urlscan.io logo urlscan.io
SecurityTrails logo

secure.state.co.nz Open in urlscan Pro
202.50.1.200  Public Scan

Go To Rescan Add Verdict Report
URL: https://secure.state.co.nz/payment
Submission: On April 07 via manual from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 6 countries across 15 domains to perform 43 HTTP transactions. The main IP is 202.50.1.200, located in Auckland, New Zealand and belongs to IAG-NZ-AS IAG New Zealand, NZ. The main domain is secure.state.co.nz.
TLS certificate: Issued by Thawte RSA CA 2018 on February 16th 2020. Valid for: 2 years.
This is the only time secure.state.co.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

14    202.50.1.200 (Auckland, New Zealand)

ASN134692 (IAG-NZ-AS IAG New Zealand, NZ)
secure.state.co.nz
2    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    172.217.22.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f2.1e100.net
www.googleadservices.com
3    172.217.22.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f6.1e100.net
8062289.fls.doubleclick.net
ad.doubleclick.net
1    91.228.74.208 (United Kingdom)

ASN27281 (QUANTCAST, US)
secure.quantserve.com
2    2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1, US)
s.yimg.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
www.googletagservices.com
1    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net
googleads4.g.doubleclick.net
1    2600:9000:20eb:800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    91.228.74.203 (United Kingdom)

ASN27281 (QUANTCAST, US)
pixel.quantserve.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    2600:9000:2156:a600:3:4b74:18c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.monsido.com
1    2600:1901:0:891c:: (United States)

ASN15169 (GOOGLE, US)
tracking.monsido.com
Domain Requested by
14 secure.state.co.nz secure.state.co.nz
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
secure.state.co.nz
2 bat.bing.com www.googletagmanager.com
2 www.google.de secure.state.co.nz
2 www.google.com 1 redirects secure.state.co.nz
2 s.yimg.com secure.state.co.nz
s.yimg.com
2 8062289.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 connect.facebook.net secure.state.co.nz
connect.facebook.net
2 www.googletagmanager.com secure.state.co.nz
www.googletagmanager.com
1 tracking.monsido.com
1 cdn.monsido.com www.googletagmanager.com
1 pixel.quantserve.com secure.state.co.nz
1 rules.quantcount.com secure.quantserve.com
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 www.googletagservices.com ad.doubleclick.net
1 googleads.g.doubleclick.net www.googleadservices.com
1 stats.g.doubleclick.net 1 redirects
1 www.facebook.com secure.state.co.nz
1 ad.doubleclick.net secure.state.co.nz
1 secure.quantserve.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
43 21

This site contains links to these domains. Also see Links.

Domain
www.state.co.nz
Subject Issuer Validity Valid
secure.state.co.nz
Thawte RSA CA 2018		 2020-02-16 -
2022-02-15		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-03-01 -
2020-05-30		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2019-10-04 -
2020-10-07		 a year crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-03-13 -
2020-04-27		 a month crt.sh
www.google.de
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
www.bing.com
Microsoft IT TLS CA 2		 2019-04-30 -
2021-04-30		 2 years crt.sh
cdn.monsido.com
Amazon		 2019-12-20 -
2021-01-20		 a year crt.sh
www.tracking.monsido.com
Starfield Secure Certificate Authority - G2		 2017-08-06 -
2020-08-06		 3 years crt.sh

This page contains 2 frames:

Primary Page: https://secure.state.co.nz/payment
Frame ID: DD811E0A65C954377A7B617E72546EF2
Requests: 45 HTTP requests in this frame

Frame: https://8062289.fls.doubleclick.net/activityi;dc_pre=COOK7MyM1egCFUaZdwodlvkK3A;src=8062289;type=10sta0;cat=10sta0;ord=4297766269918;gtm=2wg3p1;auiddc=1668669891.1586220704;u1=%2Fpayment;u8=undefined;~oref=https%3A%2F%2Fsecure.state.co.nz%2Fpayment
Frame ID: AB83C1DE72D12F5682BF0D0ABFE10A89
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i

Page Statistics

43
Requests

100 %
HTTPS

68 %
IPv6

15
Domains

21
Subdomains

19
IPs

6
Countries

693 kB
Transfer

1597 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://8062289.fls.doubleclick.net/activityi;src=8062289;type=10sta0;cat=10sta0;ord=4297766269918;gtm=2wg3p1;auiddc=1668669891.1586220704;u1=%2Fpayment;u8=undefined;~oref=https%3A%2F%2Fsecure.state.co.nz%2Fpayment HTTP 302
  • https://8062289.fls.doubleclick.net/activityi;dc_pre=COOK7MyM1egCFUaZdwodlvkK3A;src=8062289;type=10sta0;cat=10sta0;ord=4297766269918;gtm=2wg3p1;auiddc=1668669891.1586220704;u1=%2Fpayment;u8=undefined;~oref=https%3A%2F%2Fsecure.state.co.nz%2Fpayment
Request Chain 30
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-1423233-1&cid=1274211924.1586220704&jid=1998929638&gjid=1111707603&_gid=1412444381.1586220704&_u=aGDAgEAjQ~&z=857946380 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1423233-1&cid=1274211924.1586220704&jid=1998929638&_v=j81&z=857946380 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1423233-1&cid=1274211924.1586220704&jid=1998929638&_v=j81&z=857946380&slf_rd=1&random=65619094

