urlscan.io logo urlscan.io
SecurityTrails logo

www.ird.govt.nz Open in urlscan Pro
185.71.230.125  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://services.ird.govt.nz-portal.digiman.co.za/
Effective URL: https://www.ird.govt.nz/
Submission: On March 08 via manual from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 6 countries across 11 domains to perform 64 HTTP transactions. The main IP is 185.71.230.125, located in Auckland, New Zealand and belongs to REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ. The main domain is www.ird.govt.nz.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on March 10th 2020. Valid for: a year.
This is the only time www.ird.govt.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 41.185.8.146 36943 (ZA-1-Grid)
37 185.71.230.125 134433 (REDSHIELD...)
4 13.32.21.127 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 54.66.99.212 16509 (AMAZON-02)
1 104.17.209.240 13335 (CLOUDFLAR...)
64 12
1    41.185.8.146 (South Africa)

ASN36943 (ZA-1-Grid, ZA)
PTR: srv46.hostserv.co.za
services.ird.govt.nz-portal.digiman.co.za
37    185.71.230.125 (Auckland, New Zealand)

ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ)
www.ird.govt.nz
4    13.32.21.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-127.fra56.r.cloudfront.net
static.cloud.coveo.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
4    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
4    54.66.99.212 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-66-99-212.ap-southeast-2.compute.amazonaws.com
platform-au.cloud.coveo.com
1    104.17.209.240 (United States)

ASN13335 (CLOUDFLARENET, US)
zn2fvnsnu56qlnv3l-inlandrevenue.siteintercept.qualtrics.com
Domain Requested by
37 www.ird.govt.nz www.ird.govt.nz
6 use.typekit.net www.ird.govt.nz
4 platform-au.cloud.coveo.com static.cloud.coveo.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 static.cloud.coveo.com www.ird.govt.nz
static.cloud.coveo.com
3 www.googletagmanager.com www.ird.govt.nz
www.googletagmanager.com
1 zn2fvnsnu56qlnv3l-inlandrevenue.siteintercept.qualtrics.com www.ird.govt.nz
1 ssl.google-analytics.com www.ird.govt.nz
1 www.google.com www.ird.govt.nz
1 stats.g.doubleclick.net www.google-analytics.com
1 fonts.googleapis.com static.cloud.coveo.com
1 services.ird.govt.nz-portal.digiman.co.za 1 redirects
0 www.google.de Failed www.ird.govt.nz
64 13
Subject Issuer Validity Valid
myir.ird.govt.nz
DigiCert SHA2 Extended Validation Server CA		 2020-03-10 -
2021-05-05		 a year crt.sh
*.cloud.coveo.com
Go Daddy Secure Certificate Authority - G2		 2019-08-06 -
2021-08-06		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
use.typekit.net
DigiCert SHA2 Secure Server CA		 2020-01-28 -
2022-02-01		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.qualtrics.com
DigiCert SHA2 Secure Server CA		 2020-10-26 -
2021-11-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.ird.govt.nz/
Frame ID: F94AA7041862195F6378222F2A445E9D
Requests: 62 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://services.ird.govt.nz-portal.digiman.co.za/ HTTP 302
    https://www.ird.govt.nz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /lazy(?:\.browser)?(?:\.min)?\.js/i

Page Statistics

64
Requests

98 %
HTTPS

58 %
IPv6

11
Domains

13
Subdomains

12
IPs

6
Countries

5839 kB
Transfer

9111 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://services.ird.govt.nz-portal.digiman.co.za/ HTTP 302
    https://www.ird.govt.nz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.ird.govt.nz/
Redirect Chain
  • https://services.ird.govt.nz-portal.digiman.co.za/
  • https://www.ird.govt.nz/
91 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
7b29b50a7fabb77e9ab40f7d6e7f8a23e76c022528009f786f8692bf0d03bba2
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Host
www.ird.govt.nz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Length
18156
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Set-Cookie
sxa_site=ir_cd; path=/; secure TS01bb2522=0117e34adec22348c6cc36abad4146f0da6843f3df3ec32960710ab433cf9c1642b7c192422f962c78217fab3a4cc493a530e49707; Path=/; Secure; HTTPOnly
X-UA-Compatible
IE=Edge
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
X-Frame-Options
DENY
X-Content-Type-Options
nosniff
Date
Mon, 08 Mar 2021 23:03:30 GMT

