fd.if.co.nz Open in urlscan Pro
2620:1ec:bdf::40 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fd.if.co.nz/
Submission: On December 25 via api (December 25th 2023, 5:19:56 pm UTC) from US — Scanned from US

Summary HTTP 56 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 18 IPs in 1 countries across 11 domains to perform 56 HTTP transactions. The main IP is 2620:1ec:bdf::40, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is fd.if.co.nz.
TLS certificate: Issued by R3 on November 7th 2023. Valid for: 3 months.

This is the only time fd.if.co.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	2620:1ec:bdf::40 2620:1ec:bdf::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2600:1408:c40... 2600:1408:c400:29::17da:da44	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.160.46.2 18.160.46.2	16509 (AMAZON-02) (AMAZON-02)
1	2600:1408:c40... 2600:1408:c400:29::17da:da4f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:400... 2607:f8b0:4004:c09::61	15169 (GOOGLE) (GOOGLE)
1	108.138.106.49 108.138.106.49	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4004:c08::8a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::9d	15169 (GOOGLE) (GOOGLE)
1 2	142.251.167.148 142.251.167.148	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c08::9c	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c08::67	15169 (GOOGLE) (GOOGLE)
1	18.164.96.46 18.164.96.46	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9b	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
56	18

27 2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

fd.if.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1408:c400:29::17da:da44 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.46.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-2.iad55.r.cloudfront.net

staticcdn.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:c400:29::17da:da4f (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-49.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::8a (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::9d (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.167.148 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ww-in-f148.1e100.net

10871575.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::67 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-46.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9b (Washington, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	if.co.nz fd.if.co.nz	3 MB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 2954	71 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 10871575.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 75	3 KB
4	google.com analytics.google.com — Cisco Umbrella Rank: 152 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 93	1 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 446 p.typekit.net — Cisco Umbrella Rank: 559	34 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	86 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 700 script.hotjar.com — Cisco Umbrella Rank: 933	59 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	185 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	staticcdn.co.nz staticcdn.co.nz — Cisco Umbrella Rank: 275322	1 KB
56	11

	Domain	Requested by
27	fd.if.co.nz	fd.if.co.nz
6	dev.visualwebsiteoptimizer.com	fd.if.co.nz dev.visualwebsiteoptimizer.com
3	use.typekit.net	fd.if.co.nz use.typekit.net
2	www.google.com	fd.if.co.nz
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	fd.if.co.nz connect.facebook.net
2	10871575.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	fd.if.co.nz www.googletagmanager.com
1	www.facebook.com	fd.if.co.nz
1	adservice.google.com	10871575.fls.doubleclick.net
1	script.hotjar.com	static.hotjar.com
1	analytics.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	p.typekit.net	use.typekit.net
1	staticcdn.co.nz	fd.if.co.nz
56	17

This site contains links to these domains. Also see Links.

Domain
instantfinance.co.nz
www.facebook.com
www.linkedin.com
www.youtube.com
www.fsf.org.nz
www.terabyte.co.nz

Subject Issuer	Validity	Valid
if.co.nz R3	`2023-11-07` - `2024-02-05`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2023-07-06` - `2024-07-06`	a year	crt.sh
staticcdn.co.nz Amazon RSA 2048 M01	`2023-09-30` - `2024-10-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://fd.if.co.nz/
Frame ID: ED9837B954BA395B121A9E61B8A2B8C1
Requests: 54 HTTP requests in this frame

Frame: https://10871575.fls.doubleclick.net/activityi;dc_pre=CJXj26-Mq4MDFWkGTwgd-W4MHQ;src=10871575;type=remar0;cat=remar0;ord=3836042688406;auiddc=1376819265.1703524790;gtm=45He3bt0v830696467;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ffd.if.co.nz%2F
Frame ID: 5CF5B0AFD47FDF88BE90DF9E0C25F691
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Quick Personal Loan NZ | Easy Application | Instant Finance

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

56
Requests

98 %
HTTPS

71 %
IPv6

11
Domains

17
Subdomains

18
IPs

1
Countries

3839 kB
Transfer

5480 kB
Size

18
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://instantfinance.co.nz/make-a-payment/
Title: Pay Now

Search URL Search Domain Scan URL

URL: https://www.facebook.com/instantfinancenz/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/instant-finance-nz-limited/about/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCrFJNOjtLuvqU6KZ_QS8UMQ

Search URL Search Domain Scan URL

URL: https://www.fsf.org.nz/
Title: .image-090bfbe5-3e52-42ed-9024-f2b0080d6c51 { padding-bottom: 84.52%; } Proud member of Financial Services Federation

Search URL Search Domain Scan URL

URL: https://www.terabyte.co.nz/
Title: Site by Terabyte

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://10871575.fls.doubleclick.net/activityi;src=10871575;type=remar0;cat=remar0;ord=3836042688406;auiddc=1376819265.1703524790;gtm=45He3bt0v830696467;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ffd.if.co.nz%2F HTTP 302
https://10871575.fls.doubleclick.net/activityi;dc_pre=CJXj26-Mq4MDFWkGTwgd-W4MHQ;src=10871575;type=remar0;cat=remar0;ord=3836042688406;auiddc=1376819265.1703524790;gtm=45He3bt0v830696467;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ffd.if.co.nz%2F

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
fd.if.co.nz/ 97 KB
23 KB 1042ms
854ms Document
text/html 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.if.co.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ae63c584e46330bfe0e3e5915344fb37d490c33024ca077b769855f472a63a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 25 Dec 2023 17:19:47 GMT
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
referrer-policy: strict-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-azure-ref: 20231225T171947Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002rwr
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 sxq0ukn.css
use.typekit.net/ 3 KB
944 B 274ms
115ms Stylesheet
text/css 2600:1408:c400:29::17da:da44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/sxq0ukn.css

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

b3d5a5578799af41b338a200e4b76f0c6cd047c919948bc32c7c4b5ae2b9f5b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Mon, 25 Dec 2023 17:19:48 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 722

GET
H2 200 if.23-12-11T20-35-28.css
fd.if.co.nz/Content/css/ 340 KB
73 KB 839ms
838ms Stylesheet
text/css 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.if.co.nz/Content/css/if.23-12-11T20-35-28.css

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e2b6056b23929f272e2e098c23a80f3e601fbfb904d1335a8fb12e2cb5050575