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request payment
secure.state.co.nz/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.state.co.nz/payment
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
202.50.1.200 Auckland, New Zealand, ASN134692 (IAG-NZ-AS IAG New Zealand, NZ),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
cda5ab1536a276dc29494a38edb57e15351c55d8cfc38665cd2bb718cf2ec657

Request headers

Host
secure.state.co.nz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/7.5
X-AspNetMvc-Version
4.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Tue, 07 Apr 2020 00:51:41 GMT
Content-Length
2389
Site-css
secure.state.co.nz/payment/Content/Css/ 		229 KB
78 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.state.co.nz/payment/Content/Css/Site-css?v=TfozFv79_gbwAYgmPYoz0nXgm3K5lCCHUM1CSfGhsvQ1?v=1.0.7215.23385
Requested by
Host: secure.state.co.nz
URL: https://secure.state.co.nz/payment
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
202.50.1.200 Auckland, New Zealand, ASN134692 (IAG-NZ-AS IAG New Zealand, NZ),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
5d8bc838393262ade17656b1ac75cdaa7ea8e38fd75e05a20ce18a3bf3b1ec99

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Tue, 07 Apr 2020 00:51:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Apr 2020 00:51:41 GMT
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
public
Transfer-Encoding
chunked
Expires
Wed, 07 Apr 2021 00:51:41 GMT
modernizr
secure.state.co.nz/payment/bundles/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.state.co.nz/payment/bundles/modernizr?v=qVODBytEBVVePTNtSFXgRX0NCEjh9U_Oj8ePaSiRcGg1
Requested by
Host: secure.state.co.nz
URL: https://secure.state.co.nz/payment
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
202.50.1.200 Auckland, New Zealand, ASN134692 (IAG-NZ-AS IAG New Zealand, NZ),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
e5c283757f4c989d17cc064ae4a058b466a4b912356adaab87f06da80b7da39f

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 07 Apr 2020 00:51:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Apr 2020 00:51:42 GMT
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
5233
Expires
Wed, 07 Apr 2021 00:51:42 GMT
jquery
secure.state.co.nz/payment/bundles/ 		222 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.state.co.nz/payment/bundles/jquery?v=B5P_cOUpN2dCFLPRCXPN6-o_kuqc-1DIVvnc31hZayc1
Requested by
Host: secure.state.co.nz
URL: https://secure.state.co.nz/payment
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
202.50.1.200 Auckland, New Zealand, ASN134692 (IAG-NZ-AS IAG New Zealand, NZ),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
c037ce928484501a06594d3a23a2fceb9da4bdff02165ee3fd3d92e55cafe51e

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 07 Apr 2020 00:51:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Apr 2020 00:51:42 GMT
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Transfer-Encoding
chunked
Expires
Wed, 07 Apr 2021 00:51:42 GMT
site-js
secure.state.co.nz/payment/bundles/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.state.co.nz/payment/bundles/site-js?v=TJIXrm3KxuaY1gY0PreCsQM6wE6ONYE0NZ23RW27nsU1?v=1.0.7215.23385
Requested by
Host: secure.state.co.nz
URL: https://secure.state.co.nz/payment
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
202.50.1.200 Auckland, New Zealand, ASN134692 (IAG-NZ-AS IAG New Zealand, NZ),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
f3857470caccc86cd7e0e57258c07d7184f8767889a288a606e180dc4d343063

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 07 Apr 2020 00:51:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Apr 2020 00:51:42 GMT
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
2294
Expires
Wed, 07 Apr 2021 00:51:42 GMT
application
secure.state.co.nz/payment/bundles/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.state.co.nz/payment/bundles/application?v=67hXMZ-4khMXyAUkhJtpGbE-hjgc1jFgBiiQk6mX_C41?v=1.0.7215.23385
Requested by
Host: secure.state.co.nz
URL: https://secure.state.co.nz/payment
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
202.50.1.200 Auckland, New Zealand, ASN134692 (IAG-NZ-AS IAG New Zealand, NZ),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
c23b28ae2f26e77efb892e785d5bb4f04fc17e505478845b65b772a7e817e52c

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 07 Apr 2020 00:51:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Apr 2020 00:51:42 GMT
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
1932
Expires
Wed, 07 Apr 2021 00:51:42 GMT
application-desktop
secure.state.co.nz/payment/bundles/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.state.co.nz/payment/bundles/application-desktop?v=UsC8-itacCapQewA5cDvEaYQ58iBrn2U-jioEC2iqIg1?v=1.0.7215.23385
Requested by
Host: secure.state.co.nz
URL: https://secure.state.co.nz/payment
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
202.50.1.200 Auckland, New Zealand, ASN134692 (IAG-NZ-AS IAG New Zealand, NZ),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
ccb5e77f8a30438dd3881f037eafe758583b222d7e190706040e38737dfd3d72

