urlscan.io logo urlscan.io
SecurityTrails logo

www.kiwibank.co.nz Open in urlscan Pro
203.134.79.57  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mykiwibank.co.nz/
Effective URL: https://www.kiwibank.co.nz/personal-banking/
Submission: On August 13 via automatic, source certstream-suspicious — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 3 countries across 15 domains to perform 58 HTTP transactions. The main IP is 203.134.79.57, located in Sydney, Australia and belongs to VOCUS-RETAIL-AU Vocus Retail, AU. The main domain is www.kiwibank.co.nz.
TLS certificate: Issued by DigiCert EV RSA CA G2 on August 18th 2023. Valid for: a year.
This is the only time www.kiwibank.co.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.153.183.151 16509 (AMAZON-02)
1 22 203.134.79.57 9443 (VOCUS-RET...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2404:6800:400... 15169 (GOOGLE)
4 203.134.79.59 9443 (VOCUS-RET...)
2 2404:6800:400... 15169 (GOOGLE)
2 34.49.241.189 396982 (GOOGLE-CL...)
2 2404:6800:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2600:1415:3c0... 20940 (AKAMAI-ASN1)
2 142.250.204.6 15169 (GOOGLE)
2 18.211.190.159 14618 (AMAZON-AES)
4 6 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
2 172.217.24.34 15169 (GOOGLE)
1 142.250.204.2 15169 (GOOGLE)
1 2 142.250.66.230 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 142.250.66.227 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
58 22
1    54.153.183.151 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-153-183-151.ap-southeast-2.compute.amazonaws.com
mykiwibank.co.nz
22    203.134.79.57 (Sydney, Australia)

ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU)
PTR: 57.79.134.203.core.vocus.network
www.kiwibank.co.nz
media.kiwibank.co.nz
1    2606:4700::6812:4239 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.optimizely.com
1    2606:4700::6812:4139 (United States)

ASN13335 (CLOUDFLARENET, US)
a25750620975.cdn.optimizely.com
4    2404:6800:4006:811::2008 (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    203.134.79.59 (Sydney, Australia)

ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU)
PTR: 59.79.134.203.core.vocus.network
media.kiwibank.co.nz
rates.kiwibank.co.nz
2    2404:6800:4006:80f::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.youtube.com
2    34.49.241.189 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.241.49.34.bc.googleusercontent.com
logx.optimizely.com
2    2404:6800:4006:80b::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f019:116:face:b00c:0:3 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2600:1415:3c00::1730:6012 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    142.250.204.6 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f6.1e100.net
ad.doubleclick.net
2    18.211.190.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-190-159.compute-1.amazonaws.com
7295740.collect.igodigital.com
nova.collect.igodigital.com
6    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    172.217.24.34 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f34.1e100.net
pagead2.googlesyndication.com
1    142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net
googleads4.g.doubleclick.net
2    142.250.66.230 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f6.1e100.net
4529611.fls.doubleclick.net
2    2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2404:6800:4003:c1a::9b (Singapore, Singapore)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.66.227 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f3.1e100.net
www.google.co.nz
2    2a03:2880:f119:8083:face:b00c:0:25de (Sydney, Australia)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
26 kiwibank.co.nz
www.kiwibank.co.nz
media.kiwibank.co.nz
rates.kiwibank.co.nz
819 KB
7 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 669
www.linkedin.com — Cisco Umbrella Rank: 914
px4.ads.linkedin.com — Cisco Umbrella Rank: 7330
4 KB
7 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 210
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 1000
4529611.fls.doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
17 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
422 KB
4 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 1042
a25750620975.cdn.optimizely.com
logx.optimizely.com — Cisco Umbrella Rank: 2460
102 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
5 KB
2 google.com
analytics.google.com — Cisco Umbrella Rank: 238
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
68 KB
2 igodigital.com
7295740.collect.igodigital.com
nova.collect.igodigital.com — Cisco Umbrella Rank: 8949
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
76 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 84
13 KB
1 google.co.nz
www.google.co.nz — Cisco Umbrella Rank: 20621
63 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1884
14 KB
1 mykiwibank.co.nz
mykiwibank.co.nz
158 B
58 15
Domain Requested by
21 media.kiwibank.co.nz www.kiwibank.co.nz
media.kiwibank.co.nz
5 px.ads.linkedin.com 3 redirects snap.licdn.com
4 www.googletagmanager.com www.kiwibank.co.nz
www.googletagmanager.com
4 www.kiwibank.co.nz 1 redirects www.kiwibank.co.nz
2 www.facebook.com www.kiwibank.co.nz
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 analytics.google.com www.googletagmanager.com
2 4529611.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 pagead2.googlesyndication.com ad.doubleclick.net
2 ad.doubleclick.net www.kiwibank.co.nz
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 logx.optimizely.com cdn.optimizely.com
2 www.youtube.com media.kiwibank.co.nz
www.youtube.com
1 nova.collect.igodigital.com www.kiwibank.co.nz
1 www.google.co.nz www.kiwibank.co.nz
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 px4.ads.linkedin.com www.kiwibank.co.nz
1 www.linkedin.com 1 redirects
1 7295740.collect.igodigital.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 rates.kiwibank.co.nz media.kiwibank.co.nz
1 a25750620975.cdn.optimizely.com cdn.optimizely.com
1 cdn.optimizely.com www.kiwibank.co.nz
1 mykiwibank.co.nz 1 redirects
58 25

This site contains links to these domains. Also see Links.

Domain
www.ib.kiwibank.co.nz
www.facebook.com
www.instagram.com
nz.linkedin.com
Subject Issuer Validity Valid
www.kiwibank.co.nz
DigiCert EV RSA CA G2		 2023-08-18 -
2024-09-17		 a year crt.sh
cdn.optimizely.com
WE1		 2024-06-25 -
2024-09-23		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
logx.optimizely.com
WR3		 2024-07-20 -
2024-10-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-22 -
2024-08-20		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
*.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.collect.igodigital.com
Amazon RSA 2048 M03		 2023-11-15 -
2024-12-14		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-07-01 -
2025-01-01		 6 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.co.nz
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.kiwibank.co.nz/personal-banking/
Frame ID: EF6DE7C3B568A3B3886E32BB5B79BDCE
Requests: 60 HTTP requests in this frame

Frame: https://a25750620975.cdn.optimizely.com/client_storage/a25750620975.html
Frame ID: 453AF56E7075549E5E0E5C76C4438EF8
Requests: 1 HTTP requests in this frame

Frame: https://4529611.fls.doubleclick.net/activityi;dc_pre=CM254JjE8YcDFeYQtwAdKHIzsg;src=4529611;type=kiwib0;cat=kiwib00;ord=1;num=2761694393972;npa=0;auiddc=776791622.1723537141;u1=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F;ps=1;pcor=1756407864;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9179784172z8810372621za201zb810372621;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F
Frame ID: E185882FA671C2EF2D430AEB0A53E548
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Kiwibank - 100% Kiwi owned

Page URL History Show full URLs

  1. https://mykiwibank.co.nz/ HTTP 301
    https://www.kiwibank.co.nz/ HTTP 301
    https://www.kiwibank.co.nz/personal-banking/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js

Page Statistics

58
Requests

98 %
HTTPS

50 %
IPv6

15
Domains

25
Subdomains

22
IPs

3
Countries

1560 kB
Transfer

4661 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mykiwibank.co.nz/ HTTP 301
    https://www.kiwibank.co.nz/ HTTP 301
    https://www.kiwibank.co.nz/personal-banking/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=91072&time=1723537141122&li_adsId=b6845c8b-9259-43a9-b87c-f47536e4e938&url=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F&tm=gtmv2 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=91072&time=1723537141122&li_adsId=b6845c8b-9259-43a9-b87c-f47536e4e938&url=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F&tm=gtmv2&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D91072%26time%3D1723537141122%26li_adsId%3Db6845c8b-9259-43a9-b87c-f47536e4e938%26url%3Dhttps%253A%252F%252Fwww.kiwibank.co.nz%252Fpersonal-banking%252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=91072&time=1723537141122&li_adsId=b6845c8b-9259-43a9-b87c-f47536e4e938&url=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=91072&time=1723537141122&li_adsId=b6845c8b-9259-43a9-b87c-f47536e4e938&url=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJN9lSyDB-hOQAAAZFK0bFQFO_0RwzjeJPOXAt3zHcZfz4_nhUNeAU09k3VZOpF4Hva6GS1
Request Chain 47
  • https://4529611.fls.doubleclick.net/activityi;src=4529611;type=kiwib0;cat=kiwib00;ord=1;num=2761694393972;npa=0;auiddc=776791622.1723537141;u1=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F;ps=1;pcor=1756407864;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9179784172z8810372621za201zb810372621;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F HTTP 302
  • https://4529611.fls.doubleclick.net/activityi;dc_pre=CM254JjE8YcDFeYQtwAdKHIzsg;src=4529611;type=kiwib0;cat=kiwib00;ord=1;num=2761694393972;npa=0;auiddc=776791622.1723537141;u1=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F;ps=1;pcor=1756407864;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9179784172z8810372621za201zb810372621;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.kiwibank.co.nz/personal-banking/
Redirect Chain
  • https://mykiwibank.co.nz/
  • https://www.kiwibank.co.nz/
  • https://www.kiwibank.co.nz/personal-banking/
459 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kiwibank.co.nz/personal-banking/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
57.79.134.203.core.vocus.network
Software
/
Resource Hash
841c1e6df9bf8499942d1a3cc2a0dc7e1d0fce2366cbde2cbbe19193a5c22049
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ak-test
true
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
content-type
text/html; charset=utf-8
date
Tue, 13 Aug 2024 08:18:59 GMT
etag
"93d24a4bcf57a5123f7865964a0ca47a"
expires
Tue, 13 Aug 2024 08:18:59 GMT
last-modified
Wed, 07 Aug 2024 21:39:49 GMT
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-akamai-transformed
9 59277 0 pmb=mTOE,2
x-amz-cf-id
aeXINMYodKfaGDqKcbJvdliiEw43MK_-ogvYsfHCsNlfg4VRQzw8FQ==
x-amz-cf-pop
SYD62-P1
x-amz-version-id
kh5OOfMvhvawKoq4XhNsvmLju05v2B2T
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