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 11 Dec 2023 07:35:28 GMT
referrer-policy: strict-origin
etag: "1da2c049c9baed2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-azure-ref: 20231225T171947Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002rx0
x-cache: CONFIG_NOCACHE
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
x-xss-protection: 1; mode=block

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 27 KB
8 KB 120ms
48ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=739937&u=https%3A%2F%2Ffd.if.co.nz%2F&vn=2
Requested by: Host: fd.if.co.nz
URL: https://fd.if.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gsc2 /
Resource Hash: 0981b75093a4751d0c2221c43904ee84d6d20e4a25c36ea061890d1c6239f850

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:48 GMT
content-encoding: gzip
via: 1.1 google
server: gsc2
etag: W/"1703206213_EA"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 polyfill.min.js Show response
fd.if.co.nz/App_Plugins/UmbracoForms/Assets/promise-polyfill/dist/ 4 KB
2 KB 841ms
840ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.if.co.nz/App_Plugins/UmbracoForms/Assets/promise-polyfill/dist/polyfill.min.js

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e96f2b2cde976e741236c5358aafbc25b3527eeb73431521da778414fabdc2d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 11 Apr 2023 17:20:58 GMT
referrer-policy: strict-origin
etag: "1d96c99faf07626"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-azure-ref: 20231225T171947Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002rx1
x-cache: CONFIG_NOCACHE
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
x-xss-protection: 1; mode=block

GET
H2 200 aspnet-validation.min.js Show response
fd.if.co.nz/App_Plugins/UmbracoForms/Assets/aspnet-client-validation/dist/ 13 KB
6 KB 848ms
847ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.if.co.nz/App_Plugins/UmbracoForms/Assets/aspnet-client-validation/dist/aspnet-validation.min.js

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8735924912e8621afb450b705b6c645e1b2630b720ceaba2f8d6bb74b57e43ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 11 Apr 2023 17:21:00 GMT
referrer-policy: strict-origin
etag: "1d96c99fc219329"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-azure-ref: 20231225T171947Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002rx2
x-cache: CONFIG_NOCACHE
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
x-xss-protection: 1; mode=block

GET
H2 200 if_logo_w.svg
fd.if.co.nz/media/1227/ 60 KB
60 KB 850ms
849ms Image
image/svg+xml 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fd.if.co.nz/media/1227/if_logo_w.svg

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

62da310492340d4a48ce978270353832added78ea81b6a1862d69f39a3cec4a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Sat, 02 Sep 2023 19:12:50 GMT
etag: "1d9ddd177168b27"
x-frame-options: SAMEORIGIN
x-azure-ref: 20231225T171947Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002rx3
content-type: image/svg+xml
x-cache: CONFIG_NOCACHE
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
accept-ranges: bytes
content-length: 60967
x-xss-protection: 1; mode=block

GET
H2 200 final-logos_if_btn_lng_t_if_btn_lng.png
fd.if.co.nz/media/1281/ 601 KB
603 KB 874ms
873ms Image
image/webp 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fd.if.co.nz/media/1281/final-logos_if_btn_lng_t_if_btn_lng.png?format=webp

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

420872c93dc6440530bba136272900520dc45fc6e2032559ebe48f856aee8628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Sat, 02 Sep 2023 21:58:46 GMT
etag: "1d9dde8a55a0a62"
x-frame-options: SAMEORIGIN
x-azure-ref: 20231225T171947Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002rx4
content-type: image/webp
x-cache: CONFIG_NOCACHE
cache-control: public, must-revalidate, max-age=604800
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
accept-ranges: bytes
content-length: 615778
x-xss-protection: 1; mode=block

GET
H2 200 wave-desktop.svg
fd.if.co.nz/Content/images/interface/ 2 KB
3 KB 233ms
227ms Image
image/svg+xml 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fd.if.co.nz/Content/images/interface/wave-desktop.svg

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

584c4b733924cf596c2bd739e1e7cadba7268aa869e72f2f2652ea6601f49600

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Mon, 11 Dec 2023 07:33:06 GMT
etag: "1da2c0447fb6d50"
x-frame-options: SAMEORIGIN
x-azure-ref: 20231225T171949Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002ryb
content-type: image/svg+xml
x-cache: CONFIG_NOCACHE
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
accept-ranges: bytes
content-length: 2128
x-xss-protection: 1; mode=block

GET
H2 200 wave-mobile.svg
fd.if.co.nz/Content/images/interface/ 461 B
1 KB 230ms
225ms Image
image/svg+xml 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fd.if.co.nz/Content/images/interface/wave-mobile.svg

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b05cd0e05fcf4685ff941d59d013574b25e8c253f823631bc0d5c81c1661d649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Mon, 11 Dec 2023 07:33:06 GMT
etag: "1da2c0447fb64cd"
x-frame-options: SAMEORIGIN
x-azure-ref: 20231225T171949Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002ryc
content-type: image/svg+xml
x-cache: CONFIG_NOCACHE
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
accept-ranges: bytes
content-length: 461
x-xss-protection: 1; mode=block

GET
H2 200 ifn0107-homepage-if-390x650_x2-2.png
fd.if.co.nz/media/1258/ 133 KB
133 KB 245ms
240ms Image
image/png 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fd.if.co.nz/media/1258/ifn0107-homepage-if-390x650_x2-2.png

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

13d2d8da6cbb8ac9aef2f3ab57a9f993fd95674144d6e7bcba209bb4aeab12a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Sat, 02 Sep 2023 19:12:23 GMT
etag: "1d9ddd166fc97b9"
x-frame-options: SAMEORIGIN
x-azure-ref: 20231225T171949Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002ryd
content-type: image/png
x-cache: CONFIG_NOCACHE
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
accept-ranges: bytes
content-length: 135737
x-xss-protection: 1; mode=block

GET
H3 200 va_gq-b6e6bf17e21eb033180063d085aca468.js Show response
dev.visualwebsiteoptimizer.com/edrv/ 217 KB
58 KB 89ms
50ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-b6e6bf17e21eb033180063d085aca468.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=739937&u=https%3A%2F%2Ffd.if.co.nz%2F&vn=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gsc2 /
Resource Hash: a1cd0d3fa24e9eee450eb7ffea3bf5351fd0e6e0cc69929cc5720265880cc387

Request headers

Referer: https://fd.if.co.nz/
Origin: https://fd.if.co.nz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:48 GMT
content-encoding: br
via: 1.1 google
last-modified: Sat, 23 Dec 2023 08:04:30 GMT
server: gsc2
etag: "6586948e-e60a"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58890