Redirect headers

Date
Mon, 08 Mar 2021 23:03:28 GMT
Server
Apache
X-Powered-By
PHP/7.1.33
Location
https://www.ird.govt.nz
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
optimized-min.css
www.ird.govt.nz/-/media/feature/experience-accelerator/bootstrap/bootstrap/styles/ 		118 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ird.govt.nz/-/media/feature/experience-accelerator/bootstrap/bootstrap/styles/optimized-min.css?t=20180824T025055Z
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
50db9aabf015efab98add144b7028f893da4cebb8e170c0914fb3a76d0e94dd4
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
2249
Content-Disposition
inline; filename="optimized-min.css"
Connection
Keep-Alive
Content-Length
27883
ETag
53628727574a471ba1eec6c6f52353d1
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Fri, 24 Aug 2018 02:50:57 GMT
X-Frame-Options
DENY
Date
Mon, 08 Mar 2021 23:03:31 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Mon, 15 Mar 2021 22:26:02 GMT
optimized-min.css
www.ird.govt.nz/-/media/base-themes/core-libraries/styles/ 		132 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ird.govt.nz/-/media/base-themes/core-libraries/styles/optimized-min.css?t=20180824T025103Z
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
4c6fde841616799524ae40b886f27b8c5b4e857476a053f1acac3222a3d09385
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
2252
Content-Disposition
inline; filename="optimized-min.css"
Connection
Keep-Alive
Content-Length
30442
ETag
cee956b1a31e458db19907dddd3cf057
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Fri, 24 Aug 2018 02:51:03 GMT
X-Frame-Options
DENY
Date
Mon, 08 Mar 2021 23:03:31 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Mon, 15 Mar 2021 22:25:59 GMT
optimized-min.css
www.ird.govt.nz/-/media/base-themes/main-theme/styles/ 		4 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ird.govt.nz/-/media/base-themes/main-theme/styles/optimized-min.css?t=20190329T032457Z
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
a5a3c30f186f949a0e014dd8bc0fd8df51b1c388f1783969b393923ede1a8907
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
2251
Content-Disposition
inline; filename="optimized-min.css"
Connection
Keep-Alive
Content-Length
1607
ETag
75a089715ba54129b30c4f1475c8adac
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Fri, 29 Mar 2019 03:24:57 GMT
X-Frame-Options
DENY
Date
Mon, 08 Mar 2021 23:03:31 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Mon, 15 Mar 2021 22:26:01 GMT
optimized-min.css
www.ird.govt.nz/-/media/themes/ir/home/ir-theme/styles/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ird.govt.nz/-/media/themes/ir/home/ir-theme/styles/optimized-min.css?t=20201209T063004Z
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
c4d140ff3cc7bda3fa39f2fc0897c95bd1e140e44932cb42ccfebe9fedb101ef
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
2252
Content-Disposition
inline; filename="optimized-min.css"
Connection
Keep-Alive
Content-Length
2072
ETag
e611893c00364745af00491f1dfd4ae7
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Wed, 09 Dec 2020 06:30:05 GMT
X-Frame-Options
DENY
Date
Mon, 08 Mar 2021 23:03:31 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Mon, 15 Mar 2021 22:25:59 GMT
CoveoFullSearch.min.css
static.cloud.coveo.com/searchui/v2.9159/css/ 		389 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.cloud.coveo.com/searchui/v2.9159/css/CoveoFullSearch.min.css
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-127.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0de04115740efacd14bfc532aea885f908e87b74e9aede87fe7911b0e99495ae

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
J8BILPWG9tSIAwsZ0Tmni3VATYUdDqWq
content-encoding
gzip
etag
W/"8a0326349e0ba09ef2306d59c28fe574"
age
67304
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Thu, 30 Jul 2020 19:03:32 GMT
server
AmazonS3
date
Mon, 08 Mar 2021 04:21:48 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
rDgSrJyr-iR5iQ6yk9BMr8Dpnc9juoJYYBMfBIuFej7sgSaq99OPPA==
main.css
www.ird.govt.nz/assets/home/css/ 		573 KB
130 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ird.govt.nz/assets/home/css/main.css?v=146.12.0.989-v2&cms=145-5
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
5f0da0f67adb3e7ccf50ceb8dd57d5f81bc226ca4befb7c7234bd37a1bbe3a5c
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
160
Connection
Keep-Alive
Content-Length
132272
ETag
"09ac6da199d71:0"
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Mon, 22 Feb 2021 12:54:28 GMT
X-Frame-Options
DENY
Date
Mon, 08 Mar 2021 23:03:31 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
CoveoJsSearch.Lazy.min.js
static.cloud.coveo.com/searchui/v2.9159/js/ 		725 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloud.coveo.com/searchui/v2.9159/js/CoveoJsSearch.Lazy.min.js
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-127.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0451aa5fab1b63f58a03c1435e3ae0a73c57c6b3ef584af002c82f8d89050af0