ak-test
true
cache-control
max-age=0, no-cache, no-store
content-length
0
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
date
Tue, 13 Aug 2024 08:18:59 GMT
expires
Tue, 13 Aug 2024 08:18:59 GMT
location
/personal-banking/
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
8tJbnyDVfj7mND7xtrzCMmWQtODbEK0QJ7-E5pc3xAOoAeESdZbv8w==
x-amz-cf-pop
SYD62-P1
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
25879750142.js
cdn.optimizely.com/js/ 		404 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/25879750142.js
Requested by
Host: www.kiwibank.co.nz
URL: https://www.kiwibank.co.nz/personal-banking/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f2f520ddc00e7cd327596aaeff572c98b8e35ca16deb9ed8a58c45b2a5a88ae

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
date
Tue, 13 Aug 2024 08:18:59 GMT
content-encoding
gzip
x-amz-version-id
1AYx9AsCob6PK6enwIieEPl9mKhHQENJ
cf-cache-status
HIT
x-amz-request-id
DMRY0PEJ0BVWHCH6
age
166
x-amz-server-side-encryption
AES256
x-amz-meta-revision
7515
x-amz-replication-status
PENDING
content-length
103530
x-amz-id-2
xv1+oh8icqIMOEZD6m2fLIT0/YJ0Yo1PHVrl+yhBBKJaAg2KmMTAyQWgYuh7nT/nNriYtW4hltE=
last-modified
Mon, 12 Aug 2024 02:58:11 GMT
server
cloudflare
etag
"aa140761411f96930811222a11561195"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
access-control-allow-credentials
false
access-control-max-age
86400
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
cf-ray
8b274711ae1950ad-AKL
index.js
media.kiwibank.co.nz/static/js/ 		778 KB
221 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.kiwibank.co.nz/static/js/index.js
Requested by
Host: www.kiwibank.co.nz
URL: https://www.kiwibank.co.nz/personal-banking/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
57.79.134.203.core.vocus.network
Software
/
Resource Hash
2ff1aaf00d87cf9bdbafb0058acf73b664cc0d54914e14ba9421badc5d7f052d
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
AkCpmk98CFuaNZWA1RimBkaqGMBf805C
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 08:18:59 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
content-length
224485
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Jul 2024 03:11:55 GMT
etag
W/"c9b695b62b8d98d9fdd67bb92191c6ee"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
ak-test
true
cache-control
public, max-age=358
x-amz-cf-id
E24lL-VtBAwoXPhDlmle2YOrbW4mfhE9b4q2JiTus5HznnA2GP6FkA==
index.css
media.kiwibank.co.nz/static/js/ 		311 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://media.kiwibank.co.nz/static/js/index.css
Requested by
Host: www.kiwibank.co.nz
URL: https://www.kiwibank.co.nz/personal-banking/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
57.79.134.203.core.vocus.network
Software
/
Resource Hash
60557e4fd3e6fe02d969a992a814a87da77e4a133c68ee7fe490094446d10380
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
pmCoEMIZrgYYq8_5OaVbgF0aBM6q1ymT
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 08:18:59 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
content-length
48506
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Jul 2024 03:11:54 GMT
etag
W/"1e50dedfb3e4d76ae6d3c061c690a1cb"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
ak-test
true
cache-control
public, max-age=417
x-amz-cf-id
16mM3kr-aYawSL9UkBX5VvTj-xYk2GVEeJykMTRwA9B2DWiH5337Qg==
396d4feb
www.kiwibank.co.nz/akam/13/ 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kiwibank.co.nz/akam/13/396d4feb
Requested by
Host: www.kiwibank.co.nz
URL: https://www.kiwibank.co.nz/personal-banking/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
57.79.134.203.core.vocus.network
Software
/
Resource Hash
f5d839c7d87910f7477b77c8e63bf4df009223b255eb7cd432e525ca9d7adbcb
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kiwibank.co.nz/personal-banking/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:19:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
strict-transport-security
max-age=31536000; includeSubDomains
content-length
8578
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 22 Feb 2024 19:41:33 GMT
etag
"fd120eb1830aac495843951a8b8b07f3254052f8930b572b0b832f577383a2f1"
stored-attribute-sha-checksum
f5d839c7d87910f7477b77c8e63bf4df009223b255eb7cd432e525ca9d7adbcb
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
ak-test
true
cache-control
max-age=21600
expires
Tue, 13 Aug 2024 08:19:00 GMT
St_lukes_branch_natural_language_.2e16d0ba.fill-768x530.webp
media.kiwibank.co.nz/media/images/ 		17 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.kiwibank.co.nz/media/images/St_lukes_branch_natural_language_.2e16d0ba.fill-768x530.webp
Requested by
Host: www.kiwibank.co.nz
URL: https://www.kiwibank.co.nz/personal-banking/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
57.79.134.203.core.vocus.network
Software
/
Resource Hash
ebad94c28ae40a01cf20db25c1bc13fd7681ca14c7aca146bd95fb9232fbb13f
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
fHHEDPbeVwgdKrkZtJtUTrPN4LssThGs
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 08:18:59 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
content-length
16950
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Jul 2024 03:03:32 GMT
etag
"3419083ddc1f54ad02b248a97ee5b804"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/octet-stream
ak-test
true
cache-control
public, max-age=658
accept-ranges
bytes
x-amz-cf-id
wv4CkJhc5OpEke14l_cj0173-ILSGKQu1P86eNWHd5vD5tpbc40VhA==
St_lukes_branch_natural_language.2e16d0ba.fill-1536x800.webp
media.kiwibank.co.nz/media/images/ 		48 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.kiwibank.co.nz/media/images/St_lukes_branch_natural_language.2e16d0ba.fill-1536x800.webp
Requested by
Host: www.kiwibank.co.nz
URL: https://www.kiwibank.co.nz/personal-banking/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
57.79.134.203.core.vocus.network
Software
/
Resource Hash
8526828eaedcb2a9b5a5ab4360839f8f97b07162f3d49c868af771c62ca0a8da
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
zHwZRX0SarEdMo64APiohUIamQOpKLWI
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 08:18:59 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
content-length
49544
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Jul 2024 03:03:32 GMT
etag
"96f6e0c6a690794579865e6769e0c68a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/octet-stream
ak-test
true
cache-control
public, max-age=699
accept-ranges
bytes
x-amz-cf-id
B7e8PSrj4hDnKwBLiFZtL4jybxi3a1-L9k7CR-wHXWuASacrZ7-FzA==
Family_in_pool_1across.2e16d0ba.fill-960x500.webp
media.kiwibank.co.nz/media/images/ 		44 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.kiwibank.co.nz/media/images/Family_in_pool_1across.2e16d0ba.fill-960x500.webp
Requested by
Host: www.kiwibank.co.nz
URL: https://www.kiwibank.co.nz/personal-banking/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
57.79.134.203.core.vocus.network
Software
/
Resource Hash
a80d86445f42dc5dfe47b9186cb32165fa08a412d7c01ad0744ec72d2cea7aa1
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
Onl6j7mUDQYBPaVGq9JDX5uNJIRC6EXP
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 08:18:59 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
content-length
45483
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Jul 2024 02:55:41 GMT
etag
"ca22cae625b06cddbaf4d71939475afb"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/octet-stream
ak-test
true
cache-control
public, max-age=418
accept-ranges
bytes
x-amz-cf-id
hBSmPXkf4XNhMvZOMlVxXON2SObrNEvDVmdy6g3F_zi3Xyq6S7tXPw==
a25750620975.html
a25750620975.cdn.optimizely.com/client_storage/ Frame 453A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a25750620975.cdn.optimizely.com/client_storage/a25750620975.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/25879750142.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.kiwibank.co.nz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
582
cache-control
max-age=120
cf-cache-status
HIT
cf-ray
8b274713be81a888-SYD
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 13 Aug 2024 08:18:59 GMT
last-modified
Mon, 12 Aug 2024 02:58:04 GMT
server
cloudflare
vary
Accept-Encoding
x-amz-id-2
J2Wh1PIHpy8pTZEyIDCM2KAgVGI9fHPjwb5xy1er3F5D+6wGptfSVmR/Kc4a4KvWwsi7u0Njq5k=
x-amz-meta-pci_enabled
False
x-amz-replication-status
COMPLETED
x-amz-request-id
BT4CAB85GZA19BSW
x-amz-server-side-encryption
AES256
x-amz-version-id
f4jAZ7UfL_Mz_GwpV8vfg6WACzr7aBrP
gtm.js
www.googletagmanager.com/ 		561 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K99LDZH
Requested by
Host: www.kiwibank.co.nz
URL: https://www.kiwibank.co.nz/personal-banking/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:811::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ff5bdbc51b734d8503166e388e6739fee8d294a5f84265bb9fdd93632e9ed09f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:19:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134929
x-xss-protection
0
last-modified
Tue, 13 Aug 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 13 Aug 2024 08:19:00 GMT
truncated
/ 		344 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce493fd038b886970b0e53c9ed2e7c375c6730269ac3427567830ccfb3f4f081