GET
H3 200 nc-b6e6bf17e21eb033180063d085aca468.js Show response
dev.visualwebsiteoptimizer.com/edrv/ 8 KB
3 KB 87ms
49ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/edrv/nc-b6e6bf17e21eb033180063d085aca468.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=739937&u=https%3A%2F%2Ffd.if.co.nz%2F&vn=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gsc2 /
Resource Hash: 29a5d77c58c366a13e803b209394c63e4041fc35c6ef1ae4a0c4023703167bb7

Request headers

Referer: https://fd.if.co.nz/
Origin: https://fd.if.co.nz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:48 GMT
content-encoding: br
via: 1.1 google
last-modified: Sat, 23 Dec 2023 08:04:30 GMT
server: gsc2
etag: "6586948e-ad0"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2768

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
51 B 60ms
57ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=739937&d=fd.if.co.nz&u=D922C53EA39422E2EB65685C5B65DB0B5&h=0320b594cce15ea846de1caf8b466b4b&t=false

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:48 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=43200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
BLOB 200
OK 9fafcd9a-828d-488a-ba43-ca50b3489769
https://fd.if.co.nz/ 362 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://fd.if.co.nz/9fafcd9a-828d-488a-ba43-ca50b3489769
Requested by: Host: fd.if.co.nz
URL: https://fd.if.co.nz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 221a508f0feac12e9d65d7a9c8be9f7ec936f7b554da0361671c74cf295fd2c5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 362
Content-Type: application/javascript

GET
H2 200 embed.js Show response
staticcdn.co.nz/embed/ 2 KB
1 KB 164ms
47ms Script
application/javascript 18.160.46.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://staticcdn.co.nz/embed/embed.js
Requested by: Host: fd.if.co.nz
URL: https://fd.if.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.46.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-46-2.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6a8996a4866b94877454218ae2202c8d1ac982a1a7d4870b07820d1b88fd576a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: UvKtLz1Ru5co14LjB0yKpSM3h39LwFYm
content-encoding: gzip
via: 1.1 6d06c1cebf839017775983f86078f53a.cloudfront.net (CloudFront)
date: Mon, 25 Dec 2023 11:02:26 GMT
last-modified: Tue, 06 Jun 2023 21:35:08 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P2
age: 22644
x-amz-server-side-encryption: AES256
etag: W/"a1c190aa2496322a03d0e1a782b5f5f5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: 604800
x-amz-cf-id: 5iaOV0ku_0P9eh3esjlyH4vI-mLJvbPFADay9tksg_6w-3h2FmqCOw==

GET
H2 200 all.bundle.23-12-11T20-35-28.js Show response
fd.if.co.nz/content/scripts/dist/ 333 KB
139 KB 840ms
835ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.if.co.nz/content/scripts/dist/all.bundle.23-12-11T20-35-28.js

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e1e70d2744a15f31b83ea9180ee772648dc1902ccac213c1226add4e86fd0d3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 11 Dec 2023 07:35:28 GMT
referrer-policy: strict-origin
etag: "1da2c049c9bd3db"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-azure-ref: 20231225T171949Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002rye
x-cache: CONFIG_NOCACHE
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
x-xss-protection: 1; mode=block

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 200ms
56ms Stylesheet
text/css 2600:1408:c400:29::17da:da4f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=sxq0ukn&ht=tk&f=37363.37364.37369.37370&a=581788&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/sxq0ukn.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:29::17da:da4f Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:48 GMT
last-modified: Fri, 14 Jul 2023 12:44:31 GMT
server: nginx
etag: "64b1432f-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H3 200 s.gif
dev.visualwebsiteoptimizer.com/ 35 B
53 B 57ms
54ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/s.gif?account_id=739937&u=D922C53EA39422E2EB65685C5B65DB0B5&s=1703524788&ed=%7B%22sr%22%3A%221600x1200%22%2C%22sc%22%3A24%2C%22de%22%3A%22UTF-8%22%2C%22ul%22%3A%22en-us%22%2C%22r%22%3A%22%22%2C%22lt%22%3A1703524788268%2C%22tO%22%3A10%2C%22tz%22%3A%22Pacific%2FHonolulu%22%7D&cu=https%3A%2F%2Ffd.if.co.nz%2F&r=0&p=1&cq=0&vn=undefined&vns=undefined&vno=undefined&eTime=1703524788283&v=9ea1a0228

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:19:48 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 7 KB
3 KB 49ms
46ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=739937&settings_type=1&vn=&eventArch=1&uuid=&ec=557419&exc=7|10
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-b6e6bf17e21eb033180063d085aca468.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gsc2 /
Resource Hash: a015caf241ecbc79a7045deed7a496a1205e503c263fabd1572e6c95d68efe9c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:49 GMT
content-encoding: gzip
via: 1.1 google
server: gsc2
etag: W/"1703206213_EA"
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 285 KB
97 KB 176ms
70ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MSN6C3N

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

08286369285903ae7152ea5d68d6adf119171b8752937a4519b248fe4fb7f630

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98449
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Dec 2023 17:19:49 GMT

GET
H2 200 refer-a-friend.jpg
fd.if.co.nz/media/1206/ 63 KB
64 KB 249ms
244ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fd.if.co.nz/media/1206/refer-a-friend.jpg?rxy=0.70833333333333337,0.52888888888888885&width=440&height=440&rnd=133020289744570000

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

04c71e9d41edc7c77cd4301c53f9b080ef69dc4db835e724a1600b8c7dc95592

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Sat, 02 Sep 2023 21:58:44 GMT
etag: "1d9dde8a422bf5f"
x-frame-options: SAMEORIGIN
x-azure-ref: 20231225T171949Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002ryf
content-type: image/jpeg
x-cache: CONFIG_NOCACHE
cache-control: public, max-age=604800, immutable
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
accept-ranges: bytes
content-length: 64863
x-xss-protection: 1; mode=block

GET
H2 200 if_uspbanner.jpeg
fd.if.co.nz/media/1537/ 500 KB
501 KB 850ms
846ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fd.if.co.nz/media/1537/if_uspbanner.jpeg

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

720926a58a0091c5684da2ca7e606012de8903125c74632a75fba2b1aa11b9df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Sat, 02 Sep 2023 19:12:47 GMT
etag: "1d9ddd1754b6e89"
x-frame-options: SAMEORIGIN
x-azure-ref: 20231225T171949Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002ryg
content-type: image/jpeg
x-cache: CONFIG_NOCACHE
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
accept-ranges: bytes
content-length: 511753
x-xss-protection: 1; mode=block