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 07 Apr 2020 00:51:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Apr 2020 00:51:42 GMT
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
1931
Expires
Wed, 07 Apr 2021 00:51:42 GMT
2DF801_3_0.woff2
secure.state.co.nz/payment/Content/fonts/state/ 		60 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.state.co.nz/payment/Content/fonts/state/2DF801_3_0.woff2
Requested by
Host: secure.state.co.nz
URL: https://secure.state.co.nz/payment/bundles/modernizr?v=qVODBytEBVVePTNtSFXgRX0NCEjh9U_Oj8ePaSiRcGg1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
202.50.1.200 Auckland, New Zealand, ASN134692 (IAG-NZ-AS IAG New Zealand, NZ),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
730a0aa33d555b9facb3840c9ec4f079c22091d7b0811e98f2eda448898eecbe

Request headers

Referer
https://secure.state.co.nz/payment/Content/Css/Site-css?v=TfozFv79_gbwAYgmPYoz0nXgm3K5lCCHUM1CSfGhsvQ1?v=1.0.7215.23385
Origin
https://secure.state.co.nz
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 00:51:42 GMT
Last-Modified
Wed, 02 Oct 2019 23:59:04 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"094765e7d79d51:0"
Content-Type
font/ttf
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
61337
gtm.js
www.googletagmanager.com/ 		234 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-34G2
Requested by
Host: secure.state.co.nz
URL: https://secure.state.co.nz/payment
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0f4fa5819f63d90de83f5d2fb30f9ecfc2db0cd580f039fffb28da242ba15f2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 00:51:43 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55109
x-xss-protection
0
last-modified
Tue, 07 Apr 2020 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 Apr 2020 00:51:43 GMT
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbb41ecc6d2acd0eece21878c316fa485339bddb9917cb9ac45c13594cf7c705

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
2DF801_1_0.woff2
secure.state.co.nz/payment/Content/fonts/state/ 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.state.co.nz/payment/Content/fonts/state/2DF801_1_0.woff2
Requested by
Host: secure.state.co.nz
URL: https://secure.state.co.nz/payment
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
202.50.1.200 Auckland, New Zealand, ASN134692 (IAG-NZ-AS IAG New Zealand, NZ),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
0eaee055c5b2d37542f0b6dfd7d04dd71a41fec2cf20c08b99eee09766ed808b

Request headers

Referer
https://secure.state.co.nz/payment/Content/Css/Site-css?v=TfozFv79_gbwAYgmPYoz0nXgm3K5lCCHUM1CSfGhsvQ1?v=1.0.7215.23385
Origin
https://secure.state.co.nz
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 00:51:42 GMT
Last-Modified
Wed, 02 Oct 2019 23:59:04 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"094765e7d79d51:0"
Content-Type
font/ttf
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
58030
2DF801_0_0.woff2
secure.state.co.nz/payment/Content/fonts/state/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.state.co.nz/payment/Content/fonts/state/2DF801_0_0.woff2
Requested by
Host: secure.state.co.nz
URL: https://secure.state.co.nz/payment
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
202.50.1.200 Auckland, New Zealand, ASN134692 (IAG-NZ-AS IAG New Zealand, NZ),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
20bd3b5c3c88e70ffeddce481fc1d7d1a6dffcd58260f7daf811533a3c17878e

Request headers

Referer
https://secure.state.co.nz/payment/Content/Css/Site-css?v=TfozFv79_gbwAYgmPYoz0nXgm3K5lCCHUM1CSfGhsvQ1?v=1.0.7215.23385
Origin
https://secure.state.co.nz
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 00:51:43 GMT
Last-Modified
Wed, 02 Oct 2019 23:59:04 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"094765e7d79d51:0"
Content-Type
font/ttf
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
60559
errormessages
secure.state.co.nz/payment/api/contents/ 		556 B
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.state.co.nz/payment/api/contents/errormessages?_=1586220703908
Requested by
Host: secure.state.co.nz
URL: https://secure.state.co.nz/payment/bundles/jquery?v=B5P_cOUpN2dCFLPRCXPN6-o_kuqc-1DIVvnc31hZayc1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
202.50.1.200 Auckland, New Zealand, ASN134692 (IAG-NZ-AS IAG New Zealand, NZ),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
7c92321037b05ba8e7e23afbd1325b74cf48b19e76e44d3ff1ad4e684583590d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.state.co.nz/payment
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Tue, 07 Apr 2020 00:51:43 GMT
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache
Content-Length
556
Expires
-1
managedcontent
secure.state.co.nz/payment/api/contents/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.state.co.nz/payment/api/contents/managedcontent?_=1586220703909
Requested by
Host: secure.state.co.nz
URL: https://secure.state.co.nz/payment/bundles/jquery?v=B5P_cOUpN2dCFLPRCXPN6-o_kuqc-1DIVvnc31hZayc1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
202.50.1.200 Auckland, New Zealand, ASN134692 (IAG-NZ-AS IAG New Zealand, NZ),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
0a51b89580da16cd4b2b51d9a16fa1ef325e2210931d43d95fe0d9bc9f67b487

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.state.co.nz/payment
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Tue, 07 Apr 2020 00:51:43 GMT
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache
Content-Length
2964
Expires
-1
step1
secure.state.co.nz/payment/template/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.state.co.nz/payment/template/step1
Requested by
Host: secure.state.co.nz
URL: https://secure.state.co.nz/payment/bundles/jquery?v=B5P_cOUpN2dCFLPRCXPN6-o_kuqc-1DIVvnc31hZayc1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
202.50.1.200 Auckland, New Zealand, ASN134692 (IAG-NZ-AS IAG New Zealand, NZ),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
a5449a95a2f7b2bf0df366c76f7a2b89407640432fa50f7918297b2009658175