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
0nuJAf6pQeVrN_uX0GS52cbIPaRVtl01
content-encoding
gzip
etag
W/"05389e00c450b8ea88d529099215206b"
age
26001
x-cache
Hit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Thu, 30 Jul 2020 19:03:04 GMT
server
AmazonS3
date
Mon, 08 Mar 2021 15:51:34 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
zkEmmVsgKg8K4HlSHcXDRVeI1x_qpEA1HJ3w3kaw8b4yndmP4gXSbQ==
logo-landscape.svg
www.ird.govt.nz/-/media/themes/ir/home/ir-theme/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ird.govt.nz/-/media/themes/ir/home/ir-theme/images/logo-landscape.svg?la=en&hash=B1C4664A92B15C4D673718A969E620EC
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
a55757951ab193b5fd7c6877bed484e1ddbfac39546180f2d2ed62255c831d79
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Age
2220
Content-Disposition
inline; filename="logo-landscape.svg"
Connection
Keep-Alive
Content-Length
8232
ETag
7215835cb3974ace982d79be631269f5
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Mon, 11 Mar 2019 05:15:58 GMT
Date
Mon, 08 Mar 2021 23:03:33 GMT
X-Frame-Options
DENY
Content-Type
image/svg+xml
Cache-Control
public, max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Mon, 15 Mar 2021 22:26:33 GMT
logo-landscape-black.png
www.ird.govt.nz/-/media/themes/ir/home/ir-theme/images/ 		8 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ird.govt.nz/-/media/themes/ir/home/ir-theme/images/logo-landscape-black.png
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
9c3ee2a2f67bf5321b0ec2b11d2a08f6f3f8f9b5e38931be2d420bca2dac46aa
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Age
2250
Content-Disposition
inline; filename="logo-landscape-black.png"
Connection
Keep-Alive
Content-Length
8622
ETag
79a3d007c9ea4a5592b8041bdddd14fe
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Wed, 17 Apr 2019 03:15:10 GMT
Date
Mon, 08 Mar 2021 23:03:34 GMT
X-Frame-Options
DENY
Content-Type
image/png
Cache-Control
public, max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Mon, 15 Mar 2021 00:10:37 GMT
home.svg
www.ird.govt.nz/-/media/themes/ir/home/ir-theme/images/ 		704 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ird.govt.nz/-/media/themes/ir/home/ir-theme/images/home.svg
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
0f6b7b91f17e0901025656e4efff2399ad711a4ad99deab3629d6c363c345425
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Age
2092
Content-Disposition
inline; filename="home.svg"
Connection
Keep-Alive
Content-Length
704
ETag
606d67ea96ac497c86be7f5103f29700
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Mon, 24 Jun 2019 10:05:20 GMT
X-Frame-Options
DENY
Date
Mon, 08 Mar 2021 23:03:33 GMT
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=604799
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Sat, 13 Mar 2021 00:03:09 GMT
logo-footer.png
www.ird.govt.nz/-/media/themes/ir/home/ir-theme/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ird.govt.nz/-/media/themes/ir/home/ir-theme/images/logo-footer.png
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
2663b25bd4a7cfc13adaf8a863bc0f7d9ef20c5362022e59f356a88ebf72a721
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Age
2147
Content-Disposition
inline; filename="logo-footer.png"
Connection
Keep-Alive
Content-Length
2898
ETag
b32a90e03df54637b42daf403eb260c7
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Wed, 13 May 2020 08:44:25 GMT
Date
Mon, 08 Mar 2021 23:03:34 GMT
X-Frame-Options
DENY
Content-Type
image/png
Cache-Control
public, max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Thu, 11 Mar 2021 08:17:56 GMT
159FFC25CCE948D28681317A8F1700FA.ashx
www.ird.govt.nz/-/media/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ird.govt.nz/-/media/159FFC25CCE948D28681317A8F1700FA.ashx
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
e3bc814c2ff563a9cdfcc8647f01b8b6de252bf3d0b0ab82d6fc24a78116d01b
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Age
1953
Content-Disposition
inline; filename="truck-pictogram.png"
Connection
Keep-Alive
Content-Length
10072
ETag
ff6abc55bf1641868f36a626d33a7e93
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Mon, 18 Mar 2019 06:25:12 GMT
Date
Mon, 08 Mar 2021 23:03:34 GMT
X-Frame-Options
DENY
Content-Type
image/png
Cache-Control
public, max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Thu, 11 Mar 2021 10:29:27 GMT
homepage-banner-background.jpg
www.ird.govt.nz/-/media/project/ir/home/graphics/banners/homepage/ 		354 KB
356 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ird.govt.nz/-/media/project/ir/home/graphics/banners/homepage/homepage-banner-background.jpg?h=576&w=1900&la=en&hash=CC47A1C6768DC63487F087FE4FCAC436
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
fb13fa99dcd8d521b12b3996c7d89c7282416baff7669f4a4f4d6de5409202a1
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Age
1916
Content-Disposition
inline; filename="Homepage banner background.jpg"
Connection
Keep-Alive
Content-Length
362706
ETag
9d8afc4d2c504b33a3e8f863a86186f5
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Fri, 29 Jan 2021 01:08:14 GMT
Date
Mon, 08 Mar 2021 23:03:34 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Mon, 15 Mar 2021 22:31:40 GMT
css
fonts.googleapis.com/ 		2 KB
510 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700
Requested by
Host: static.cloud.coveo.com
URL: https://static.cloud.coveo.com/searchui/v2.9159/css/CoveoFullSearch.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7a2dd21532e68bb69249e38f9f22315cd53843f618a78b6169c3ae64ac02294f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://static.cloud.coveo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 08 Mar 2021 21:25:00 GMT
server
ESF
date
Mon, 08 Mar 2021 23:03:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Mar 2021 23:03:31 GMT
picto-myir.svg
www.ird.govt.nz/-/media/project/ir/common-images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ird.govt.nz/-/media/project/ir/common-images/picto-myir.svg?la=en&hash=6F6611BB623D877FFE9382A8B5415532
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
bc99c93c4bf64baa160338d28cfb2affd4bd37498ec0d52232016e7cdc51fc64
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Age
1796
Content-Disposition
inline; filename="picto-myIR.svg"
Connection
Keep-Alive
Content-Length
2147
ETag
dc4989f445c4441387716e98c3244f32
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Mon, 04 Mar 2019 00:22:53 GMT
Date
Mon, 08 Mar 2021 23:03:34 GMT
X-Frame-Options
DENY
Content-Type
image/svg+xml
Cache-Control
public, max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Mon, 15 Mar 2021 22:33:38 GMT
icon-facebook.svg
www.ird.govt.nz/-/media/project/ir/icons/link-icons/ 		398 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ird.govt.nz/-/media/project/ir/icons/link-icons/icon-facebook.svg?la=en&hash=C6E19A5E8D5F4E3E1B0EAA89198F5373
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
d9a0280f3e63a156286761fbd850d4608747cc4824fe614af52ddc7a2856eae3
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Age
1698
Content-Disposition
inline; filename="icon-facebook.svg"
Connection
Keep-Alive
Content-Length
398
ETag
7d9510d310ca46a18161c58007d97ac0
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Thu, 23 May 2019 02:11:04 GMT
X-Frame-Options
DENY
Date
Mon, 08 Mar 2021 23:03:34 GMT
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Mon, 15 Mar 2021 22:35:17 GMT