GET
H2 200 if-teal-square.png
fd.if.co.nz/media/1282/ 15 KB
15 KB 861ms
858ms Image
image/png 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fd.if.co.nz/media/1282/if-teal-square.png

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1a168f03ce61d791b9cc9df7bb9b036c504ade3256c144939ea0b70649fe385a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Sat, 02 Sep 2023 19:12:49 GMT
etag: "1d9ddd1767df426"
x-frame-options: SAMEORIGIN
x-azure-ref: 20231225T171949Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002rym
content-type: image/png
x-cache: CONFIG_NOCACHE
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
accept-ranges: bytes
content-length: 15014
x-xss-protection: 1; mode=block

GET
H2 200 logo-shielded.png
fd.if.co.nz/content/images/interface/logo/ 5 KB
6 KB 836ms
834ms Image
image/png 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fd.if.co.nz/content/images/interface/logo/logo-shielded.png?v=20231111352168

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/Content/css/if.23-12-11T20-35-28.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4589441ac97df1033c946f3403b0199cfb05e8ba3e406e21013d1af6965dd06a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Mon, 11 Dec 2023 07:33:06 GMT
etag: "1da2c0447fb7038"
x-frame-options: SAMEORIGIN
x-azure-ref: 20231225T171949Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002ryn
content-type: image/png
x-cache: CONFIG_NOCACHE
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
accept-ranges: bytes
content-length: 5432
x-xss-protection: 1; mode=block

GET
H2 200 l
use.typekit.net/af/bb8cda/00000000000000003b9b12cc/27/ 16 KB
17 KB 170ms
59ms Font
application/font-woff2 2600:1408:c400:29::17da:da44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/bb8cda/00000000000000003b9b12cc/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/sxq0ukn.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d74aef1674d9906e8d90fd44c7af7be15633379011906f363ee1825fc42ac10c

Request headers

Referer: https://use.typekit.net/sxq0ukn.css
Origin: https://fd.if.co.nz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:49 GMT
server: nginx
etag: "a80fad643c1a368d2ef5a93887f1f75cdb4ba53c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16736

GET
H2 200 font-icons.woff2
fd.if.co.nz/Content/fonts/font-icons/base/fonts/ 20 KB
20 KB 856ms
855ms Font
font/woff2 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.if.co.nz/Content/fonts/font-icons/base/fonts/font-icons.woff2?o6ebwd?v=20231111352168

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/Content/css/if.23-12-11T20-35-28.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ee9610e5f1bce564dd41391b637f078a3482838e05df579873bcb80ae1bf43ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fd.if.co.nz/
Origin: https://fd.if.co.nz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Mon, 11 Dec 2023 07:33:06 GMT
etag: "1da2c0447fb2be4"
x-frame-options: SAMEORIGIN
x-azure-ref: 20231225T171949Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002ryh
content-type: font/woff2
x-cache: CONFIG_NOCACHE
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
accept-ranges: bytes
content-length: 20196
x-xss-protection: 1; mode=block

GET
H2 200 l
use.typekit.net/af/ba29c5/00000000000000003b9b12c5/27/ 16 KB
16 KB 166ms
54ms Font
application/font-woff2 2600:1408:c400:29::17da:da44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ba29c5/00000000000000003b9b12c5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/sxq0ukn.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e2a10f0f3c6da9927d3cf98ce056c68d79ffab5e619940f078b481819f259723

Request headers

Referer: https://use.typekit.net/sxq0ukn.css
Origin: https://fd.if.co.nz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:49 GMT
server: nginx
etag: "c4daa5af2776f00e8c6683e716caa8540965c193"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16556

GET
H2 200 cocogoose.woff2
fd.if.co.nz/Content/fonts/cocogoose/ 54 KB
54 KB 838ms
837ms Font
font/woff2 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.if.co.nz/Content/fonts/cocogoose/cocogoose.woff2?v=SvQ1gamY

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/Content/css/if.23-12-11T20-35-28.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fb73c191adda694a2c81ed342ddd05364fb009a7b39b5d4ca1b1d36d79cb5dcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fd.if.co.nz/
Origin: https://fd.if.co.nz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Mon, 11 Dec 2023 07:33:06 GMT
etag: "1da2c0447fbb222"
x-frame-options: SAMEORIGIN
x-azure-ref: 20231225T171949Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002ryk
content-type: font/woff2
x-cache: CONFIG_NOCACHE
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
accept-ranges: bytes
content-length: 55074
x-xss-protection: 1; mode=block

GET
H2 200 ifn0193-website-banner-%C3%B4%C3%A7%C3%B4-cash-loan.jpg
fd.if.co.nz/media/1460/ 81 KB
82 KB 875ms
871ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fd.if.co.nz/media/1460/ifn0193-website-banner-%C3%B4%C3%A7%C3%B4-cash-loan.jpg?rxy=0.49666666666666665,0.041666666666666664&width=1600&height=900&rnd=133198221838770000

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

bf67927350d15d723af79e602df5b9b4da69f3545de6a3a2b7df66801582323b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Sun, 03 Sep 2023 09:05:06 GMT
etag: "1d9de45bb420956"
x-frame-options: SAMEORIGIN
x-azure-ref: 20231225T171949Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002ryp
content-type: image/jpeg
x-cache: CONFIG_NOCACHE
cache-control: public, max-age=604800, immutable
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
accept-ranges: bytes
content-length: 83030
x-xss-protection: 1; mode=block

GET
H2 200 ifn0193-website-banner-%C3%B4%C3%A7%C3%B4-car-loan.jpg
fd.if.co.nz/media/1459/ 101 KB
102 KB 851ms
848ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fd.if.co.nz/media/1459/ifn0193-website-banner-%C3%B4%C3%A7%C3%B4-car-loan.jpg?rxy=0.50666666666666671,0.041666666666666664&width=1600&height=900&rnd=133198219146430000

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

62d2528b16212f611e99c81867788d14f8ed10f561944fd5279326ffeface6f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Sun, 03 Sep 2023 09:05:06 GMT
etag: "1d9de45bb42d8d4"
x-frame-options: SAMEORIGIN
x-azure-ref: 20231225T171949Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002ryq
content-type: image/jpeg
x-cache: CONFIG_NOCACHE
cache-control: public, max-age=604800, immutable
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
accept-ranges: bytes
content-length: 103892
x-xss-protection: 1; mode=block