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		368 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7865d97da648c588b3a7159603e22e07e5b49ae4a7bbdc4a832e4dcd4b8397fd

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
ab8dce4e67a38a808df9.woff2
media.kiwibank.co.nz/static/js/ 		33 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.kiwibank.co.nz/static/js/ab8dce4e67a38a808df9.woff2
Requested by
Host: media.kiwibank.co.nz
URL: https://media.kiwibank.co.nz/static/js/index.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.134.79.59 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
59.79.134.203.core.vocus.network
Software
/
Resource Hash
eab4cb1f9377b0cd9abb73d9736629c4723a4545e9616f0056562902b7f27d46
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://media.kiwibank.co.nz/static/js/index.css
Origin
https://www.kiwibank.co.nz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
62FNSyGecwgLCSXFiuH.7zytwdXZpHBZ
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 08:18:59 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
content-length
34222
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 09 Jun 2022 04:44:09 GMT
etag
"e846cd09bd660043c688e01cc16a48dc"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/octet-stream
access-control-max-age
3000
access-control-allow-methods
GET
cache-control
public, max-age=18
access-control-allow-origin
*
ak-test
true
accept-ranges
bytes
x-amz-cf-id
gAz7P3CrvwYnGJfzA8kU80pIMV_K5zV1bMaXBmtGB-fJen2rJD8YCg==
d51e96ced54a5d2a7949.woff2
media.kiwibank.co.nz/static/js/ 		34 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.kiwibank.co.nz/static/js/d51e96ced54a5d2a7949.woff2
Requested by
Host: media.kiwibank.co.nz
URL: https://media.kiwibank.co.nz/static/js/index.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.134.79.59 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
59.79.134.203.core.vocus.network
Software
/
Resource Hash
c99da29ec882f68a808f9b1e1d91f6c15c5b35fa139c03a23f47865bb90bfd4e
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://media.kiwibank.co.nz/static/js/index.css
Origin
https://www.kiwibank.co.nz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
e8NEg4tQrcCKNPTu_X8ShvV3uoEdT6Nz
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 08:18:59 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
content-length
34714
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 09 Jun 2022 04:44:11 GMT
etag
"0397cdd47f9e648c8fdaccf71005f3ea"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/octet-stream
access-control-max-age
3000
access-control-allow-methods
GET
cache-control
public, max-age=484
access-control-allow-origin
*
ak-test
true
accept-ranges
bytes
x-amz-cf-id
Ftr9d2kFswyc5mf_3ABgyUHbpLwaLqAc1V3rdhvv_SxLeAPI94cJug==
722851d4299c69fce6fb.woff2
media.kiwibank.co.nz/static/js/ 		33 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.kiwibank.co.nz/static/js/722851d4299c69fce6fb.woff2
Requested by
Host: media.kiwibank.co.nz
URL: https://media.kiwibank.co.nz/static/js/index.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.134.79.59 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
59.79.134.203.core.vocus.network
Software
/
Resource Hash
2b54c7a6706d32c4e4fe14c595fa80ef9b418d17c30d2141e533de941f4f04e6
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://media.kiwibank.co.nz/static/js/index.css
Origin
https://www.kiwibank.co.nz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
VliPFfTdl8bUYg8H4cmoKdenyGO_2jX1
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 08:18:59 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
content-length
33845
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 09 Jun 2022 04:44:08 GMT
etag
"b7fbf122fd20f12e85d30d08332435e3"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/octet-stream
access-control-max-age
3000
access-control-allow-methods
GET
cache-control
public, max-age=479
access-control-allow-origin
*
ak-test
true
accept-ranges
bytes
x-amz-cf-id
QveiFFymia1TD5O8oSiVnLmYyfGLENEp_GVEPJv3N9ExeHIE-KP_ow==
Co_own_friends_on_grass_728x728.2e16d0ba.fill-600x600.webp
media.kiwibank.co.nz/media/images/ 		115 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.kiwibank.co.nz/media/images/Co_own_friends_on_grass_728x728.2e16d0ba.fill-600x600.webp
Requested by
Host: www.kiwibank.co.nz
URL: https://www.kiwibank.co.nz/personal-banking/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
57.79.134.203.core.vocus.network
Software
/
Resource Hash
b6e517c380dd31c09ef8e2cd6d2f7103162d85f774fba81845028e7bc4d21f5c
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
bstCDeQnSIU1TI9A3ARcjYaQQwYQNBaM
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 08:18:59 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
content-length
117810
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Jul 2024 02:54:01 GMT
etag
"fdbb8ff60163365b9880ffb8e6b16c8e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/octet-stream
ak-test
true
cache-control
public, max-age=680
accept-ranges
bytes
x-amz-cf-id
XDNPP8ME-zQWNCiRb1coP0P94hypm0qsFSdBEDFhHd_T1OMcsdfA5g==
Family_and_gudgets_3_across_promo.2e16d0ba.fill-600x600.webp
media.kiwibank.co.nz/media/images/ 		36 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.kiwibank.co.nz/media/images/Family_and_gudgets_3_across_promo.2e16d0ba.fill-600x600.webp
Requested by
Host: www.kiwibank.co.nz
URL: https://www.kiwibank.co.nz/personal-banking/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
57.79.134.203.core.vocus.network
Software
/
Resource Hash
40d05d6016f7c176d7bc3c9147b56a07c49ca608ade08e892ec5edb479a1ae7e
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
HFXohwzi5_KoFys5xu1C7.FWF_OzWTYo
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 08:18:59 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
content-length
36483
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Jul 2024 02:55:39 GMT
etag
"7c1053896befd4c3fcfebdabe259676d"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/octet-stream
ak-test
true
cache-control
public, max-age=320
accept-ranges
bytes
x-amz-cf-id
2n8Hua4cwEzAaV3Q3rvB5VvdfpsyQBCnjN_SVRID9QzR6tOReHLbQQ==
Mother_son_hugging_728x728.2e16d0ba.fill-600x600.webp
media.kiwibank.co.nz/media/images/ 		30 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.kiwibank.co.nz/media/images/Mother_son_hugging_728x728.2e16d0ba.fill-600x600.webp
Requested by
Host: www.kiwibank.co.nz
URL: https://www.kiwibank.co.nz/personal-banking/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
57.79.134.203.core.vocus.network
Software
/
Resource Hash
2c4e87a513ea1801e7e154b09bafece856838f0d42766a715f6b8e768fdfd572
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
EBk33e9LfTlkR3iCthPT0WI7jsjIfa4L
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 08:18:59 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
content-length
30814
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Jul 2024 03:00:25 GMT
etag
"fb6f0e8c622c5d48de1b178d86fd2409"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/octet-stream
ak-test
true
cache-control
public, max-age=888
accept-ranges
bytes
x-amz-cf-id
3LdY90pQxIQBAdYXH36PV-r3LjeNntZ8FPYRajxgqY8-vynRWGdGKg==
523-68ae6c804f827126a7d5.js
media.kiwibank.co.nz/static/js/ 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.kiwibank.co.nz/static/js/523-68ae6c804f827126a7d5.js
Requested by
Host: media.kiwibank.co.nz
URL: https://media.kiwibank.co.nz/static/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
57.79.134.203.core.vocus.network
Software
/
Resource Hash
620cc2f280635e9c534f98a93b02e1dc4f19e783594e2aadefb4f31e5b26a445
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
UFj9NtqUTFvWXzF0AOqNSTsQfXTCBaUf
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 08:18:59 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
x-amz-cf-pop
SYD3-P2
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
content-length
8991
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 14 May 2024 00:19:44 GMT
etag
W/"ba11b0aa220f82cf8a7fca49f80ffc70"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
ak-test
true
cache-control
public, max-age=210
x-amz-cf-id
MsuiGhVISuvHPhAts3X1SXd9-72RqbjvSvbWf_-NdRyBhI3A6rWSoA==
component-natural-language.css
media.kiwibank.co.nz/static/js/ 		682 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://media.kiwibank.co.nz/static/js/component-natural-language.css
Requested by
Host: media.kiwibank.co.nz
URL: https://media.kiwibank.co.nz/static/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
57.79.134.203.core.vocus.network
Software
/
Resource Hash
67d7ee0aa03281121e1e9db4711635673972ea75c47131efb1d1fb4cf3367d66
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
tGc17XFKxSGferpk1adSnqwvqzdKZhMM
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 08:18:59 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
content-length
339
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Jan 2024 03:23:15 GMT
etag
"9822a1a19aea8ef7057a7792f58bc115"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
ak-test
true
cache-control
public, max-age=821
accept-ranges
bytes
x-amz-cf-id
e4gK6SsKK_AEH_89WQlzRuaqrMYXs5xEsoHITQKEbFRIjdGXpe-WqA==
component-natural-language-dc80a47ba5ef6c671361.js
media.kiwibank.co.nz/static/js/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.kiwibank.co.nz/static/js/component-natural-language-dc80a47ba5ef6c671361.js
Requested by
Host: media.kiwibank.co.nz
URL: https://media.kiwibank.co.nz/static/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
57.79.134.203.core.vocus.network
Software
/
Resource Hash
ada688b2704f80fe566b6a01904924adf5694fe36994210c3342b5bbc912cab3
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
dz4Dd5YV.dHd2XuSEYih3qyYw3TVuitA
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 08:19:00 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
content-length
3584
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Jul 2024 03:11:54 GMT
etag
W/"0ea2013de72cdb2c91d276518534cc1e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
ak-test
true
cache-control
public, max-age=900
x-amz-cf-id
V-F4uyJGlTFI6QAUMpxmO3C5-eKVzKfKdN_uZuf4kOn9h6Odid-UeQ==
tooltip-1aa5bd5a344d3bd38a70.js
media.kiwibank.co.nz/static/js/ 		626 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.kiwibank.co.nz/static/js/tooltip-1aa5bd5a344d3bd38a70.js
Requested by
Host: media.kiwibank.co.nz
URL: https://media.kiwibank.co.nz/static/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
57.79.134.203.core.vocus.network
Software
/
Resource Hash
760f4130fe16b62f45a613722ba3b2fbdf7b9d5b7fe222bf0ca6431386c72d39
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
018NuSTGj363ys3r2hFE8fkOj5TiG0lE
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 08:19:00 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
content-length
293
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Jul 2024 03:11:55 GMT
etag
"928986d5c249ded874fcda37dc83d05e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
ak-test
true
cache-control
public, max-age=605
accept-ranges
bytes
x-amz-cf-id
8r3CQBbtFhLgiz46fagh9mFcgWWtGYl__5BEjUew5Vy7OKR1X3L5pA==
442-af6d357c8b5595dc7371.js
media.kiwibank.co.nz/static/js/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.kiwibank.co.nz/static/js/442-af6d357c8b5595dc7371.js
Requested by
Host: media.kiwibank.co.nz
URL: https://media.kiwibank.co.nz/static/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
57.79.134.203.core.vocus.network
Software
/
Resource Hash
ad24c4fedd39cd1c568f38d553b4c1c7ef92b31637c63e40f09518d59f905405
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
GIPkp77DjqQmLW3sapoj_aWoK.sSc9Vp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 08:19:00 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
content-length
11121
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Jan 2024 03:23:13 GMT
etag
W/"d9a10ddb7278d6c18953333182bd016e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
ak-test
true
cache-control
public, max-age=668
x-amz-cf-id
zP91XiG0txxNMGbW0WjhoErChOFsFcRUN82iNUClO-s6Svaz41n1AA==
component-rates-carousel-1f60b60e92d0c3b085f2.js
media.kiwibank.co.nz/static/js/ 		510 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.kiwibank.co.nz/static/js/component-rates-carousel-1f60b60e92d0c3b085f2.js
Requested by
Host: media.kiwibank.co.nz
URL: https://media.kiwibank.co.nz/static/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
57.79.134.203.core.vocus.network
Software
/
Resource Hash
9f881d6d31506cf5bd3861e275fc32bceed57709b573c1ff6cee31762c2af669
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
vNsg4m0urthOegmY_5oCSQEhvJawd3_2
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 08:19:00 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
content-length
336
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Jul 2024 03:11:54 GMT
etag
"96ead99bca0e2ea60745adf0f597029b"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
ak-test
true
cache-control
public, max-age=647
x-amz-cf-id
hwPBvJP6GgpMQc_ILAprPBsi9FrTngzuNtEvnKq7G-JTWMyrz8sODg==
content-group-a71bb3f89fc1d486ebd7.js
media.kiwibank.co.nz/static/js/ 		798 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.kiwibank.co.nz/static/js/content-group-a71bb3f89fc1d486ebd7.js