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://secure.state.co.nz/payment
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 00:51:43 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
4.0
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Cache-Control
private
Content-Length
785
js
www.googletagmanager.com/gtag/ 		110 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VK6RXXQ2F8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-34G2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
716b2c19a35718f38edb10d2b08ca2b6d146cbbee7026b9113071cbe5e1275a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 00:51:44 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
server
Google Tag Manager
access-control-allow-origin
*
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Cache-Control
content-length
40229
x-xss-protection
0
expires
Tue, 07 Apr 2020 00:51:44 GMT
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: secure.state.co.nz
URL: https://secure.state.co.nz/payment
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
cVzU179ch/mJFZgk6ztx0WBe9Aust8CasPFL91HaBpxnrfexQ7LaGa+u4txImLgR2zBI5UISI1n67yzi83oNUA==
x-fb-trip-id
1850256238
date
Tue, 07 Apr 2020 00:51:44 GMT, Tue, 07 Apr 2020 00:51:44 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-34G2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
789
date
Tue, 07 Apr 2020 00:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Tue, 07 Apr 2020 02:38:35 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-34G2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
cafe /
Resource Hash
1cc657c390692096c0fd899fb5ddeb76eb79981db1154ab3decc1e81414516dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 00:51:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
10566
x-xss-protection
0
server
cafe
etag
4103526559094646519
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 07 Apr 2020 00:51:44 GMT
activityi;dc_pre=COOK7MyM1egCFUaZdwodlvkK3A;src=8062289;type=10sta0;cat=10sta0;ord=4297766269918;gtm=2wg3p1;auiddc=1668669891.1586220704;u1=%2Fpayment;u8=undefined;~oref=https%3A%2F%2Fsecure.state....
8062289.fls.doubleclick.net/ Frame AB83
Redirect Chain
  • https://8062289.fls.doubleclick.net/activityi;src=8062289;type=10sta0;cat=10sta0;ord=4297766269918;gtm=2wg3p1;auiddc=1668669891.1586220704;u1=%2Fpayment;u8=undefined;~oref=https%3A%2F%2Fsecure.stat...
  • https://8062289.fls.doubleclick.net/activityi;dc_pre=COOK7MyM1egCFUaZdwodlvkK3A;src=8062289;type=10sta0;cat=10sta0;ord=4297766269918;gtm=2wg3p1;auiddc=1668669891.1586220704;u1=%2Fpayment;u8=undefin...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8062289.fls.doubleclick.net/activityi;dc_pre=COOK7MyM1egCFUaZdwodlvkK3A;src=8062289;type=10sta0;cat=10sta0;ord=4297766269918;gtm=2wg3p1;auiddc=1668669891.1586220704;u1=%2Fpayment;u8=undefined;~oref=https%3A%2F%2Fsecure.state.co.nz%2Fpayment?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-34G2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s14-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8062289.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=COOK7MyM1egCFUaZdwodlvkK3A;src=8062289;type=10sta0;cat=10sta0;ord=4297766269918;gtm=2wg3p1;auiddc=1668669891.1586220704;u1=%2Fpayment;u8=undefined;~oref=https%3A%2F%2Fsecure.state.co.nz%2Fpayment?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://secure.state.co.nz/payment
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
about:blank