GET
H2 200 ifn0193-website-banner-%C3%B4%C3%A7%C3%B4-travel-loan.jpg
fd.if.co.nz/media/1468/ 175 KB
176 KB 859ms
855ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fd.if.co.nz/media/1468/ifn0193-website-banner-%C3%B4%C3%A7%C3%B4-travel-loan.jpg?cc=0.42714488636363634,0,0.17285511363636363,0&width=1600&height=1600&rnd=133198221449230000

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2ff7084dbfeadc2eb87d6b9e9b93621470674fe71d33ce10330b6e78855080d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Sun, 03 Sep 2023 09:05:06 GMT
etag: "1d9de45bb41f029"
x-frame-options: SAMEORIGIN
x-azure-ref: 20231225T171949Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002ryr
content-type: image/jpeg
x-cache: CONFIG_NOCACHE
cache-control: public, max-age=604800, immutable
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
accept-ranges: bytes
content-length: 179497
x-xss-protection: 1; mode=block

GET
H2 200 ifn0193-website-banner-%C3%B4%C3%A7%C3%B4-for-your-home.jpg
fd.if.co.nz/media/1462/ 118 KB
119 KB 874ms
871ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fd.if.co.nz/media/1462/ifn0193-website-banner-%C3%B4%C3%A7%C3%B4-for-your-home.jpg?cc=0.34545454545454546,0,0.25454545454545452,0&width=1600&height=1600&rnd=133198221071500000

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cfb649ba3fce05d7a7ce6d5562e5631e4ad156bf97a78d29101fab231b829e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Sun, 03 Sep 2023 09:05:06 GMT
etag: "1d9de45bb429460"
x-frame-options: SAMEORIGIN
x-azure-ref: 20231225T171949Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002rys
content-type: image/jpeg
x-cache: CONFIG_NOCACHE
cache-control: public, max-age=604800, immutable
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
accept-ranges: bytes
content-length: 121184
x-xss-protection: 1; mode=block

GET
H2 200 ifn0193-website-banner-%C3%B4%C3%A7%C3%B4-life-event.jpg
fd.if.co.nz/media/1465/ 128 KB
129 KB 876ms
873ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fd.if.co.nz/media/1465/ifn0193-website-banner-%C3%B4%C3%A7%C3%B4-life-event.jpg?cc=0.42181818181818181,0,0.17818181818181819,0&width=1600&height=1600&rnd=133198225070130000

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

302a8f55faaf78f5194dbe12fa65ffab0cc8d3a41489b7803396cb7d70b4991f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Sun, 03 Sep 2023 09:05:06 GMT
etag: "1d9de45bb42b3c8"
x-frame-options: SAMEORIGIN
x-azure-ref: 20231225T171949Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002ryt
content-type: image/jpeg
x-cache: CONFIG_NOCACHE
cache-control: public, max-age=604800, immutable
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
accept-ranges: bytes
content-length: 130760
x-xss-protection: 1; mode=block

GET
H2 200 ifn0193-website-banner-%C3%B4%C3%A7%C3%B4-debt-consolidation.jpg
fd.if.co.nz/media/1461/ 190 KB
191 KB 881ms
879ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fd.if.co.nz/media/1461/ifn0193-website-banner-%C3%B4%C3%A7%C3%B4-debt-consolidation.jpg?cc=0.37454545454545457,0,0.22545454545454546,0&width=1600&height=1600&rnd=133198218413230000

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b281a23e7cf8ba9ad589f98c64f38e9a5bd9fe8c87ff4b1c11b9717b8caf92a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Sun, 03 Sep 2023 09:05:06 GMT
etag: "1d9de45bb41b5ca"
x-frame-options: SAMEORIGIN
x-azure-ref: 20231225T171949Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002ryu
content-type: image/jpeg
x-cache: CONFIG_NOCACHE
cache-control: public, max-age=604800, immutable
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
accept-ranges: bytes
content-length: 194762
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
88 KB 66ms
65ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L2WR3C13ZV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSN6C3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

275b04c2476c05e67744d8c10a03f036dba0e0ba58cfe3d3937c92867abce312

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90018
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Dec 2023 17:19:49 GMT

GET
H2 200 hotjar-1720880.js Show response
static.hotjar.com/c/ 9 KB
4 KB 339ms
138ms Script
application/javascript 108.138.106.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1720880.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSN6C3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-49.jfk50.r.cloudfront.net

Software

Resource Hash

15a7d5fdbb389529a5de0cc27fa6c1f4eb41d3d8958e4ee620921acff9f9c886

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 25 Dec 2023 17:19:49 GMT
via: 1.1 410372c9ac35ccad4a4fd5dbf80c9f38.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
etag: W/37e37f28875c5c262e48b29412a5fe4d
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: QmLbERMjEJpBs_vuKynnoK09KBkroaxvq2cLxOQTcIod6KhJ3uscTA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 247ms
56ms Script
text/javascript 2607:f8b0:4004:c08::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSN6C3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 25 Dec 2023 16:01:06 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4723
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 25 Dec 2023 18:01:06 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/807070401/ 2 KB
2 KB 261ms
63ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/807070401/?random=1703524789512&cv=11&fst=1703524789512&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v830696467&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffd.if.co.nz%2F&hn=www.googleadservices.com&frm=0&tiba=Quick%20Personal%20Loan%20NZ%20%7C%20Easy%20Application%20%7C%20Instant%20Finance&auid=1376819265.1703524790&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSN6C3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb1ed692430bca4896045983c987ca2efd4bd59013d23f15def183105939db7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:19:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1266
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CJXj26-Mq4MDFWkGTwgd-W4MHQ;src=10871575;type=remar0;cat=remar0;ord=3836042688406;auiddc=1376819265.1703524790;gtm=45He3bt0v830696467;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;ua... Show response
10871575.fls.doubleclick.net/ Frame 5CF5
Redirect Chain

https://10871575.fls.doubleclick.net/activityi;src=10871575;type=remar0;cat=remar0;ord=3836042688406;auiddc=1376819265.1703524790;gtm=45He3bt0v830696467;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0...
https://10871575.fls.doubleclick.net/activityi;dc_pre=CJXj26-Mq4MDFWkGTwgd-W4MHQ;src=10871575;type=remar0;cat=remar0;ord=3836042688406;auiddc=1376819265.1703524790;gtm=45He3bt0v830696467;gcd=11l1l1...