icon-linkedin.svg
www.ird.govt.nz/-/media/project/ir/icons/link-icons/ 		542 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ird.govt.nz/-/media/project/ir/icons/link-icons/icon-linkedin.svg?la=en&hash=AC247E9E687512DC5F1DD6DB7C58144F
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
9501a7edd6ad33bfa57e53bb196bcc911e92fd2e09a59ec19265485ef04ad6b2
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Age
2077
Content-Disposition
inline; filename="icon-linkedin.svg"
Connection
Keep-Alive
Content-Length
542
ETag
39110de9b494444499cf2986717c7f5a
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Thu, 23 May 2019 02:12:24 GMT
X-Frame-Options
DENY
Date
Mon, 08 Mar 2021 23:03:34 GMT
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Mon, 15 Mar 2021 22:28:57 GMT
icon-twitter.svg
www.ird.govt.nz/-/media/project/ir/icons/link-icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ird.govt.nz/-/media/project/ir/icons/link-icons/icon-twitter.svg?la=en&hash=5D9C3EF3C0E2912357D812E53073DD24
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
b38e79ee40590865f74bee19f18eebca81e5dc7f8c1b7ddc68965512fa391389
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Age
2254
Content-Disposition
inline; filename="icon-twitter.svg"
Connection
Keep-Alive
Content-Length
1035
ETag
8d39b2e536b04670910e6e67d7f524e5
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Thu, 23 May 2019 02:11:36 GMT
Date
Mon, 08 Mar 2021 23:03:35 GMT
X-Frame-Options
DENY
Content-Type
image/svg+xml
Cache-Control
public, max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Mon, 15 Mar 2021 22:26:01 GMT
icon-youtube.svg
www.ird.govt.nz/-/media/project/ir/icons/link-icons/ 		714 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ird.govt.nz/-/media/project/ir/icons/link-icons/icon-youtube.svg?la=en&hash=57B4E0AA1F693110C585732092DE0CD8
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
3854ce70ade7bc497587dce9c441d4eb737135830c10ca4be69429be4a95b46f
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Age
2079
Content-Disposition
inline; filename="icon-youtube.svg"
Connection
Keep-Alive
Content-Length
714
ETag
a1510cf21bf24d2cb53be77951f98016
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Thu, 23 May 2019 02:13:05 GMT
X-Frame-Options
DENY
Date
Mon, 08 Mar 2021 23:03:35 GMT
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Mon, 15 Mar 2021 22:28:56 GMT
017cc89bcfe346a983c5b66edf764e43.ashx
www.ird.govt.nz/-/media/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ird.govt.nz/-/media/017cc89bcfe346a983c5b66edf764e43.ashx
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
0bc0242755a4e1ea23258fec415c83688b4d5d146895b681aba1c23a42c17dfd
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Age
2037
Content-Disposition
inline; filename="shielded.png"
Connection
Keep-Alive
Content-Length
9282
ETag
8925271536714871b4382169b0f113ff
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Mon, 11 Mar 2019 05:15:57 GMT
Date
Mon, 08 Mar 2021 23:03:35 GMT
X-Frame-Options
DENY
Content-Type
image/png
Cache-Control
public, max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Sat, 13 Mar 2021 20:38:38 GMT
f83329300e664c67aec59042a088e574.ashx
www.ird.govt.nz/-/media/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ird.govt.nz/-/media/f83329300e664c67aec59042a088e574.ashx
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
2663b25bd4a7cfc13adaf8a863bc0f7d9ef20c5362022e59f356a88ebf72a721
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Age
1924
Content-Disposition
inline; filename="logo-footer.png"
Connection
Keep-Alive
Content-Length
2898
ETag
b32a90e03df54637b42daf403eb260c7
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Wed, 13 May 2020 08:44:25 GMT
Date
Mon, 08 Mar 2021 23:03:35 GMT
X-Frame-Options
DENY
Content-Type
image/png
Cache-Control
public, max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Sun, 14 Mar 2021 00:08:32 GMT
9665a3f74eb249de9d4cc8088b549fd6
www.ird.govt.nz/-/media/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ird.govt.nz/-/media/9665a3f74eb249de9d4cc8088b549fd6
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
09b8c37159ca6dfe96332c090762bf3b44a01b39e414699a951c04e668ec44c8
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Age
2037
Content-Disposition
inline; filename="logo-nzgovt.png"
Connection
Keep-Alive
Content-Length
7172
ETag
cfec407c8a974d3eb9ca2d97469445a8
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Wed, 06 Mar 2019 20:31:27 GMT
Date
Mon, 08 Mar 2021 23:03:35 GMT
X-Frame-Options
DENY
Content-Type
image/png
Cache-Control
public, max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Thu, 11 Mar 2021 08:17:56 GMT
optimized-min.js
www.ird.govt.nz/-/media/base-themes/core-libraries/scripts/ 		1 MB
400 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ird.govt.nz/-/media/base-themes/core-libraries/scripts/optimized-min.js?t=20190329T032456Z
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
7ceb0ffa75cfb8cdf425576db4e3e7e5ff7ebb2a615d22fac7b465447106b99a
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
2253
Content-Disposition
inline; filename="optimized-min.js"
Connection
Keep-Alive
Content-Length
408246
ETag
d3c2a2403ad34f768561182b7e0de2bd
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Fri, 29 Mar 2019 03:24:56 GMT
X-Frame-Options
DENY
Date
Mon, 08 Mar 2021 23:03:32 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public, max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Mon, 15 Mar 2021 22:26:00 GMT
optimized-min.js
www.ird.govt.nz/-/media/base-themes/xa-api/scripts/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ird.govt.nz/-/media/base-themes/xa-api/scripts/optimized-min.js?t=20190329T032456Z
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
78f98b419478600e64573978f893e0a51b1d9f510cdac0e218fd0d6e994b6cfd
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
2252
Content-Disposition
inline; filename="optimized-min.js"
Connection
Keep-Alive
Content-Length
870
ETag
92c70b6a37e243ce9f1bd441fb851f17
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Fri, 29 Mar 2019 03:24:56 GMT
X-Frame-Options
DENY
Date
Mon, 08 Mar 2021 23:03:33 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public, max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Mon, 15 Mar 2021 22:26:01 GMT
optimized-min.js
www.ird.govt.nz/-/media/base-themes/main-theme/scripts/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ird.govt.nz/-/media/base-themes/main-theme/scripts/optimized-min.js?t=20190329T032457Z
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
39ba06c41e0986286333f77a997cfc5132b078474e9f327a157be05a10264bc8
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
2252
Content-Disposition
inline; filename="optimized-min.js"
Connection
Keep-Alive
Content-Length
4658
ETag
142ebf3c1e95447aa9ccfcddd54be4b7
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Fri, 29 Mar 2019 03:24:57 GMT
X-Frame-Options
DENY
Date
Mon, 08 Mar 2021 23:03:33 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public, max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Mon, 15 Mar 2021 22:26:01 GMT
optimized-min.js
www.ird.govt.nz/-/media/base-themes/google-maps-js-connector/scripts/ 		5 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ird.govt.nz/-/media/base-themes/google-maps-js-connector/scripts/optimized-min.js?t=20190322T025851Z