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Tue, 07 Apr 2020 00:51:44 GMT
expires
Tue, 07 Apr 2020 00:51:44 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
347
x-xss-protection
0
set-cookie
IDE=AHWqTUlz-kMtPoN3rLg4FHcy7Jy3R0kz_M_IU6AbfCgw6AD5O9IZM_2kjqHYQxCs; expires=Sun, 02-May-2021 00:51:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Tue, 07 Apr 2020 00:51:44 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8062289.fls.doubleclick.net/activityi;dc_pre=COOK7MyM1egCFUaZdwodlvkK3A;src=8062289;type=10sta0;cat=10sta0;ord=4297766269918;gtm=2wg3p1;auiddc=1668669891.1586220704;u1=%2Fpayment;u8=undefined;~oref=https%3A%2F%2Fsecure.state.co.nz%2Fpayment?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
quant.js
secure.quantserve.com/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-34G2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.208 , United Kingdom, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
QS /
Resource Hash
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 07 Apr 2020 00:51:44 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07-Apr-2020 00:51:44 GMT
Server
QS
Etag
M0-56c8c653
Vary
Accept-Encoding
Strict-Transport-Security
max-age=86400
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5651
Expires
Tue, 14 Apr 2020 00:51:44 GMT
B20205933.203163647;sz=1x2;ord=157010361513
ad.doubleclick.net/ddm/adj/N700609.197812NSO.CODESRV/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N700609.197812NSO.CODESRV/B20205933.203163647;sz=1x2;ord=157010361513?
Requested by
Host: secure.state.co.nz
URL: https://secure.state.co.nz/payment
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s14-in-f6.1e100.net
Software
cafe /
Resource Hash
348abdd0488e0981802b0e68a68f731fa1b0d6022c9ac10d05740cd19e19c3b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Tue, 07 Apr 2020 00:51:44 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
7888
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ytc.js
s.yimg.com/wi/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: secure.state.co.nz
URL: https://secure.state.co.nz/payment
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),
Reverse DNS
Software
ATS /
Resource Hash
d9ba2fe346685d07142d6c944b479f618a6f3b0a9b058c79433c07f009e9792e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 00:48:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
200
x-amz-server-side-encryption
AES256
status
200
content-length
5098
strict-transport-security
max-age=15552000
x-amz-request-id
6A0B6FB1DE726708
x-amz-id-2
HzTuH7gQHGpNxqluXDnBjNHTQ7zWj/qlgNtEVirU7w19204zVQTQIJAQNoWGhUygZKTwhXpFUkE=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Wed, 28 Apr 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 23 Mar 2020 15:28:53 GMT
server
ATS
etag
"a6ebaab89ee43301f694e6d7f8f870f4-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
x-amz-version-id
Qwk4VegQEmlh_t7._3sT_AkCjovV3nZb
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
accept-ranges
bytes
content-type
application/javascript
js
www.google-analytics.com/gtm/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-T2XNCTQ&t=gtm3&cid=1274211924.1586220704
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d81a6b96416c0fc534fe4adc58863c0780696aac4dbfedfce12056250d5cc769
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 00:51:44 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
24659
x-xss-protection
0
last-modified
Tue, 07 Apr 2020 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 Apr 2020 00:51:44 GMT
1702415749972790
connect.facebook.net/signals/config/ 		100 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1702415749972790?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3fbd959739c9b33fcd02bd735c636da9a2ae9e009c50d1fcf29734419f410f30
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
QDKzWkqBVuGRuK1l/avkpZpxm4+nylHtGlKMAH/p08NiX5BsN3UKWdu9ZCiBHkiEpAtuzhKOuoTOm2nezCaiEA==
x-fb-trip-id
1850256238
date
Tue, 07 Apr 2020 00:51:44 GMT, Tue, 07 Apr 2020 00:51:44 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
10096907.json
s.yimg.com/wi/config/ 		2 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10096907.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.state.co.nz/payment
Origin
https://secure.state.co.nz
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 07 Apr 2020 00:51:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
status
200
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id
EE72036F0C56AC5F
x-amz-id-2
ajP3U0GpnlxpP0wzDiFMFx3OYZYo+5yyAb+wj9c7IDcoRM+i8xP1KeyeC6mG4Nv0+Fi18b0nuh8=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
22
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 23:54:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
3414
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
859
x-xss-protection
0
expires
Tue, 07 Apr 2020 00:54:50 GMT
collect
www.google-analytics.com/g/ 		35 B
130 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VK6RXXQ2F8&gtm=2oe3p1&_p=12346175&sr=1600x1200&ul=en-us&cid=1274211924.1586220704&_s=1&dl=https%3A%2F%2Fsecure.state.co.nz%2Fpayment&dr=&dt=State%20Insurance%20-%20Online%20Renewal%20Payment&sid=1586220704&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.cookieDomain=auto&ep.allowLinker=true&ep.title=State%20Insurance%20-%20Online%20Renewal%20Payment&ep.hitCallback=function()%7Btry%7Bvar%20a%3Dwindow%5Bwindow.GoogleAnalyticsObject%5D%2Cb%3Ddocument.querySelector(%22%23widget%20%5Cx3e%20div%20%5Cx3e%20div%20%5Cx3e%20iframe%22)%3Bif(a)%7Bvar%20c%3Da.getAll()%5B0%5D%3Bvar%20d%3Dnew%20window.gaplugins.Linker(c)%3Bb.src%3Dd.decorate(b.src)%7D%7Dcatch(e)%7B%7D%7D
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VK6RXXQ2F8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.state.co.nz/payment
Origin
https://secure.state.co.nz
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 07 Apr 2020 00:51:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
https://secure.state.co.nz
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16ca3c71f7f41ecd096ecf140001975efde3f5dc48598ca3f490dd769b3f6b98