475 B
616 B

109ms
108ms

Document
text/html

142.251.167.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10871575.fls.doubleclick.net/activityi;dc_pre=CJXj26-Mq4MDFWkGTwgd-W4MHQ;src=10871575;type=remar0;cat=remar0;ord=3836042688406;auiddc=1376819265.1703524790;gtm=45He3bt0v830696467;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ffd.if.co.nz%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSN6C3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f148.1e100.net

Software

cafe /

Resource Hash

c567a69c2bf2524f54fdcbedb1b9d1f209cc6b6e27175c67d8eb2b3a29d90803

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fd.if.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 278
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 17:19:49 GMT
expires: Mon, 25 Dec 2023 17:19:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 17:19:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10871575.fls.doubleclick.net/activityi;dc_pre=CJXj26-Mq4MDFWkGTwgd-W4MHQ;src=10871575;type=remar0;cat=remar0;ord=3836042688406;auiddc=1376819265.1703524790;gtm=45He3bt0v830696467;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ffd.if.co.nz%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 241ms
55ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 25 Dec 2023 17:19:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 4UJTJprQfOAy1gIsQYFfRbB7VNTj/zyfnr91HUabxsMqkCjDuTw7lK/Uq3JIulptguRKKa6Peb55MqdhWax7pw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
251 B 114ms
41ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-L2WR3C13ZV&gtm=45je3bt0v876241263z8830696467&_p=1703524789180&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=144478672.1703524790&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703524789&sct=1&seg=0&dl=https%3A%2F%2Ffd.if.co.nz%2F&dt=Quick%20Personal%20Loan%20NZ%20%7C%20Easy%20Application%20%7C%20Instant%20Finance&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2759
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L2WR3C13ZV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:19:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fd.if.co.nz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 170ms
61ms Ping
text/plain 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-L2WR3C13ZV&cid=144478672.1703524790&gtm=45je3bt0v876241263z8830696467&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L2WR3C13ZV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:19:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fd.if.co.nz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/807070401/ 42 B
455 B 167ms
63ms Image
image/gif 2607:f8b0:4004:c08::67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/807070401/?random=1703524789512&cv=11&fst=1703523600000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v830696467&u_w=1600&u_h=1200&url=https%3A%2F%2Ffd.if.co.nz%2F&frm=0&tiba=Quick%20Personal%20Loan%20NZ%20%7C%20Easy%20Application%20%7C%20Instant%20Finance&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_BdX1u4-mZNVSob93XhUunZQHNjP7tg&random=56953321&rmt_tld=0&ipr=y

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::67 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:19:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
206 B 59ms
58ms XHR
text/plain 2607:f8b0:4004:c08::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1015683857&t=pageview&_s=1&dl=https%3A%2F%2Ffd.if.co.nz%2F&ul=en-us&de=UTF-8&dt=Quick%20Personal%20Loan%20NZ%20%7C%20Easy%20Application%20%7C%20Instant%20Finance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=467981743&gjid=1771694749&cid=144478672.1703524790&tid=UA-5254540-1&_gid=2127640644.1703524790&_r=1&_slc=1&gtm=45He3bt0n81MSN6C3Nv830696467&gcd=11l1l1l1l1&dma=0&z=664495278

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fd.if.co.nz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:19:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fd.if.co.nz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.618aa075c4d9b6424e07.js Show response
script.hotjar.com/ 220 KB
55 KB 174ms
62ms Script
application/javascript 18.164.96.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.618aa075c4d9b6424e07.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1720880.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-46.jfk50.r.cloudfront.net

Software

Resource Hash

4fdfd40dc4640506829319a81fd61b379e2b70a0cdedddbc1218508085ceb888

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 10:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 f8b0654d6e6bbf12f54a635de5db7ee4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 371383
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55689
last-modified: Thu, 21 Dec 2023 10:09:33 GMT
etag: "6ed2c6300d63320c76677ced187741fc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 1mWFHbeuPh1kVwGkbcOcL-20L-UcAqRmmao9odfQjJxI8c-idhMWYA==

GET
H2 200 307521939778034 Show response
connect.facebook.net/signals/config/ 118 KB
31 KB 121ms
120ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/307521939778034?v=2.9.138&r=stable&domain=fd.if.co.nz

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8650ac3bcec625a96e8e88f5c40cecea564dbbaa7e3acf5fd5712acd35d5119d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 25 Dec 2023 17:19:50 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: hgXcE3vm+Xo3sBLV2Aur4GW4jMa8JqKG6fT+TXU5GOg+w03enBHp78amUIDzL+i0MAMRuOI8SwgojL6ygJZ7GQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
149 B 59ms
59ms XHR
text/plain 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-5254540-1&cid=144478672.1703524790&jid=467981743&gjid=1771694749&_gid=2127640644.1703524790&_u=YADAAEAAAAAAACAAI~&z=629771440

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fd.if.co.nz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 25 Dec 2023 17:19:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fd.if.co.nz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 62ms
62ms Image
image/gif 2607:f8b0:4004:c08::67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-5254540-1&cid=144478672.1703524790&jid=467981743&_u=YADAAEAAAAAAACAAI~&z=1649033308

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::67 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:19:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CJXj26-Mq4MDFWkGTwgd-W4MHQ;src=10871575;type=remar0;cat=remar0;ord=3836042688406;auiddc=*;gtm=45He3bt0v830696467;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~o...
adservice.google.com/ddm/fls/z/ Frame 5CF5 42 B
401 B 183ms
78ms Image
image/gif 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJXj26-Mq4MDFWkGTwgd-W4MHQ;src=10871575;type=remar0;cat=remar0;ord=3836042688406;auiddc=*;gtm=45He3bt0v830696467;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ffd.if.co.nz%2F

Requested by

Host: 10871575.fls.doubleclick.net
URL: https://10871575.fls.doubleclick.net/activityi;dc_pre=CJXj26-Mq4MDFWkGTwgd-W4MHQ;src=10871575;type=remar0;cat=remar0;ord=3836042688406;auiddc=1376819265.1703524790;gtm=45He3bt0v830696467;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ffd.if.co.nz%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://10871575.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 17:19:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 164ms
54ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=307521939778034&ev=PageView&dl=https%3A%2F%2Ffd.if.co.nz&rl=&if=false&ts=1703524790055&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.2.1703524790052.90849618&pm=1&hrl=804b23&ler=empty&it=1703524789905&coo=false&cs_cc=1&cas=3083729748351322%2C2756156994511156%2C2073270446134089&rqm=GET