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
5057648443a7ab2444e0e97ed3dfb0765b85fde3b69f828b9d12faac8b5fdc80
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
2253
Content-Disposition
inline; filename="optimized-min.js"
Connection
Keep-Alive
Content-Length
2297
ETag
a5facc5ea337401ab6e795c9638c5cae
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Fri, 22 Mar 2019 02:58:51 GMT
X-Frame-Options
DENY
Date
Mon, 08 Mar 2021 23:03:33 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public, max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Mon, 15 Mar 2021 22:26:00 GMT
optimized-min.js
www.ird.govt.nz/-/media/base-themes/maps/scripts/ 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ird.govt.nz/-/media/base-themes/maps/scripts/optimized-min.js?t=20190322T025851Z
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
d96972e84f8b03eca88d2af8f9eb4ce69446f86c03af03bf7fb109dd9847896c
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
2253
Content-Disposition
inline; filename="optimized-min.js"
Connection
Keep-Alive
Content-Length
3527
ETag
4ced5fb34d2b4908a57c8ea837ba6c4a
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Fri, 22 Mar 2019 02:58:52 GMT
X-Frame-Options
DENY
Date
Mon, 08 Mar 2021 23:03:33 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public, max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Mon, 15 Mar 2021 22:26:00 GMT
optimized-min.js
www.ird.govt.nz/-/media/base-themes/searchtheme/scripts/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ird.govt.nz/-/media/base-themes/searchtheme/scripts/optimized-min.js?t=20190624T101507Z
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
5eb695d5e238f06d9552d57c9613ca7810eb2ce0e6aff8c99ac83b2fd8e2f58a
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
2290
Content-Disposition
inline; filename="optimized-min.js"
Connection
Keep-Alive
Content-Length
22829
ETag
96cd70e58b574a21afd9bf3d80f5cb7d
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Mon, 24 Jun 2019 10:15:07 GMT
X-Frame-Options
DENY
Date
Mon, 08 Mar 2021 23:03:33 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public, max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Mon, 15 Mar 2021 22:25:24 GMT
optimized-min.js
www.ird.govt.nz/-/media/base-themes/resolve-conflicts/scripts/ 		19 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ird.govt.nz/-/media/base-themes/resolve-conflicts/scripts/optimized-min.js?t=20190329T032457Z
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
1b631c545e0e9acda2fa9adef7ce9415a95fc6a325ea80268d1793bf913180ae
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
2291
Content-Disposition
inline; filename="optimized-min.js"
Connection
Keep-Alive
Content-Length
137
ETag
e24d9a29f138487895d8cd21bdadc213
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Fri, 29 Mar 2019 03:24:58 GMT
X-Frame-Options
DENY
Date
Mon, 08 Mar 2021 23:03:34 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public, max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Mon, 15 Mar 2021 22:25:23 GMT
optimized-min.js
www.ird.govt.nz/-/media/base-themes/components-theme/scripts/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ird.govt.nz/-/media/base-themes/components-theme/scripts/optimized-min.js?t=20190404T204140Z
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
7553f87d65bab10cd8ee295ebe78f09a60e879c4a24a083a3f868676f1a46092
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
2213
Content-Disposition
inline; filename="optimized-min.js"
Connection
Keep-Alive
Content-Length
18246
ETag
529ddd67f9d746d09bccbf7d787de73c
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Thu, 04 Apr 2019 20:41:40 GMT
X-Frame-Options
DENY
Date
Mon, 08 Mar 2021 23:03:34 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public, max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Mon, 15 Mar 2021 22:26:42 GMT
optimized-min.js
www.ird.govt.nz/-/media/themes/ir/home/ir-theme/scripts/ 		152 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ird.govt.nz/-/media/themes/ir/home/ir-theme/scripts/optimized-min.js?t=20201209T063003Z
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
7ac6a49c25ac359904103660a75c3b1048f271ec4baf67b93a9c796d6889d382
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
2148
Content-Disposition
inline; filename="optimized-min.js"
Connection
Keep-Alive
Content-Length
66060
ETag
b3f1a7684e8a4de38ca4855457b25d7f
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Wed, 09 Dec 2020 06:30:04 GMT
X-Frame-Options
DENY
Date
Mon, 08 Mar 2021 23:03:34 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public, max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Mon, 15 Mar 2021 22:27:51 GMT
main.js
www.ird.govt.nz/assets/home/js/ 		231 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ird.govt.nz/assets/home/js/main.js?v=146.12.0.989-v2&cms=145-5
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
889520bc2573bafa85fe6c2349432f801c6b5404ea5ca40224a5d7f87cecf054
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
221
Connection
Keep-Alive
Content-Length
93359
ETag
"0250e4199d71:0"
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Mon, 22 Feb 2021 12:54:44 GMT
X-Frame-Options
DENY
Date
Mon, 08 Mar 2021 23:03:34 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
react.js
www.ird.govt.nz/assets/home/js/ 		266 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ird.govt.nz/assets/home/js/react.js?v=146.12.0.989-v2&cms=145-5
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
906d95ef892054452a6bb22201cde4c24a7ffce4de462949a6e7a3d3ca945a70
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
220
Connection
Keep-Alive
Content-Length
82644
ETag
"0250e4199d71:0"
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Mon, 22 Feb 2021 12:54:44 GMT
X-Frame-Options
DENY
Date
Mon, 08 Mar 2021 23:03:34 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
coveo.js
www.ird.govt.nz/assets/home/js/ 		23 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ird.govt.nz/assets/home/js/coveo.js?v=146.12.0.989-v2&cms=145-5
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
9e08f029388b6abcb1b107b3eb70dedd2ea64e9216356bdc1ff2770b1beef6c9
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
172
Connection
Keep-Alive
Content-Length
9825
ETag
"0250e4199d71:0"
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Mon, 22 Feb 2021 12:54:44 GMT
X-Frame-Options
DENY
Date
Mon, 08 Mar 2021 23:03:34 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=604800
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
gtm.js
www.googletagmanager.com/ 		178 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-58F6MRW
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cef8606a897074fe5371276570a80b5ab58eb25c67def14072c1acf7a19f6621
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 23:03:33 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48779
x-xss-protection
0
last-modified
Mon, 08 Mar 2021 21:36:51 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 08 Mar 2021 23:03:33 GMT
l
use.typekit.net/af/705e94/00000000000000003b9b3062/27/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/705e94/00000000000000003b9b3062/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/-/media/themes/ir/home/ir-theme/styles/optimized-min.css?t=20201209T063004Z
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f37e21c653607facbf39ad55a0d09b23fbda4ee1be8202257bd4c218eb1544ee