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
/
www.facebook.com/tr/ 		44 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1702415749972790&ev=PageView&dl=https%3A%2F%2Fsecure.state.co.nz%2Fpayment%23%2F&rl=&if=false&ts=1586220704122&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=28&fbp=fb.2.1586220704122.1490233059&it=1586220704040&coo=false&rqm=GET
Requested by
Host: secure.state.co.nz
URL: https://secure.state.co.nz/payment
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 00:51:44 GMT, Tue, 07 Apr 2020 00:51:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Tue, 07 Apr 2020 00:51:44 GMT
collect
www.google-analytics.com/ 		35 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=12346175&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.state.co.nz%2Fpayment&ul=en-us&de=UTF-8&dt=State%20Insurance%20-%20Online%20Renewal%20Payment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEAjQ~&jid=1998929638&gjid=1111707603&cid=1274211924.1586220704&tid=UA-1423233-1&_gid=1412444381.1586220704&gtm=2wg3p134G2&cd13=2020-04-07T02%3A51%3A44.81%2B02%3A00&cd15=1586220704081.d1ncaqoh&cd20=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&z=802581799
Requested by
Host: secure.state.co.nz
URL: https://secure.state.co.nz/payment
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sat, 28 Mar 2020 06:21:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
844186
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-1423233-1&cid=1274211924.1586220704&jid=1998929638&gjid=1111707603&_gid=1412444381.1586220704&_u=aGDAgEAjQ~&z=857946380
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1423233-1&cid=1274211924.1586220704&jid=1998929638&_v=j81&z=857946380
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1423233-1&cid=1274211924.1586220704&jid=1998929638&_v=j81&z=857946380&slf_rd=1&random=65619094
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1423233-1&cid=1274211924.1586220704&jid=1998929638&_v=j81&z=857946380&slf_rd=1&random=65619094
Requested by
Host: secure.state.co.nz
URL: https://secure.state.co.nz/payment
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Apr 2020 00:51:44 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Apr 2020 00:51:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1423233-1&cid=1274211924.1586220704&jid=1998929638&_v=j81&z=857946380&slf_rd=1&random=65619094
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1054368105/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1054368105/?random=1586220704140&cv=9&fst=1586220704140&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3p1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecure.state.co.nz%2Fpayment&tiba=State%20Insurance%20-%20Online%20Renewal%20Payment&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20cb7de4b8acff93c55829468208abfaa679b56b837751867ddeb457d9ed234c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Tue, 07 Apr 2020 00:51:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1014
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lidar.js
www.googletagservices.com/activeview/js/current/ 		75 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N700609.197812NSO.CODESRV/B20205933.203163647;sz=1x2;ord=157010361513?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5cbf7fa728265f1f58c49f38f029d3ed0cf5040363bc3c11259dd21c346efae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 00:51:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1585953408266222"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
27858
x-xss-protection
0
expires
Tue, 07 Apr 2020 00:51:44 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
719 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvowPrWteYo_YNqfYCR0VjFBW36RK7rKfq1R6vqjWmuMLey5ZrN-AvzPguuHkVHtthGdZ8OnJwzNpFUE8Ol2B0oJkvt5lYbQwZ3-z-lo6lFRJgf4pTIXOSjcUPhyljPxA&sig=Cg0ArKJSzM-R4MHanOQqEAE&urlfix=1&omid=0&rm=1&ctpt=0&cisv=r20200402.81366&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N700609.197812NSO.CODESRV/B20205933.203163647;sz=1x2;ord=157010361513?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.state.co.nz/payment
Origin
https://secure.state.co.nz
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 07 Apr 2020 00:51:44 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/1054368105/ 		42 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1054368105/?random=1586220704140&cv=9&fst=1586217600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3p1&sendb=1&frm=0&url=https%3A%2F%2Fsecure.state.co.nz%2Fpayment&tiba=State%20Insurance%20-%20Online%20Renewal%20Payment&async=1&fmt=3&is_vtc=1&random=3317802493&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: secure.state.co.nz
URL: https://secure.state.co.nz/payment
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 07 Apr 2020 00:51:44 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1054368105/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1054368105/?random=1586220704140&cv=9&fst=1586217600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3p1&sendb=1&frm=0&url=https%3A%2F%2Fsecure.state.co.nz%2Fpayment&tiba=State%20Insurance%20-%20Online%20Renewal%20Payment&async=1&fmt=3&is_vtc=1&random=3317802493&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: secure.state.co.nz
URL: https://secure.state.co.nz/payment
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 07 Apr 2020 00:51:44 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-6cVfTEbFEXTxz.js
rules.quantcount.com/ 		1 KB
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6cVfTEbFEXTxz.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e04bcd07e92466c3dfc390d2bb2514fd7c60e2cd7f9ecca73a077a1a86555bd

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 00:51:45 GMT
content-encoding
gzip
last-modified
Mon, 13 Jan 2020 22:59:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-id
9MdCGB_ASlVqKHnEB3-qazd3LUxYR8-IK-gO6fx3Ksy3nwc55Ky3hg==
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
truncated
/ 		452 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d47bb101a990bf0469408e2b68008c1e8f0646c2192e8da76caba11edfc252a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
2DF801_2_0.woff2
secure.state.co.nz/payment/Content/fonts/state/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.state.co.nz/payment/Content/fonts/state/2DF801_2_0.woff2
Requested by
Host: secure.state.co.nz
URL: https://secure.state.co.nz/payment
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
202.50.1.200 Auckland, New Zealand, ASN134692 (IAG-NZ-AS IAG New Zealand, NZ),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
cd4a569a91fd47eaff8d02a71c4cc863702fd73322c9d70be888bc80e334bdb8

Request headers

Referer
https://secure.state.co.nz/payment/Content/Css/Site-css?v=TfozFv79_gbwAYgmPYoz0nXgm3K5lCCHUM1CSfGhsvQ1?v=1.0.7215.23385
Origin
https://secure.state.co.nz
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 00:51:43 GMT
Last-Modified
Wed, 02 Oct 2019 23:59:04 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"094765e7d79d51:0"
Content-Type
font/ttf
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
60454
pixel;r=1375548519;source=gtm;event=refresh;labels=_fp.event.Default;rf=0;a=p-6cVfTEbFEXTxz;url=https%3A%2F%2Fsecure.state.co.nz%2Fpayment%23%2F;fpan=1;fpa=P0-119349092-1586220704301;ns=0;ce=1;qjs=...
pixel.quantserve.com/ 		35 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1375548519;source=gtm;event=refresh;labels=_fp.event.Default;rf=0;a=p-6cVfTEbFEXTxz;url=https%3A%2F%2Fsecure.state.co.nz%2Fpayment%23%2F;fpan=1;fpa=P0-119349092-1586220704301;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1586220704301;tzo=-120;ogl=
Requested by
Host: secure.state.co.nz
URL: https://secure.state.co.nz/payment
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.203 , United Kingdom, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Tue, 07 Apr 2020 00:51:44 GMT
Server
QS
Strict-Transport-Security
max-age=86400
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
bat.js
bat.bing.com/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-34G2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0d0cbd713d59b1214b24864c2d86699c88d951162983b8e20011a8738be20589