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 25 Dec 2023 17:19:50 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 gettyimages-1392974754.jpg
fd.if.co.nz/media/1395/ 779 KB
780 KB 261ms
261ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fd.if.co.nz/media/1395/gettyimages-1392974754.jpg?width=1920&height=768&rnd=133020288932200000

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6165d5fefeba89eb23554b5985aea7fc427cd8ecf8f39deb0e015679926298cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Sat, 02 Sep 2023 21:58:44 GMT
etag: "1d9dde8a42e6880"
x-frame-options: SAMEORIGIN
x-azure-ref: 20231225T171950Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002rzt
content-type: image/jpeg
x-cache: CONFIG_NOCACHE
cache-control: public, max-age=604800, immutable
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
accept-ranges: bytes
content-length: 797312
x-xss-protection: 1; mode=block

GET
H2 200 695.chunk-515315.js Show response
fd.if.co.nz/Content/scripts/dist/ 181 KB
80 KB 277ms
276ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.if.co.nz/Content/scripts/dist/695.chunk-515315.js

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/content/scripts/dist/all.bundle.23-12-11T20-35-28.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f01aa1c94013e482c77576faeed5d45847b3284c5f1572553e6b116a73957c08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 11 Dec 2023 07:35:28 GMT
referrer-policy: strict-origin
etag: "1da2c049c9c32c0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-azure-ref: 20231225T171950Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002rzu
x-cache: CONFIG_NOCACHE
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
x-xss-protection: 1; mode=block

GET
H2 200 270.chunk-515315.js Show response
fd.if.co.nz/Content/scripts/dist/ 38 KB
11 KB 279ms
278ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.if.co.nz/Content/scripts/dist/270.chunk-515315.js

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/content/scripts/dist/all.bundle.23-12-11T20-35-28.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2ec43ad36f501072bd3cdeb7a41c17620339a40f0dea1e204986507c24947a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 11 Dec 2023 07:35:28 GMT
referrer-policy: strict-origin
etag: "1da2c049c9e771e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-azure-ref: 20231225T171950Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002rzv
x-cache: CONFIG_NOCACHE
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
x-xss-protection: 1; mode=block

GET
H2 200 LoanCalc.chunk-515315.js Show response
fd.if.co.nz/Content/scripts/dist/ 4 KB
3 KB 277ms
276ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.if.co.nz/Content/scripts/dist/LoanCalc.chunk-515315.js

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/content/scripts/dist/all.bundle.23-12-11T20-35-28.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7235cc632f8ead43582c349ddf88ec3a8a9e4ce20c544a799ce7dee0e1b3ff12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 11 Dec 2023 07:35:28 GMT
referrer-policy: strict-origin
etag: "1da2c049c9ef17a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-azure-ref: 20231225T171950Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002rzw
x-cache: CONFIG_NOCACHE
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
x-xss-protection: 1; mode=block

GET
H2 200 config Show response
fd.if.co.nz/api/loan-calculator/ 1 KB
1 KB 240ms
239ms Fetch
application/json 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.if.co.nz/api/loan-calculator/config

Requested by

Host: fd.if.co.nz
URL: https://fd.if.co.nz/Content/scripts/dist/LoanCalc.chunk-515315.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8a2685496093524aa00b3b787c36cbdd45616d24c403a986b05adb4c3a49c7ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd.if.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:19:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-azure-ref: 20231225T171951Z-g3xzcax93x69x8qgw8g4enq6tw00000000q0000000002rzz
x-cache: CONFIG_NOCACHE
permissions-policy: fullscreen=(self "https://*.youtube.com"), geolocation=(self)
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fd.if.co.nz/	1970-01-21 01:59:07	Name: _vwo_uuid_v2 Value: D922C53EA39422E2EB65685C5B65DB0B5\|0320b594cce15ea846de1caf8b466b4b
.if.co.nz/	1970-01-21 02:48:04	Name: _vwo_uuid Value: D922C53EA39422E2EB65685C5B65DB0B5
.if.co.nz/	1970-01-20 19:21:40	Name: _vwo_ds Value: 3%241703524788%3A49.92281705%3A%3A
.if.co.nz/	1970-01-20 17:12:06	Name: _vwo_sn Value: 0%3A1%3A%3A%3A1
.if.co.nz/	1970-01-20 19:36:04	Name: _vis_opt_s Value: 1%7C
.if.co.nz/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.if.co.nz/	1970-01-20 19:21:40	Name: _gcl_au Value: 1.1.1376819265.1703524790
.if.co.nz/	1970-01-21 02:48:04	Name: _ga_L2WR3C13ZV Value: GS1.1.1703524789.1.0.1703524789.60.0.0
.if.co.nz/	1970-01-21 02:48:04	Name: _ga Value: GA1.3.144478672.1703524790
.if.co.nz/	1970-01-20 17:13:31	Name: _gid Value: GA1.3.2127640644.1703524790
.if.co.nz/	1970-01-20 17:12:04	Name: _gat_UA-5254540-1 Value: 1
.doubleclick.net/	1970-01-21 02:48:04	Name: IDE Value: AHWqTUmeh6gsOxFC3WTchIXolW_nRymMyyZsUwaoz4sp01TSyHmEWiFdNIFP7wusq1A
.if.co.nz/	1970-01-20 19:21:40	Name: _fbp Value: fb.2.1703524790052.90849618
.if.co.nz/	1970-01-20 17:12:06	Name: _hjFirstSeen Value: 1
.if.co.nz/	1970-01-20 17:12:06	Name: _hjIncludedInSessionSample_1720880 Value: 1
.if.co.nz/	1970-01-20 17:12:06	Name: _hjSession_1720880 Value: eyJpZCI6IjAxMzUxYTU1LTUzNzktNDNhMy1hNzZiLTA1YTE4Y2Q1NWNjZSIsImMiOjE3MDM1MjQ3OTA2OTUsInMiOjEsInIiOjAsInNiIjoxfQ==
.if.co.nz/	1970-01-21 01:57:40	Name: _hjSessionUser_1720880 Value: eyJpZCI6IjNkZjA0YTE0LTE5MGItNWIzYS05ZDYzLTNiMWMyZDZmOTFhMyIsImNyZWF0ZWQiOjE3MDM1MjQ3OTA2OTMsImV4aXN0aW5nIjp0cnVlfQ==
.if.co.nz/	1970-01-20 17:12:06	Name: _hjAbsoluteSessionInProgress Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://fd.if.co.nz/(Line 43) Message: <link rel=preload> has an unsupported `type` value