Request headers

Origin
https://www.ird.govt.nz
Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 23:03:33 GMT
server
nginx
etag
"79fea02668402fc378c129193093131a2db2577c"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
33568
l
use.typekit.net/af/949f99/00000000000000003b9b3068/27/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/949f99/00000000000000003b9b3068/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/-/media/themes/ir/home/ir-theme/styles/optimized-min.css?t=20201209T063004Z
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3302ef568a096b5d784190fc4a27a5360a9e0a22c069d90253c6341e311024d8

Request headers

Origin
https://www.ird.govt.nz
Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 23:03:33 GMT
server
nginx
etag
"b5fef031a96fc670f9c3b1b64dd52243a29d7531"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
34344
fa-regular-400-woff2.woff2
www.ird.govt.nz/assets/home/webfonts/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ird.govt.nz/assets/home/webfonts/fa-regular-400-woff2.woff2
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/assets/home/css/main.css?v=146.12.0.989-v2&cms=145-5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
362ef9065042d20e50792140612bb1355767231edab879960549b2f94768380a
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.ird.govt.nz
Referer
https://www.ird.govt.nz/assets/home/css/main.css?v=146.12.0.989-v2&cms=145-5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 22 Feb 2021 12:51:32 GMT
Age
2208
ETag
"022df71199d71:0"
X-Frame-Options
DENY
Content-Type
application/font-woff2
Cache-Control
public,max-age=604800
Date
Mon, 08 Mar 2021 23:03:33 GMT
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
127904
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
fa-light-300-woff2.woff2
www.ird.govt.nz/assets/home/webfonts/ 		134 KB
135 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ird.govt.nz/assets/home/webfonts/fa-light-300-woff2.woff2
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/assets/home/css/main.css?v=146.12.0.989-v2&cms=145-5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
f79bd57ebc600cd520774bbb58c446c5ae6a8cab74c86c378652e3aa4d4ffc1e
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.ird.govt.nz
Referer
https://www.ird.govt.nz/assets/home/css/main.css?v=146.12.0.989-v2&cms=145-5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 22 Feb 2021 12:51:32 GMT
Age
2208
ETag
"022df71199d71:0"
X-Frame-Options
DENY
Content-Type
application/font-woff2
Cache-Control
public,max-age=604800
Date
Mon, 08 Mar 2021 23:03:33 GMT
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
136724
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
l
use.typekit.net/af/576d53/00000000000000003b9b3066/27/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/576d53/00000000000000003b9b3066/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/-/media/themes/ir/home/ir-theme/styles/optimized-min.css?t=20201209T063004Z
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e08069362721d144d84f24395fd827901ad1eb93254333b4090971e4bad7a4a6

Request headers

Origin
https://www.ird.govt.nz
Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 23:03:33 GMT
server
nginx
etag
"fa333b49edecc210478c16168adee736b2ad6c1f"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
33280
l
use.typekit.net/af/3cc9c3/00000000000000003b9aedf0/27/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/3cc9c3/00000000000000003b9aedf0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/-/media/themes/ir/home/ir-theme/styles/optimized-min.css?t=20201209T063004Z
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d4b1c7eaeb81a154ddde2b3838dcf90d30a4a23c6f42ea0887cdd98e43fa9a91

Request headers

Origin
https://www.ird.govt.nz
Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 23:03:33 GMT
server
nginx
etag
"a737e726cb8674e22d476cfa137678b498fa6fea"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
19980
l
use.typekit.net/af/e998e3/00000000000000003b9aedf1/27/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/e998e3/00000000000000003b9aedf1/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/-/media/themes/ir/home/ir-theme/styles/optimized-min.css?t=20201209T063004Z
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
534b1e3753d5b29219a61b1e2e4eff2b5dce7eaa0c6964ac0c015bc3e5a36ef7

Request headers

Origin
https://www.ird.govt.nz
Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 23:03:33 GMT
server
nginx
etag
"25c84fa025104b090084ae7e680cb3874f03f46f"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
18476
l
use.typekit.net/af/0b89c7/00000000000000003b9aeded/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/0b89c7/00000000000000003b9aeded/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n2&v=3
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/-/media/themes/ir/home/ir-theme/styles/optimized-min.css?t=20201209T063004Z
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
237f63244df9252bc2df1c1efd7ca7f37b161f28a5336870a703058c91822b4c