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 00:51:44 GMT
content-encoding
gzip
last-modified
Thu, 19 Mar 2020 02:21:04 GMT
x-msedge-ref
Ref A: A59722EE9C124D41A2AAB592A1B3B562 Ref B: FRAEDGE0320 Ref C: 2020-04-07T00:51:44Z
access-control-allow-origin
*
etag
"0682da95fdd51:0"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7461
monsido.js
cdn.monsido.com/tool/javascripts/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.monsido.com/tool/javascripts/monsido.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-34G2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:a600:3:4b74:18c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
17dd560fed5a0713a3f47f70269fe1d3f9e1cdc3bc47fbcd114c6ebcb56d295f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-rack-cors
miss; no-origin
x-runtime
0.092352
date
Mon, 06 Apr 2020 12:28:49 GMT
via
1.1 google, 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
76290
etag
W/"95aa7108c2cdd34eea557363b38dee0f"
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=86400, public
x-amz-cf-pop
FRA50-C1
content-length
2352
x-amz-cf-id
TSQ0r-lC_g5-3c90GKb5XXGuyLt8a8yC7gcztaW7ny1Kek-Wp8c9HA==
x-request-id
692e195d-4aa2-444a-839b-79edacb29f9c
0
bat.bing.com/action/ 		0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5320573&Ver=2&mid=eec59ca1-f703-a9c3-de0d-58a3a2ac7828&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=State%20Insurance%20-%20Online%20Renewal%20Payment&p=https%3A%2F%2Fsecure.state.co.nz%2Fpayment%23%2F&r=&lt=4611&evt=pageLoad&msclkid=N&rn=168150
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
204
pragma
no-cache
date
Tue, 07 Apr 2020 00:51:44 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 71A8ECF2B6AF48D0925F2095A888449D Ref B: FRAEDGE0320 Ref C: 2020-04-07T00:51:44Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
tracking.monsido.com/ 		43 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.monsido.com/?a=uGvRSyhqMlphK4G63z-KUw&b=https%3A%2F%2Fsecure.state.co.nz%2Fpayment%23%2F&c=1A81586220705001&d=1600x1200&e=&f=6611586220705001&g=3610&h=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:891c:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://secure.state.co.nz/payment
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 00:51:45 GMT
via
1.1 google
content-type
image/gif
status
200
cache-control
private, no-store, max-age=0
alt-svc
clear
content-length
43
expires
2020-04-07T00:51:45Z
collect
www.google-analytics.com/g/ 		35 B
111 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VK6RXXQ2F8&gtm=2oe3p1&_p=12346175&sr=1600x1200&ul=en-us&cid=1274211924.1586220704&_s=2&dl=https%3A%2F%2Fsecure.state.co.nz%2Fpayment&dr=&dt=State%20Insurance%20-%20Online%20Renewal%20Payment&sid=1586220704&sct=1&seg=0&en=scroll&_et=869&ep.cookieDomain=auto&ep.allowLinker=true&ep.title=State%20Insurance%20-%20Online%20Renewal%20Payment&ep.hitCallback=function()%7Btry%7Bvar%20a%3Dwindow%5Bwindow.GoogleAnalyticsObject%5D%2Cb%3Ddocument.querySelector(%22%23widget%20%5Cx3e%20div%20%5Cx3e%20div%20%5Cx3e%20iframe%22)%3Bif(a)%7Bvar%20c%3Da.getAll()%5B0%5D%3Bvar%20d%3Dnew%20window.gaplugins.Linker(c)%3Bb.src%3Dd.decorate(b.src)%7D%7Dcatch(e)%7B%7D%7D&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VK6RXXQ2F8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.state.co.nz/payment
Origin
https://secure.state.co.nz
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 07 Apr 2020 00:51:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
https://secure.state.co.nz
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| html5 object| Modernizr function| $ function| jQuery object| jQuery1124011029965211421522 object| ko function| Sammy function| _ object| DAL object| viewMediators object| viewModels object| common function| namespace object| Iag object| payment object| validations object| dataLayer object| app function| _headerText object| google_tag_manager function| fbq function| _fbq string| GoogleAnalyticsObject function| ga object| _qevents number| randomNumber object| scriptTag object| insertionNode string| conversionTag object| iagDataLayer object| dotq object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| YAHOO object| google_optimize function| onYouTubeIframeAPIReady function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| clsn object| dicnf function| btrp function| pdib3 function| vv function| stcc function| quantserve function| __qc object| ezt object| _qoptions object| google_js_reporting_queue number| __google_lidar_ function| __google_lidar_radf_ object| uetq object| _monsido function| UET string| monsidoTrackingUrl string| monsidoEnv