Requested by
Host: media.kiwibank.co.nz
URL: https://media.kiwibank.co.nz/static/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
57.79.134.203.core.vocus.network
Software
/
Resource Hash
01e50c17f8de9d6f58e5ba934663664e815563924aef92b771412f19775fd9e6
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
m3oXXkxNJQ96qDVgdPg2ZDn3y8sabFgM
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 08:19:00 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
content-length
413
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Jul 2024 03:11:54 GMT
etag
"b5115000cc4f4a201c54fdedcbe1d010"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
ak-test
true
cache-control
public, max-age=636
accept-ranges
bytes
x-amz-cf-id
7864VbzoPkRCPI6_Q-ccMqi14hTla_jKApM-IS_8_odCRGnH7Y97QA==
698-6500d96a16275cf7ddb0.js
media.kiwibank.co.nz/static/js/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.kiwibank.co.nz/static/js/698-6500d96a16275cf7ddb0.js
Requested by
Host: media.kiwibank.co.nz
URL: https://media.kiwibank.co.nz/static/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
57.79.134.203.core.vocus.network
Software
/
Resource Hash
510e88eb10204245847d62bfcd29255c84b41760eaa3f6da74d0dd568d894d57
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
7hS6zl1AX1jIsef7PMGS4uBIWDqZJroo
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 08:19:00 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
x-amz-cf-pop
SYD3-P2
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
content-length
13045
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 14 May 2024 00:19:44 GMT
etag
W/"6f5603a44df4f01d80158be44da1ab09"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
ak-test
true
cache-control
public, max-age=647
x-amz-cf-id
0iMJ04lHfdNqY-Rgx89yY7ZlcTZ5oEJRsSRFHR9jzs-L1fitMiYUpg==
component-share-button-364e311be5b7847c2b3e.js
media.kiwibank.co.nz/static/js/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.kiwibank.co.nz/static/js/component-share-button-364e311be5b7847c2b3e.js
Requested by
Host: media.kiwibank.co.nz
URL: https://media.kiwibank.co.nz/static/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
57.79.134.203.core.vocus.network
Software
/
Resource Hash
bbb29359ab1a6b6dcf3f9bbef1cddaa956dfb119ea95bf3dce794329a4b51f67
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
9u6CtfbaeFX6O8DTXkVinbc5Dgg3mcgn
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 08:19:00 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
content-length
1518
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Jul 2024 03:11:54 GMT
etag
W/"b6437795e22bfd799bd3df832266ae12"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
ak-test
true
cache-control
public, max-age=763
x-amz-cf-id
rnt-ErkdyT3T8IpOXoI92L4gU25IpbyPmZFQbiCdDyGVkgdly1I6LQ==
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: media.kiwibank.co.nz
URL: https://media.kiwibank.co.nz/static/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80f::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bab55dee7ee4a2031239ae1e9a2cc0a1225406f1f4575507cdd1e2eb2ac4c18c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:19:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script'
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Tue, 13 Aug 2024 08:19:00 GMT
rates
rates.kiwibank.co.nz/api/v1/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rates.kiwibank.co.nz/api/v1/rates?id__in=563,571,391
Requested by
Host: media.kiwibank.co.nz
URL: https://media.kiwibank.co.nz/static/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.134.79.59 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
59.79.134.203.core.vocus.network
Software
/
Resource Hash
8117da7ee1347fa8d746a486dadd49bcc07ddde81e10d0e174b86f3a2473b7e6
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:19:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SYD62-P3, SYD62-P3
x-amzn-requestid
791fbd07-c6fc-49e4-abf9-367e479d7a37
ak-test
true
x-amz-apigw-id
ccCA4E37SwMECTA=
content-length
877
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
x-amzn-trace-id
Root=1-66bb16d2-15da6d7b3af95e1357bbd0ae
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-frame-options
DENY
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key
x-amz-cf-id
eLqm6LtiXRx1uu7X2oagGUJoSKGtcDsJ-0L-MzJZwf4amkpbOy-xZg==
expires
Tue, 13 Aug 2024 08:19:00 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
www-widgetapi.js
www.youtube.com/s/player/1c78e434/www-widgetapi.vflset/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/1c78e434/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80f::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1db2c0444aac40cc0d8cfc5cef921f9d8ef04c5e3b49dd0df39cf25a7132473
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:28:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
435048
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10557
x-xss-protection
0
last-modified
Thu, 08 Aug 2024 04:13:55 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 08 Aug 2025 07:28:12 GMT
events
logx.optimizely.com/v1/ 		0
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/25879750142.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.241.49.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 13 Aug 2024 08:19:00 GMT
via
1.1 google
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.kiwibank.co.nz
access-control-expose-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
722925c4-e0e5-4cbd-a534-38c7722c6341
pixel_396d4feb
www.kiwibank.co.nz/akam/13/ 		0
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.kiwibank.co.nz/akam/13/pixel_396d4feb
Requested by
Host: www.kiwibank.co.nz
URL: https://www.kiwibank.co.nz/akam/13/396d4feb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
57.79.134.203.core.vocus.network
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kiwibank.co.nz/personal-banking/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 08:19:00 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
ak-test
true
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
0
x-xss-protection
1; mode=block
expires
Tue, 13 Aug 2024 08:19:00 GMT
destination
www.googletagmanager.com/gtag/ 		332 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-YWSBZ1JMCH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K99LDZH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:811::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0a242e6dd34d95eaf4ab6d4e417c0de8da536d2b2129504ee2a534efc9566fcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:19:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
108249
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 13 Aug 2024 08:19:01 GMT
js
www.googletagmanager.com/gtag/ 		332 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YWSBZ1JMCH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K99LDZH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:811::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
39a1c54b3b123aa509bdb5f1cba98f18de31912a0193e468e8f2da54f04b22ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:19:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
108185
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 13 Aug 2024 08:19:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K99LDZH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 07:20:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3538
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 13 Aug 2024 09:20:03 GMT
destination
www.googletagmanager.com/gtag/ 		218 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-4529611&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K99LDZH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:811::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5d67be4d061f00dbe60b42887bb9c909d0cd199f4937dd6a860e95bb6746269a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:19:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79846
x-xss-protection
0
last-modified
Tue, 13 Aug 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 13 Aug 2024 08:19:01 GMT
fbevents.js
connect.facebook.net/en_US/ 		225 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K99LDZH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f019:116:face:b00c:0:3 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
46f9ebc71ea0a6d60f5db1f84efa2a862280cde4302999ab36a0df7c1c5cee87
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 13 Aug 2024 08:19:01 GMT
document-policy
force-load-at-top
x-fb-server-load
19
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58862
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
MODERATE; q=0.3, rtt=200, rtx=0, c=12, mss=1368, tbw=2787, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
9hNMCS8FJ2HHTrvIgg/r7RxAXJrSw3RMEvYTpcsEs/soaNcdO0agZCjosGpBRBoy9oxYBMwWtI9sb2WEvI4jDw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K99LDZH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1415:3c00::1730:6012 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cb31bb53eefec5a74b7e7271abd4e97e0735174d7d0b0dec0f2217462573d1f1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:19:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 28 Jul 2024 07:35:22 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=23730
accept-ranges
bytes
content-length
14597
B20356225.206313549;sz=1x2;ord=165216202137
ad.doubleclick.net/ddm/adj/N2758.197812NSO.CODESRV/ 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N2758.197812NSO.CODESRV/B20356225.206313549;sz=1x2;ord=165216202137?
Requested by
Host: www.kiwibank.co.nz
URL: https://www.kiwibank.co.nz/personal-banking/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f6.1e100.net
Software
cafe /
Resource Hash
692042f7b66a055515877f096a624fb12979229cb2b35c0cab007c88601cdffc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 08:19:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16351
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect.js
7295740.collect.igodigital.com/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://7295740.collect.igodigital.com/collect.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K99LDZH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.190.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-190-159.compute-1.amazonaws.com
Software
/
Resource Hash
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:19:01 GMT
content-encoding
gzip
last-modified
Mon, 12 Aug 2024 20:16:44 GMT
vary
Accept-Encoding
content-type
application/javascript
/
px.ads.linkedin.com/wa/ 		0
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 13 Aug 2024 08:19:00 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 5DA1FAA68D0E4E4E962556422EAF25E2 Ref B: SYD03EDGE2120 Ref C: 2024-08-13T08:19:01Z
linkedin-action
1
vary
Origin
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
access-control-allow-origin
https://www.kiwibank.co.nz
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYfjEMRVq9SLrmQEN2ymw==
attribution_trigger
px.ads.linkedin.com/ 		2 B
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=91072&time=1723537141122&url=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F&tm=gtmv2
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
*
Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:19:01 GMT
content-encoding
gzip
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: B48AE47D4AE7490AA9545CA59FD24937 Ref B: SYD03EDGE1406 Ref C: 2024-08-13T08:19:01Z
access-control-allow-methods
GET, OPTIONS
x-li-fabric
prod-lor1
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-type
application/json
x-li-proto
http/2
x-restli-protocol-version
1.0.0
access-control-allow-headers
*
x-li-uuid
AAYfjEMRPzKtduyEFH0Crg==
x-fs-uuid
00061f8c43113f32ad76ec84147d02ae
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=91072&time=1723537141122&li_adsId=b6845c8b-9259-43a9-b87c-f47536e4e938&url=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F&tm=gtmv2
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=91072&time=1723537141122&li_adsId=b6845c8b-9259-43a9-b87c-f47536e4e938&url=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F&tm=gtmv2&cookies...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D91072%26time%3D1723537141122%26li_adsId%3Db6845c8b-9259-43a9-b87c-f47536e4e938%26...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=91072&time=1723537141122&li_adsId=b6845c8b-9259-43a9-b87c-f47536e4e938&url=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F&tm=gtmv2&cookies...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=91072&time=1723537141122&li_adsId=b6845c8b-9259-43a9-b87c-f47536e4e938&url=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F&tm=gtmv2&cookie...
0
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=91072&time=1723537141122&li_adsId=b6845c8b-9259-43a9-b87c-f47536e4e938&url=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJN9lSyDB-hOQAAAZFK0bFQFO_0RwzjeJPOXAt3zHcZfz4_nhUNeAU09k3VZOpF4Hva6GS1
Requested by
Host: www.kiwibank.co.nz
URL: https://www.kiwibank.co.nz/personal-banking/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:19:02 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: FD39E5F7C4D64A3AA4E4CE1BAB285B10 Ref B: SYD03EDGE0807 Ref C: 2024-08-13T08:19:02Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYfjEMiYpLgdufZ369yIw==

Redirect headers

date
Tue, 13 Aug 2024 08:19:01 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 4CEE21B4B94E430787A125BF1EEFE29C Ref B: SYD03EDGE2120 Ref C: 2024-08-13T08:19:02Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=91072&time=1723537141122&li_adsId=b6845c8b-9259-43a9-b87c-f47536e4e938&url=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJN9lSyDB-hOQAAAZFK0bFQFO_0RwzjeJPOXAt3zHcZfz4_nhUNeAU09k3VZOpF4Hva6GS1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYfjEMciYk3kdS/GZWn8A==
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ 		204 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N2758.197812NSO.CODESRV/B20356225.206313549;sz=1x2;ord=165216202137?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
4d20e34d7517ba277214444e8f314c7b75141eb1979493453252daa941808ab7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:14:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
295
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000
content-length
64804
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Aug 2024 09:14:06 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240807/r20110914/elements/html/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240807/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N2758.197812NSO.CODESRV/B20356225.206313549;sz=1x2;ord=165216202137?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
ce13d5d11a2c8a21612d2eae7a1732f20ca5a38daf0be8af6aaeef64e07d75e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 15:25:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
60788
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000
content-length
4395
x-xss-protection
0
server
cafe
etag
4271344721252203484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Aug 2024 15:25:53 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvrAI_7oIK5wOU6zQSnrVp2lWhp1ZDL4MUGMv4OqkXHb9XTnGC0lgM2YHzH5HG9Ko9QeZNT4-CMkltVi5Xx39f5zHIgCe0-8AZ84etfiWWxT26c0kotrFvoFpjelOOozFn5b5r1vMw7h0-4x5qtnpQXUyaUNnGohwVfVtBaEg&sai=AMfl-YSxjYSFLGWsoejyHpQ6G92s9k8lvYotjj_iJS8Vy2wbMUoHrYxoDQXyrBVVTROyphX_bI4GUpWFXWs8DCA&sig=Cg0ArKJSzNeeHeclcHGUEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20240807.31119&arae=1&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N2758.197812NSO.CODESRV/B20356225.206313549;sz=1x2;ord=165216202137?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:19:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 13 Aug 2024 08:19:01 GMT
activityi;dc_pre=CM254JjE8YcDFeYQtwAdKHIzsg;src=4529611;type=kiwib0;cat=kiwib00;ord=1;num=2761694393972;npa=0;auiddc=776791622.1723537141;u1=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F;p...
4529611.fls.doubleclick.net/ Frame E185
Redirect Chain
  • https://4529611.fls.doubleclick.net/activityi;src=4529611;type=kiwib0;cat=kiwib00;ord=1;num=2761694393972;npa=0;auiddc=776791622.1723537141;u1=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F...
  • https://4529611.fls.doubleclick.net/activityi;dc_pre=CM254JjE8YcDFeYQtwAdKHIzsg;src=4529611;type=kiwib0;cat=kiwib00;ord=1;num=2761694393972;npa=0;auiddc=776791622.1723537141;u1=https%3A%2F%2Fwww.ki...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://4529611.fls.doubleclick.net/activityi;dc_pre=CM254JjE8YcDFeYQtwAdKHIzsg;src=4529611;type=kiwib0;cat=kiwib00;ord=1;num=2761694393972;npa=0;auiddc=776791622.1723537141;u1=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F;ps=1;pcor=1756407864;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9179784172z8810372621za201zb810372621;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-4529611&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.230 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwibank.co.nz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
1495
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Aug 2024 08:19:01 GMT
expires
Tue, 13 Aug 2024 08:19:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Aug 2024 08:19:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://4529611.fls.doubleclick.net/activityi;dc_pre=CM254JjE8YcDFeYQtwAdKHIzsg;src=4529611;type=kiwib0;cat=kiwib00;ord=1;num=2761694393972;npa=0;auiddc=776791622.1723537141;u1=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F;ps=1;pcor=1756407864;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9179784172z8810372621za201zb810372621;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=4529611;type=kiwib0;cat=kiwib00;ord=1;num=2761694393972;npa=0;auiddc=776791622.1723537141;u1=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F;ps=1;pcor=1756...
ad.doubleclick.net/ 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=4529611;type=kiwib0;cat=kiwib00;ord=1;num=2761694393972;npa=0;auiddc=776791622.1723537141;u1=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F;ps=1;pcor=1756407864;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9179784172z8810372621za201zb810372621;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F?
Requested by
Host: www.kiwibank.co.nz
URL: https://www.kiwibank.co.nz/personal-banking/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 08:19:01 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"11960067833338137772"}],"aggregatable_trigger_data":[{"filters":[{"14":["2111161"]}],"key_piece":"0x8ba39ffc84dbf1a5","source_keys":["12","13","14","15","16","17","18","19","20","21","16254132","16254133","16254134","16254135","628587276","628587277","628587278","628587279","634905756","634905757","634905758","634905759","638469636","638469637","638469638","638469639","638536896","638536897","638536898","638536899","638544100","638544101","638544102","638544103","638615928","638615929","638615930","638615931","899995948","899995949","899995950","899995951","900076804","900076805","900076806","900076807","900154496","900154497","900154498","900154499"]},{"key_piece":"0xc4eef54587783311","not_filters":{"14":["2111161"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","16254132","16254133","16254134","16254135","628587276","628587277","628587278","628587279","634905756","634905757","634905758","634905759","638469636","638469637","638469638","638469639","638536896","638536897","638536898","638536899","638544100","638544101","638544102","638544103","638615928","638615929","638615930","638615931","899995948","899995949","899995950","899995951","900076804","900076805","900076806","900076807","900154496","900154497","900154498","900154499"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"16254132":34,"16254133":34,"16254134":34,"16254135":3345,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628587276":32,"628587277":32,"628587278":32,"628587279":3177,"634905756":32,"634905757":32,"634905758":32,"634905759":3177,"638469636":54,"638469637":54,"638469638":54,"638469639":5297,"638536896":32,"638536897":32,"638536898":32,"638536899":3177,"638544100":50,"638544101":50,"638544102":50,"638544103":4889,"638615928":43,"638615929":43,"638615930":43,"638615931":4237,"899995948":40,"899995949":40,"899995950":40,"899995951":3973,"900076804":109,"900076805":109,"900076806":109,"900076807":10594,"900154496":46,"900154497":46,"900154498":46,"900154499":4540},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"17929066549083590705","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"11960067833338137772","filters":[{"14":["2111161"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"11960067833338137772","filters":[{"14":["2111161"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"11960067833338137772","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"11960067833338137772","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["4529611"]}}
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-YWSBZ1JMCH&gtm=45je4880v879255668z8810372621za200zb810372621&_p=1723537139798&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1676974976.1723537141&ul=en-nz&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723537141&sct=1&seg=0&dl=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F&dt=Kiwibank%C2%A0-%20100%25%20Kiwi%20owned&en=experience_impression&_fv=1&_nsi=1&_ss=1&ep.exp_variant_string=OPT-29693750521(24-0011%20v2-%20Home%20page%20Quicklins%2C%20%20Search%20%2B%20quicklinks)-30040661093(Original)&tfd=2975
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YWSBZ1JMCH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 08:19:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kiwibank.co.nz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YWSBZ1JMCH&cid=1676974976.1723537141&gtm=45je4880v879255668z8810372621za200zb810372621&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YWSBZ1JMCH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 08:19:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kiwibank.co.nz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.nz/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.nz/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YWSBZ1JMCH&cid=1676974976.1723537141&gtm=45je4880v879255668z8810372621za200zb810372621&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=559744701
Requested by
Host: www.kiwibank.co.nz
URL: https://www.kiwibank.co.nz/personal-banking/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 08:19:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=276046436&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F&ul=en-nz&de=UTF-8&dt=Kiwibank%C2%A0-%20100%25%20Kiwi%20owned&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACgEKC~&jid=110024643&gjid=1911219787&cid=1676974976.1723537141&tid=UA-2943409-1&_gid=1814075643.1723537142&_slc=1&gtm=45He4880n81K99LDZHv810372621za200&cd4=2024-08-13T20%3A19%3A00%2B12%3A00&gcd=13l3l3l3l1&dma=0&tag_exp=0&cd6=1676974976.1723537141&z=274748964