Request headers

Origin
https://www.ird.govt.nz
Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 23:03:33 GMT
server
nginx
etag
"e8917d996e217d3022663b8ac21870a147f02e1f"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
19544
js
www.googletagmanager.com/gtag/ 		137 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M92SHK1114&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58F6MRW
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
30ca0cf551f847693016ad4791f4a5b42711d815807e6f9450aa7bfbd1ec7852
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 23:03:33 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53726
x-xss-protection
0
expires
Mon, 08 Mar 2021 23:03:33 GMT
js
www.googletagmanager.com/gtag/ 		134 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BZ87Q5B94Z&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58F6MRW
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ce02933ac97b5e3cc08cad0e0a860a1e3dbabe78d6854d0a25777a55b5de9d43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 23:03:33 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52725
x-xss-protection
0
expires
Mon, 08 Mar 2021 23:03:33 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58F6MRW
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
3657
date
Mon, 08 Mar 2021 22:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Tue, 09 Mar 2021 00:02:36 GMT
collect
www.google-analytics.com/j/ 		2 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1704042359&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ird.govt.nz%2F&ul=en-us&de=UTF-8&dt=Inland%20Revenue%20-%20Te%20Tari%20Taake&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1178387828&gjid=135453527&cid=1208449866.1615244614&tid=UA-235836-45&_gid=294462012.1615244614&_r=1&gtm=2wg2o058F6MRW&cd2=1615244613613.6q952ip&cd3=2021-03-09T00%3A03%3A33.613%2B01%3A00&cd1=1208449866.1615244614&z=139207023
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 23:03:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ird.govt.nz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-235836-45&cid=1208449866.1615244614&jid=1178387828&gjid=135453527&_gid=294462012.1615244614&_u=YEBAAEAAAAAAAC~&z=2127654753
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 08 Mar 2021 23:03:33 GMT
content-type
text/plain
access-control-allow-origin
https://www.ird.govt.nz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
21 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-M92SHK1114&gtm=2oe2o0&_p=1704042359&sr=1600x1200&ul=en-us&cid=1208449866.1615244614&_s=1&dl=https%3A%2F%2Fwww.ird.govt.nz%2F&dt=Inland%20Revenue%20-%20Te%20Tari%20Taake&sid=1615244613&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M92SHK1114&l=dataLayer&cx=c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 23:03:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ird.govt.nz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
21 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-BZ87Q5B94Z&gtm=2oe2o0&_p=1704042359&sr=1600x1200&ul=en-us&cid=1208449866.1615244614&_s=1&dl=https%3A%2F%2Fwww.ird.govt.nz%2F&dt=Inland%20Revenue%20-%20Te%20Tari%20Taake&sid=1615244613&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BZ87Q5B94Z&l=dataLayer&cx=c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 23:03:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ird.govt.nz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-235836-45&cid=1208449866.1615244614&jid=1178387828&_u=YEBAAEAAAAAAAC~&z=1595332179
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 23:03:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		0
0
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/-/media/base-themes/main-theme/scripts/optimized-min.js?t=20190329T032457Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
4925
date
Mon, 08 Mar 2021 21:41:30 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Mon, 08 Mar 2021 23:41:30 GMT
Omnibox.min__a95d470104d1a4fbb30e.js
static.cloud.coveo.com/searchui/v2.9159/js/ 		91 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloud.coveo.com/searchui/v2.9159/js/Omnibox.min__a95d470104d1a4fbb30e.js
Requested by
Host: static.cloud.coveo.com
URL: https://static.cloud.coveo.com/searchui/v2.9159/js/CoveoJsSearch.Lazy.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-127.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e25cb9507212e1baf90bed027ff19b44de17279fbe76e1cc30d86163c78a8918

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
xKmQcmn5If4eMeS8FXzi1MzU0ipcGdc7
content-encoding
gzip
etag
W/"53a649411846e82780517ea35e5605d3"
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Thu, 30 Jul 2020 19:03:03 GMT
server
AmazonS3
date
Mon, 08 Mar 2021 23:03:35 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-id
7ZtF3uPtXbUZ8iJB3y-IDk4yA97GowIDtWElY6xtt2rzEY7-yBI4xw==
SearchButton.min__a95d470104d1a4fbb30e.js
static.cloud.coveo.com/searchui/v2.9159/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloud.coveo.com/searchui/v2.9159/js/SearchButton.min__a95d470104d1a4fbb30e.js
Requested by
Host: static.cloud.coveo.com
URL: https://static.cloud.coveo.com/searchui/v2.9159/js/CoveoJsSearch.Lazy.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-127.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c377d65527238bbc12c68424c71d1c8c7e7b72b7c2c6510eac4f31e6ce935af