8 Cookies

Domain/Path Name / Value
.state.co.nz/ Name: _fbp
Value: fb.2.1586220704122.1490233059
.doubleclick.net/ Name: IDE
Value: AHWqTUlz-kMtPoN3rLg4FHcy7Jy3R0kz_M_IU6AbfCgw6AD5O9IZM_2kjqHYQxCs
.state.co.nz/ Name: _dc_gtm_UA-1423233-1
Value: 1
.state.co.nz/ Name: _gcl_au
Value: 1.1.1668669891.1586220704
.state.co.nz/ Name: _ga_VK6RXXQ2F8
Value: GS1.1.1586220704.1.0.1586220704.0
.state.co.nz/ Name: _ga
Value: GA1.1.1274211924.1586220704
.secure.state.co.nz/ Name: __qca
Value: P0-119349092-1586220704301
.state.co.nz/ Name: _gid
Value: GA1.3.1412444381.1586220704

1 Console Messages

Source Level URL
Text
console-api log URL: https://secure.state.co.nz/payment/bundles/jquery?v=B5P_cOUpN2dCFLPRCXPN6-o_kuqc-1DIVvnc31hZayc1(Line 1)
Message:
[Tue Apr 07 2020 02:51:43 GMT+0200 (Central European Summer Time)] body runRoute get /payment#/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8062289.fls.doubleclick.net
ad.doubleclick.net
bat.bing.com
cdn.monsido.com
connect.facebook.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
pixel.quantserve.com
rules.quantcount.com
s.yimg.com
secure.quantserve.com
secure.state.co.nz
stats.g.doubleclick.net
tracking.monsido.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
172.217.22.2
172.217.22.6
172.217.23.98
202.50.1.200
2600:1901:0:891c::
2600:9000:20eb:800:6:44e3:f8c0:93a1
2600:9000:2156:a600:3:4b74:18c0:93a1
2620:1ec:c11::200
2a00:1288:f03d:1fa::4000
2a00:1450:4001:808::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:817::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
91.228.74.203
91.228.74.208
0a51b89580da16cd4b2b51d9a16fa1ef325e2210931d43d95fe0d9bc9f67b487
0d0cbd713d59b1214b24864c2d86699c88d951162983b8e20011a8738be20589
0eaee055c5b2d37542f0b6dfd7d04dd71a41fec2cf20c08b99eee09766ed808b
0f4fa5819f63d90de83f5d2fb30f9ecfc2db0cd580f039fffb28da242ba15f2f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16ca3c71f7f41ecd096ecf140001975efde3f5dc48598ca3f490dd769b3f6b98
17dd560fed5a0713a3f47f70269fe1d3f9e1cdc3bc47fbcd114c6ebcb56d295f
1cc657c390692096c0fd899fb5ddeb76eb79981db1154ab3decc1e81414516dd
20bd3b5c3c88e70ffeddce481fc1d7d1a6dffcd58260f7daf811533a3c17878e
20cb7de4b8acff93c55829468208abfaa679b56b837751867ddeb457d9ed234c
348abdd0488e0981802b0e68a68f731fa1b0d6022c9ac10d05740cd19e19c3b6
3fbd959739c9b33fcd02bd735c636da9a2ae9e009c50d1fcf29734419f410f30
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5d8bc838393262ade17656b1ac75cdaa7ea8e38fd75e05a20ce18a3bf3b1ec99
5e04bcd07e92466c3dfc390d2bb2514fd7c60e2cd7f9ecca73a077a1a86555bd
716b2c19a35718f38edb10d2b08ca2b6d146cbbee7026b9113071cbe5e1275a1
730a0aa33d555b9facb3840c9ec4f079c22091d7b0811e98f2eda448898eecbe
7c92321037b05ba8e7e23afbd1325b74cf48b19e76e44d3ff1ad4e684583590d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d47bb101a990bf0469408e2b68008c1e8f0646c2192e8da76caba11edfc252a
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a5449a95a2f7b2bf0df366c76f7a2b89407640432fa50f7918297b2009658175
bbb41ecc6d2acd0eece21878c316fa485339bddb9917cb9ac45c13594cf7c705
c037ce928484501a06594d3a23a2fceb9da4bdff02165ee3fd3d92e55cafe51e
c23b28ae2f26e77efb892e785d5bb4f04fc17e505478845b65b772a7e817e52c
ccb5e77f8a30438dd3881f037eafe758583b222d7e190706040e38737dfd3d72
cd4a569a91fd47eaff8d02a71c4cc863702fd73322c9d70be888bc80e334bdb8
cda5ab1536a276dc29494a38edb57e15351c55d8cfc38665cd2bb718cf2ec657
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d81a6b96416c0fc534fe4adc58863c0780696aac4dbfedfce12056250d5cc769
d9ba2fe346685d07142d6c944b479f618a6f3b0a9b058c79433c07f009e9792e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c283757f4c989d17cc064ae4a058b466a4b912356adaab87f06da80b7da39f
e5cbf7fa728265f1f58c49f38f029d3ed0cf5040363bc3c11259dd21c346efae
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3857470caccc86cd7e0e57258c07d7184f8767889a288a606e180dc4d343063