
982d4ceabf036a79bf17e2afe81995e9e5ea5d93793807fe55ce0191320be630
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d1d52b444c1502f4c23e43b6747412c054ca65157dfe908d599dedff425d626
9e056e574bfbca2ce3ec6cb73b68750db9bd29d91c3471add8b8db217f78a275
a2df8a1ea57ff1a48259665a5aae51c21df18d91406f0a3e3623afb26c60c31d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad712e613b52d57d048c978707e614d7ca0349736be941733aafab4770a9afa5
af5a9628858b383c6257068c476c25b5a8a6421b686a349a828c47f526e7f877
b122e173fb310c409d02c56e57eea40f1ea470fed839599c902b085d8fdb0129
b8666c40390e333bbbef6b67ce910ed6fc73c7b7c4476f48b3be06fbe2198a2d
b8710e59c134288dfa22585733639c1e70b133850bf414ee097f9e73eb4d8eee
ba2e65e6de11b597587bdb304a49174e41a23ccd9bf20e7dec7fca7d07ffb439
bedfc97fc67ea23fe97336f8c0032203f1b08f889e0ee6bb3d8a2ff3da4f8baa
bf6806d8c92e228249230195772afe2e68791d52763b782be9aa2855fab3b641
c212f4b505a86352aed62b24a8f16f999f821ecbe6456c7f3c8a04bc87968782
c29898818975d404bc311ef4043893f26e1ad7b6c8760fe1984b3aba82444365
cf9cbd57e982cfb1f39e141c1e3caab91e22c38a398bfccc51ea1aacdc15f791
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
e2fed2719e47f4428f31b5f6d8584ed8b6848f9b3586644e070749341806344e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e3dee05a65cbc73efd4dde6ab68ddfcf623cef6d983adadfbab83ef86a571a
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
e5c2dd00df7892f31ac96aa60a9b2b2b28f90400fb38ffea648f1c9ba73769bc
e79b999464b8a504fef7e85f011be9ccdbd7442d324d6d6af8dbba5bb590a0c6
e9b29db4f9339b5c9320c9dc1a64c95d0b099c3529514803addc148ec8774b2c
eed2a93625f65152807f2de063360761b5c07c7792c13071a62ff84c8df726a1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27e41b578d9b114aaef1174c8291fc2f487adc5c977b4bf59f463f5c76d331c

www.tsb.co.nz Open in urlscan Pro 2403:4800:2003:4::cb86:559a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

78 Requests

95 %HTTPS

38 %IPv6

16 Domains

23 Subdomains

21 IPs

4 Countries

1070 kBTransfer

3358 kBSize

23 Cookies

6 Outgoing links

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tsb.co.nz Open in urlscan Pro
2403:4800:2003:4::cb86:559a Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

95 %
HTTPS

38 %
IPv6

16
Domains

23
Subdomains

21
IPs

4
Countries

1070 kB
Transfer

3358 kB
Size

23
Cookies

78 HTTP transactions
5 data transactions