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 08:19:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kiwibank.co.nz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2943409-1&cid=1676974976.1723537141&jid=110024643&gjid=1911219787&_gid=1814075643.1723537142&_u=YCDAiEABBAAAAGgEKCC~&z=1951675909
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 13 Aug 2024 08:19:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kiwibank.co.nz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
logx.optimizely.com/v1/ 		0
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/25879750142.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.241.49.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 13 Aug 2024 08:19:01 GMT
via
1.1 google
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.kiwibank.co.nz
access-control-expose-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
85da9779-87e1-483e-885f-74472c2f6956
track_page_view
nova.collect.igodigital.com/c2/7295740/ 		43 B
826 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nova.collect.igodigital.com/c2/7295740/track_page_view?payload=%7B%22title%22%3A%22Kiwibank%C2%A0-%20100%25%20Kiwi%20owned%22%2C%22url%22%3A%22https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F%22%2C%22referrer%22%3A%22%22%2C%22user_info%22%3A%7B%22email%22%3A%22email%22%7D%7D
Requested by
Host: www.kiwibank.co.nz
URL: https://www.kiwibank.co.nz/personal-banking/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.190.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-190-159.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:19:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
content-transfer-encoding
binary
content-disposition
inline
x-xss-protection
1; mode=block
x-request-id
ea698058-ee94-44fd-9269-a8f79e0c6c13
x-runtime
0.007913
referrer-policy
strict-origin-when-cross-origin
etag
W/"98b3d9d20e032f90aca49e9b116225d5"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/gif
cache-control
private
1439347453033508
connect.facebook.net/signals/config/ 		79 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1439347453033508?v=2.9.164&r=c2&domain=www.kiwibank.co.nz&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f019:116:face:b00c:0:3 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5d7748fee9ab0b7907940b12dd464005ce504c9c73186bc68f9a041e07da3575
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 13 Aug 2024 08:19:02 GMT
document-policy
force-load-at-top
x-fb-server-load
37
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
MODERATE; q=0.3, rtt=208, rtx=0, c=63, mss=1368, tbw=64366, tp=-1, tpl=-1, uplat=399, ullat=0
pragma
public
x-fb-debug
h5o9Sl0gr5Fu1dVPpEsSI5mU4rdid4XMTQZMEjJkRfJR25HIo9AMaZRQFHChxIUMv1+/KFgzFmDxqSDipJJ4Pw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1439347453033508&ev=PageView&dl=https%3A%2F%2Fwww.kiwibank.co.nz&rl=&if=false&ts=1723537142657&sw=1600&sh=1200&v=2.9.164&r=c2&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.2.1723537142656.28424429938446142&pm=1&hrl=92903e&ler=empty&cdl=API_unavailable&it=1723537142011&coo=false&tm=1&cs_cc=1&cas=6818167004955041%2C7103007033046335&rqm=GET
Requested by
Host: www.kiwibank.co.nz
URL: https://www.kiwibank.co.nz/personal-banking/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f119:8083:face:b00c:0:25de Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
MODERATE; q=0.3, rtt=200, rtx=0, c=10, mss=1368, tbw=2792, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 13 Aug 2024 08:19:03 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1439347453033508&ev=PageView&dl=https%3A%2F%2Fwww.kiwibank.co.nz&rl=&if=false&ts=1723537142657&sw=1600&sh=1200&v=2.9.164&r=c2&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.2.1723537142656.28424429938446142&pm=1&hrl=92903e&ler=empty&cdl=API_unavailable&it=1723537142011&coo=false&tm=1&cs_cc=1&cas=6818167004955041%2C7103007033046335&rqm=FGET
Requested by
Host: www.kiwibank.co.nz
URL: https://www.kiwibank.co.nz/personal-banking/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f119:8083:face:b00c:0:25de Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xafe3d811e6e2dcd4","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:5571121886235985","24:26616457031274949","24:8940732949334393","24:25973717688941114","24:7392531987532721","24:7663144143764937","24:2932406870204283","24:6501412076634896","24:6866989836713585","24:8439032396107689","24:2430302607025451","24:3195302623929364","24:3462194157193878","24:2337431493048518","24:3168700916552688","24:3148297291936209","24:2491530570914215","7830:5571121886235985","7830:26616457031274949","7830:8940732949334393","7830:25973717688941114","7830:7392531987532721","7830:7663144143764937","7830:2932406870204283","7830:6501412076634896","7830:6866989836713585","7830:8439032396107689","7830:2430302607025451","7830:3195302623929364","7830:3462194157193878","7830:2337431493048518","7830:3168700916552688","7830:3148297291936209","7830:2491530570914215","10853:5571121886235985","10853:26616457031274949","10853:8940732949334393","10853:25973717688941114","10853:7392531987532721","10853:7663144143764937","10853:2932406870204283","10853:6501412076634896","10853:6866989836713585","10853:8439032396107689","10853:2430302607025451","10853:3195302623929364","10853:3462194157193878","10853:2337431493048518","10853:3168700916552688","10853:3148297291936209","10853:2491530570914215","41:5571121886235985","41:26616457031274949","41:8940732949334393","41:25973717688941114","41:7392531987532721","41:7663144143764937","41:2932406870204283","41:6501412076634896","41:6866989836713585","41:8439032396107689","41:2430302607025451","41:3195302623929364","41:3462194157193878","41:2337431493048518","41:3168700916552688","41:3148297291936209","41:2491530570914215","8046:5571121886235985","8046:26616457031274949","8046:8940732949334393","8046:25973717688941114","8046:7392531987532721","8046:7663144143764937","8046:2932406870204283","8046:6501412076634896","8046:6866989836713585","8046:8439032396107689","8046:2430302607025451","8046:3195302623929364","8046:3462194157193878","8046:2337431493048518","8046:3168700916552688","8046:3148297291936209","8046:2491530570914215"]},"debug_reporting":true,"debug_key":"1"}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Tue, 13 Aug 2024 08:19:03 GMT
x-fb-server-load
31
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402535664156831333", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
MODERATE; q=0.3, rtt=200, rtx=0, c=10, mss=1368, tbw=3109, tp=-1, tpl=-1, uplat=257, ullat=0
pragma
no-cache
x-fb-debug
bG9kxJ7Wy/fntGtfgSsg26tIhgxvS+tpLEo0lBicELounswdUUc60P5Uj2kO40HymYUUPOt2eZE870mBMUWrGw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402535664156831333"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
favicon.ico
media.kiwibank.co.nz/static/ 		17 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://media.kiwibank.co.nz/static/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.134.79.57 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
57.79.134.203.core.vocus.network
Software
/
Resource Hash
6ed681e11acce0ef6a21e065156b5cd51c2a1118b0d0c0f63a2486050dc57739
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
O8L8Il.SLq7750K1Vr.pxBPOdyHpivcb
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 08:19:03 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
content-length
1112
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 06 Jun 2022 23:07:09 GMT
etag
"b05ecaa85ddeb194699dffd57fb77b33"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/vnd.microsoft.icon
ak-test
true
cache-control
public, max-age=67
x-amz-cf-id
M6JozYs1TiX4zTmizW58tVXLuJWObpzwWI6iVhDNv6aO_u4Cz39jgA==
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-YWSBZ1JMCH&gtm=45je4880v879255668z8810372621za200zb810372621&_p=1723537139798&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1676974976.1723537141&ul=en-nz&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1723537141&sct=1&seg=1&dl=https%3A%2F%2Fwww.kiwibank.co.nz%2Fpersonal-banking%2F&dt=Kiwibank%C2%A0-%20100%25%20Kiwi%20owned&en=page_view&_et=4&tfd=7985
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YWSBZ1JMCH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.kiwibank.co.nz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 08:19:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kiwibank.co.nz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| optimizely function| get_ga_id object| dataLayer string| bazadebezolkohpepadr object| webpackChunkkiwibank_public function| clearImmediate function| setImmediate object| regeneratorRuntime function| iFrameResize function| onYouTubeIframeAPIReady boolean| ratesLoaded string| urhehlevkedkilrobacf object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| _fbq_gtm_ids object| _linkedin_data_partner_ids boolean| _already_called_lintrk number| randomNumber object| scriptTag object| insertionNode string| conversionTag string| eventType function| lintrk object| ORIBILI function| clsn object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc function| stcc object| gaGlobal object| gaplugins object| gaData object| _etmc object| _etmc_temp string| func_name object| args string| collect_url function| jspbGetTypeName number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ function| omrhp