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10871575.fls.doubleclick.net
adservice.google.com
analytics.google.com
connect.facebook.net
dev.visualwebsiteoptimizer.com
fd.if.co.nz
googleads.g.doubleclick.net
p.typekit.net
script.hotjar.com
static.hotjar.com
staticcdn.co.nz
stats.g.doubleclick.net
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
108.138.106.49
142.251.167.148
18.160.46.2
18.164.96.46
2001:4860:4802:36::181
2600:1408:c400:29::17da:da44
2600:1408:c400:29::17da:da4f
2607:f8b0:4004:c06::9b
2607:f8b0:4004:c08::67
2607:f8b0:4004:c08::8a
2607:f8b0:4004:c08::9c
2607:f8b0:4004:c09::61
2607:f8b0:4004:c1d::9d
2620:1ec:bdf::40
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
34.96.102.137
04c71e9d41edc7c77cd4301c53f9b080ef69dc4db835e724a1600b8c7dc95592
08286369285903ae7152ea5d68d6adf119171b8752937a4519b248fe4fb7f630
0981b75093a4751d0c2221c43904ee84d6d20e4a25c36ea061890d1c6239f850
13d2d8da6cbb8ac9aef2f3ab57a9f993fd95674144d6e7bcba209bb4aeab12a9
15a7d5fdbb389529a5de0cc27fa6c1f4eb41d3d8958e4ee620921acff9f9c886
1a168f03ce61d791b9cc9df7bb9b036c504ade3256c144939ea0b70649fe385a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
221a508f0feac12e9d65d7a9c8be9f7ec936f7b554da0361671c74cf295fd2c5
275b04c2476c05e67744d8c10a03f036dba0e0ba58cfe3d3937c92867abce312
29a5d77c58c366a13e803b209394c63e4041fc35c6ef1ae4a0c4023703167bb7
2ec43ad36f501072bd3cdeb7a41c17620339a40f0dea1e204986507c24947a2b
2ff7084dbfeadc2eb87d6b9e9b93621470674fe71d33ce10330b6e78855080d6
302a8f55faaf78f5194dbe12fa65ffab0cc8d3a41489b7803396cb7d70b4991f
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
420872c93dc6440530bba136272900520dc45fc6e2032559ebe48f856aee8628
4589441ac97df1033c946f3403b0199cfb05e8ba3e406e21013d1af6965dd06a
4fdfd40dc4640506829319a81fd61b379e2b70a0cdedddbc1218508085ceb888
584c4b733924cf596c2bd739e1e7cadba7268aa869e72f2f2652ea6601f49600
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6165d5fefeba89eb23554b5985aea7fc427cd8ecf8f39deb0e015679926298cf
62d2528b16212f611e99c81867788d14f8ed10f561944fd5279326ffeface6f8
62da310492340d4a48ce978270353832added78ea81b6a1862d69f39a3cec4a8
6a8996a4866b94877454218ae2202c8d1ac982a1a7d4870b07820d1b88fd576a
720926a58a0091c5684da2ca7e606012de8903125c74632a75fba2b1aa11b9df
7235cc632f8ead43582c349ddf88ec3a8a9e4ce20c544a799ce7dee0e1b3ff12
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8650ac3bcec625a96e8e88f5c40cecea564dbbaa7e3acf5fd5712acd35d5119d
8735924912e8621afb450b705b6c645e1b2630b720ceaba2f8d6bb74b57e43ba
8a2685496093524aa00b3b787c36cbdd45616d24c403a986b05adb4c3a49c7ac
a015caf241ecbc79a7045deed7a496a1205e503c263fabd1572e6c95d68efe9c
a1cd0d3fa24e9eee450eb7ffea3bf5351fd0e6e0cc69929cc5720265880cc387
ae63c584e46330bfe0e3e5915344fb37d490c33024ca077b769855f472a63a6a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b05cd0e05fcf4685ff941d59d013574b25e8c253f823631bc0d5c81c1661d649
b281a23e7cf8ba9ad589f98c64f38e9a5bd9fe8c87ff4b1c11b9717b8caf92a8
b3d5a5578799af41b338a200e4b76f0c6cd047c919948bc32c7c4b5ae2b9f5b1
bf67927350d15d723af79e602df5b9b4da69f3545de6a3a2b7df66801582323b
c567a69c2bf2524f54fdcbedb1b9d1f209cc6b6e27175c67d8eb2b3a29d90803
cfb649ba3fce05d7a7ce6d5562e5631e4ad156bf97a78d29101fab231b829e83
d74aef1674d9906e8d90fd44c7af7be15633379011906f363ee1825fc42ac10c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1e70d2744a15f31b83ea9180ee772648dc1902ccac213c1226add4e86fd0d3a
e2a10f0f3c6da9927d3cf98ce056c68d79ffab5e619940f078b481819f259723
e2b6056b23929f272e2e098c23a80f3e601fbfb904d1335a8fb12e2cb5050575
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96f2b2cde976e741236c5358aafbc25b3527eeb73431521da778414fabdc2d4
eb1ed692430bca4896045983c987ca2efd4bd59013d23f15def183105939db7b
ee9610e5f1bce564dd41391b637f078a3482838e05df579873bcb80ae1bf43ca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01aa1c94013e482c77576faeed5d45847b3284c5f1572553e6b116a73957c08
fb73c191adda694a2c81ed342ddd05364fb009a7b39b5d4ca1b1d36d79cb5dcf

fd.if.co.nz Open in urlscan Pro 2620:1ec:bdf::40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

98 %HTTPS

71 %IPv6

11 Domains

17 Subdomains

18 IPs

1 Countries

3839 kBTransfer

5480 kBSize

18 Cookies

6 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fd.if.co.nz Open in urlscan Pro
2620:1ec:bdf::40 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

98 %
HTTPS

71 %
IPv6

11
Domains

17
Subdomains

18
IPs

1
Countries

3839 kB
Transfer

5480 kB
Size

18
Cookies

56 HTTP transactions
0 data transactions