25 Cookies

Domain/Path Name / Value
.kiwibank.co.nz/ Name: optimizelyEndUserId
Value: oeu1723537139595r0.363045763907629
.youtube.com/ Name: YSC
Value: 9lbh9UJ1opk
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 8PUb9kFhV3s
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJOWhIEGgAgTQ%3D%3D
.kiwibank.co.nz/ Name: ak_bmsc
Value: BE6307E3A1144C1777FDA5A29BFA206B~000000000000000000000000000000~YAAQN0+Gyx5B/kORAQAATqzRShh7+d6KKiqOpaYNoBqXTw2fjaB0mAl550jEr6HVQ1darEEGnaZ5n83IvGPA3M2KEfVgPFRBYCyrMflrhZ38Phyy5tYAJZ27ncTzfy3feJFrcE2HMhXLCziuC4NhrlFFAha6LOWx2f9usFepA2EbHeJY9o9TSAEo39YTp1NKmO/MS9jCpOF1wQdV/MWjN53pKeGV4dFYcsU+VvIKydmKMX/DNOZ70L+62td42jtUbMUsrKNl65u6WnA25InYt9/BJ4mDZM+eSiFvJrbKRn44r3m6gO06IltnrllZ18nlIj8FZHY1xZB8WB+qas48r/YWhyDs+IHl3BEFbsGJPDJg9+7cB89PsFSMUOhj3a317VrX1hzMbYuLiC4zXfGWHhGpXgTyMRDrY59n9ZF+uKC1F5yly6fzWjEfyZmv2AgLMDa2p3HhP7SvQz56tXywCw==
.kiwibank.co.nz/ Name: _gcl_au
Value: 1.1.776791622.1723537141
.doubleclick.net/ Name: APC
Value: AfxxVi5iXLz02v3zyRgPAkP8AkuM81eN0jb9C4MBBbaxBHPT97zohg
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.linkedin.com/ Name: li_sugr
Value: 55fe6cc9-9859-4f45-858b-232354a1dbc2
.linkedin.com/ Name: lidc
Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2974:u=1:x=1:i=1723537141:t=1723623541:v=2:sig=AQFKz9qMzo6rG4BYeAfPUt5TqetaGq1e"
.kiwibank.co.nz/ Name: _ga_YWSBZ1JMCH
Value: GS1.1.1723537141.1.1.1723537141.60.0.0
.kiwibank.co.nz/ Name: _ga
Value: GA1.3.1676974976.1723537141
.kiwibank.co.nz/ Name: _gid
Value: GA1.3.1814075643.1723537142
.kiwibank.co.nz/ Name: _dc_gtm_UA-2943409-1
Value: 1
.doubleclick.net/ Name: ar_debug
Value: 1
.linkedin.com/ Name: UserMatchHistory
Value: AQId7-P9fKl1dQAAAZFK0a9oDTQC5InitAiX-QM6g5kHO1sA1XRfeOGONgVbOYnf1hfPlqUCZju6xQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJQq0tHAiwfbgAAAZFK0a9oUvpxWCABPNL4DoafU0sN8TL-ZoKNlNNrpBmEiwnP9gB4ZS6hO_ybRao45y1Vmw
.linkedin.com/ Name: bcookie
Value: "v=2&a911c8fe-f1ad-4627-8caa-237e4a86ee2a"
.doubleclick.net/ Name: IDE
Value: AHWqTUncKdhiQI0a2LmVRVxutIHwaefuHcy-WirAfNZrtQqruX85j8dFo-mxgSlJ4aM
.igodigital.com/ Name: igodigitaltc2
Value: b269d37e-594c-11ef-9237-5e133392de29
.igodigital.com/ Name: igodigitalst_7295740
Value: b269da86-594c-11ef-9237-5e133392de29
.igodigital.com/ Name: igodigitalstdomain
Value: 29578
.www.linkedin.com/ Name: bscookie
Value: "v=1&20240813081901079672a5-2c42-42a3-8f6b-cde6b617f20aAQHVD744JdISvwgMJgUpgO8LYxjZo_yj"
.kiwibank.co.nz/ Name: _fbp
Value: fb.2.1723537142656.28424429938446142
.yahoo.com/ Name: A3
Value: d=AQABBPcWu2YCEKAfjnLkgWKhV5Edij_sXMkFEgEBAQFovGbEZg3-xiMA_eMAAA&S=AQAAAl_j_72VQJJgFKGyduWehaQ

4 Console Messages

Source Level URL
Text
javascript warning URL: https://ad.doubleclick.net/ddm/adj/N2758.197812NSO.CODESRV/B20356225.206313549;sz=1x2;ord=165216202137?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/ddm/adj/N2758.197812NSO.CODESRV/B20356225.206313549;sz=1x2;ord=165216202137?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/ddm/adj/N2758.197812NSO.CODESRV/B20356225.206313549;sz=1x2;ord=165216202137?(Line 142)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/ddm/adj/N2758.197812NSO.CODESRV/B20356225.206313549;sz=1x2;ord=165216202137?(Line 142)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://7295740.collect.igodigital.com https://*.doubleclick.net https://api.addressfinder.io https://api.lo.ranqx.com https://calculators.gbst.com https://connect.facebook.net https://maps.googleapis.com https://media.kiwibank.co.nz https://*.googlesyndication.com https://snap.licdn.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googletagservices.com https://www.youtube.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.googletagmanager.com https://youtube.com https://www.youtube.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://media.kiwibank.co.nz;connect-src 'self' https://*.optimizely.com https://public-web-deployment.kb.ap-southeast-2.aws.found.io https://analytics.google.com https://api.kiwibank.co.nz https://api.lo.ranqx.com https://*.doubleclick.net https://maps.googleapis.com https://rates.kiwibank.co.nz https://public-web-deployment.ent.ap-southeast-2.aws.found.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.linkedin.com https://api.addressfinder.io; font-src 'self' https://fonts.gstatic.com https://media.kiwibank.co.nz https://fonts.googleapis.com;frame-src https://bugcrowd.com https://*.doubleclick.net https://cloud.communication.kiwibank.co.nz https://kiwibank.prod.digital.gbst.com https://www.youtube.com https://youtube.com https://a25750620975.cdn.optimizely.com https://a25750620975.cdn-pci.optimizely.com;img-src 'self' data: https://*.doubleclick.net https://i.ytimg.com https://maps.googleapis.com https://maps.gstatic.com https://media.kiwibank.co.nz https://nova.collect.igodigital.com https://*.linkedin.com https://www.facebook.com https://*.google-analytics.com https://www.google.co.nz https://*.googletagmanager.com https://app.optimizely.com https://cdn.optimizely.com https://www.google.com https://*.googlesyndication.com https://*.2mdn.net https://www.google.com.au; frame-ancestors 'self' https://app.optimizely.com; object-src 'self' data: ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4529611.fls.doubleclick.net
7295740.collect.igodigital.com
a25750620975.cdn.optimizely.com
ad.doubleclick.net
analytics.google.com
cdn.optimizely.com
connect.facebook.net
googleads4.g.doubleclick.net
logx.optimizely.com
media.kiwibank.co.nz
mykiwibank.co.nz
nova.collect.igodigital.com
pagead2.googlesyndication.com
px.ads.linkedin.com
px4.ads.linkedin.com
rates.kiwibank.co.nz
snap.licdn.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.co.nz
www.googletagmanager.com
www.kiwibank.co.nz
www.linkedin.com
www.youtube.com
13.107.42.14
142.250.204.2
142.250.204.6
142.250.66.227
142.250.66.230
172.217.24.34
18.211.190.159
2001:4860:4802:36::181
203.134.79.57
203.134.79.59
2404:6800:4003:c1a::9b
2404:6800:4006:80b::200e
2404:6800:4006:80f::200e
2404:6800:4006:811::2008
2600:1415:3c00::1730:6012
2606:4700::6812:4139
2606:4700::6812:4239
2620:1ec:21::14
2a03:2880:f019:116:face:b00c:0:3
2a03:2880:f119:8083:face:b00c:0:25de
34.49.241.189
54.153.183.151
01e50c17f8de9d6f58e5ba934663664e815563924aef92b771412f19775fd9e6
0a242e6dd34d95eaf4ab6d4e417c0de8da536d2b2129504ee2a534efc9566fcc
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2b54c7a6706d32c4e4fe14c595fa80ef9b418d17c30d2141e533de941f4f04e6
2c4e87a513ea1801e7e154b09bafece856838f0d42766a715f6b8e768fdfd572
2ff1aaf00d87cf9bdbafb0058acf73b664cc0d54914e14ba9421badc5d7f052d
39a1c54b3b123aa509bdb5f1cba98f18de31912a0193e468e8f2da54f04b22ec
40d05d6016f7c176d7bc3c9147b56a07c49ca608ade08e892ec5edb479a1ae7e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04
46f9ebc71ea0a6d60f5db1f84efa2a862280cde4302999ab36a0df7c1c5cee87
4d20e34d7517ba277214444e8f314c7b75141eb1979493453252daa941808ab7
4f2f520ddc00e7cd327596aaeff572c98b8e35ca16deb9ed8a58c45b2a5a88ae
510e88eb10204245847d62bfcd29255c84b41760eaa3f6da74d0dd568d894d57
5d67be4d061f00dbe60b42887bb9c909d0cd199f4937dd6a860e95bb6746269a
5d7748fee9ab0b7907940b12dd464005ce504c9c73186bc68f9a041e07da3575
60557e4fd3e6fe02d969a992a814a87da77e4a133c68ee7fe490094446d10380
620cc2f280635e9c534f98a93b02e1dc4f19e783594e2aadefb4f31e5b26a445
67d7ee0aa03281121e1e9db4711635673972ea75c47131efb1d1fb4cf3367d66
692042f7b66a055515877f096a624fb12979229cb2b35c0cab007c88601cdffc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ed681e11acce0ef6a21e065156b5cd51c2a1118b0d0c0f63a2486050dc57739
760f4130fe16b62f45a613722ba3b2fbdf7b9d5b7fe222bf0ca6431386c72d39
7865d97da648c588b3a7159603e22e07e5b49ae4a7bbdc4a832e4dcd4b8397fd
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
8117da7ee1347fa8d746a486dadd49bcc07ddde81e10d0e174b86f3a2473b7e6
841c1e6df9bf8499942d1a3cc2a0dc7e1d0fce2366cbde2cbbe19193a5c22049
8526828eaedcb2a9b5a5ab4360839f8f97b07162f3d49c868af771c62ca0a8da
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9f881d6d31506cf5bd3861e275fc32bceed57709b573c1ff6cee31762c2af669
a80d86445f42dc5dfe47b9186cb32165fa08a412d7c01ad0744ec72d2cea7aa1
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad24c4fedd39cd1c568f38d553b4c1c7ef92b31637c63e40f09518d59f905405
ada688b2704f80fe566b6a01904924adf5694fe36994210c3342b5bbc912cab3
b1db2c0444aac40cc0d8cfc5cef921f9d8ef04c5e3b49dd0df39cf25a7132473
b6e517c380dd31c09ef8e2cd6d2f7103162d85f774fba81845028e7bc4d21f5c
bab55dee7ee4a2031239ae1e9a2cc0a1225406f1f4575507cdd1e2eb2ac4c18c
bbb29359ab1a6b6dcf3f9bbef1cddaa956dfb119ea95bf3dce794329a4b51f67
c99da29ec882f68a808f9b1e1d91f6c15c5b35fa139c03a23f47865bb90bfd4e
cb31bb53eefec5a74b7e7271abd4e97e0735174d7d0b0dec0f2217462573d1f1
ce13d5d11a2c8a21612d2eae7a1732f20ca5a38daf0be8af6aaeef64e07d75e4
ce493fd038b886970b0e53c9ed2e7c375c6730269ac3427567830ccfb3f4f081
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eab4cb1f9377b0cd9abb73d9736629c4723a4545e9616f0056562902b7f27d46
ebad94c28ae40a01cf20db25c1bc13fd7681ca14c7aca146bd95fb9232fbb13f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5d839c7d87910f7477b77c8e63bf4df009223b255eb7cd432e525ca9d7adbcb
ff5bdbc51b734d8503166e388e6739fee8d294a5f84265bb9fdd93632e9ed09f