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
jTu4UoKN9y9ClzdMp.suFckYwnf70p7c
content-encoding
gzip
etag
W/"9699a49c31357353ae4cf07301b0bd9f"
age
65520
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Thu, 30 Jul 2020 19:03:07 GMT
server
AmazonS3
date
Mon, 08 Mar 2021 04:51:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
5Wql1v1ouob4u8a99Yao6MGO_6bTe6gpNwE_gYa4dW5Zjti2eNLLnA==
v2
platform-au.cloud.coveo.com/rest/search/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://platform-au.cloud.coveo.com/rest/search/v2?organizationId=newzealandinlandrevenueprod35m1k6es
Protocol
H2
Server
54.66.99.212 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-99-212.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' https://www.google-analytics.com/analytics.js https://platform.cloud.coveo.com https://zn0oprkdidlwov71z-coveo.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://static.cloud.coveo.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization,content-type
Origin
https://www.ird.govt.nz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 08 Mar 2021 23:03:36 GMT
content-length
0
x-request-id
c2f0a9ab-23b0-4d5e-8bf8-89562beae940
cache-control
no-cache, no-store, max-age=0, must-revalidate, private
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding, User-Agent
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-security-policy
script-src 'self' 'unsafe-inline' https://www.google-analytics.com/analytics.js https://platform.cloud.coveo.com https://zn0oprkdidlwov71z-coveo.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://static.cloud.coveo.com; object-src 'none'
x-frame-options
deny
access-control-allow-origin
https://www.ird.govt.nz
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-methods
HEAD, DELETE, POST, GET, OPTIONS, PUT, PATCH
access-control-allow-headers
Authorization, Origin, Accept, X-Requested-With, X-Http-Method-Override, Range, Content-Type
v2
platform-au.cloud.coveo.com/rest/search/ 		108 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://platform-au.cloud.coveo.com/rest/search/v2?organizationId=newzealandinlandrevenueprod35m1k6es
Requested by
Host: static.cloud.coveo.com
URL: https://static.cloud.coveo.com/searchui/v2.9159/js/CoveoJsSearch.Lazy.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.66.99.212 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-99-212.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
672bab5a6f1700206191fea70ec663af652b0c1dfdaba496529ca7c799b4dda8
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' https://www.google-analytics.com/analytics.js https://platform.cloud.coveo.com https://zn0oprkdidlwov71z-coveo.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://static.cloud.coveo.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ird.govt.nz/
Authorization
Bearer eyJhbGciOiJIUzI1NiJ9.eyJzZWFyY2hIdWIiOiJDb3JlLVNlYXJjaF9QUk9EIiwidjgiOnRydWUsIm9yZ2FuaXphdGlvbiI6Im5ld3plYWxhbmRpbmxhbmRyZXZlbnVlcHJvZDM1bTFrNmVzIiwidXNlcklkcyI6W3sicHJvdmlkZXIiOiJFbWFpbCBTZWN1cml0eSBQcm92aWRlciIsIm5hbWUiOiJhbm9ueW1vdXMiLCJ0eXBlIjoiVXNlciJ9XSwicm9sZXMiOlsicXVlcnlFeGVjdXRvciJdLCJleHAiOjE2MTUyNDc3MzAsImlhdCI6MTYxNTI0NDEzMH0.o28XRxz1GC6pZKibrTtIQiM0vtWrz_WMX2eOMsVhves
Content-Type
application/x-www-form-urlencoded; charset="UTF-8"

Response headers

date
Mon, 08 Mar 2021 23:03:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding, User-Agent
content-length
18602
x-xss-protection
1; mode=block
x-request-id
20b02f9b-2883-48b3-bf64-9ade8ec41b2b
pragma
no-cache
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.ird.govt.nz
access-control-expose-headers
Content-Range
cache-control
no-cache, no-store, max-age=0, must-revalidate, private
access-control-allow-credentials
true
content-security-policy
script-src 'self' 'unsafe-inline' https://www.google-analytics.com/analytics.js https://platform.cloud.coveo.com https://zn0oprkdidlwov71z-coveo.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://static.cloud.coveo.com; object-src 'none'
expires
0
rsp---desktop.png
www.ird.govt.nz/-/media/project/ir/home/graphics/banners/resurgence-support-payment/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ird.govt.nz/-/media/project/ir/home/graphics/banners/resurgence-support-payment/rsp---desktop.png
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
c8f239cb6514e997262a7e18bbd8ebd3f2913ea696f11a19be617ee8875a86a7
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Age
2344
Content-Disposition
inline; filename="RSP - desktop.png"
Connection
Keep-Alive
Content-Length
1438722
ETag
ccd12968b949429ab146c20e3ad0beea
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Wed, 17 Feb 2021 23:06:06 GMT
Date
Mon, 08 Mar 2021 23:03:35 GMT
X-Frame-Options
DENY
Content-Type
image/png
Cache-Control
public, max-age=504630
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Fri, 12 Mar 2021 17:16:06 GMT
covid-19---desktop.png
www.ird.govt.nz/-/media/project/ir/home/graphics/banners/donation-tax-credits/covid-19/ 		509 KB
510 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ird.govt.nz/-/media/project/ir/home/graphics/banners/donation-tax-credits/covid-19/covid-19---desktop.png
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
3f4260572af148f04ca4effdbe93a05e2372f3b5daa21341944843cf237e0f7c
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Age
2535
Content-Disposition
inline; filename="COVID-19 - Desktop.png"
Connection
Keep-Alive
Content-Length
520911
ETag
a91bf1b3c1b7457eae01416b369f30ea
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
Last-Modified
Thu, 13 Aug 2020 22:59:27 GMT
Date
Mon, 08 Mar 2021 23:03:35 GMT
X-Frame-Options
DENY
Content-Type
image/png
Cache-Control
public, max-age=392638
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Expires
Sat, 13 Mar 2021 16:26:39 GMT
instalment-arrangement---desktop.png
www.ird.govt.nz/-/media/project/ir/home/graphics/banners/donation-tax-credits/instalment-arrangement/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ird.govt.nz/-/media/project/ir/home/graphics/banners/donation-tax-credits/instalment-arrangement/instalment-arrangement---desktop.png
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.71.230.125 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software
/
Resource Hash
42c8cb018303fae5aa5c076cae51495f698a884eea975477e0fb4d2a46290066
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Expires
Mon, 15 Mar 2021 23:03:35 GMT
Last-Modified
Wed, 27 Jan 2021 02:43:34 GMT
ETag
8741ee24efa54a309cac85da3499a181
X-Frame-Options
DENY
Content-Type
image/png
Content-Disposition
inline; filename="Instalment arrangement - desktop.png"
Cache-Control
public, max-age=604800
Date
Mon, 08 Mar 2021 23:03:35 GMT
Content-Security-Policy
default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Accept-Ranges
bytes
Content-Length
1691161
Request-Context
appId=cid-v1:c4cc0587-4cf1-4873-bc42-abb0692129ec
searches
platform-au.cloud.coveo.com/rest/ua/v15/analytics/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://platform-au.cloud.coveo.com/rest/ua/v15/analytics/searches?org=newzealandinlandrevenueprod35m1k6es
Protocol
H2
Server
54.66.99.212 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-99-212.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' https://www.google-analytics.com/analytics.js https://platform.cloud.coveo.com https://zn0oprkdidlwov71z-coveo.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://static.cloud.coveo.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization,content-type
Origin
https://www.ird.govt.nz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 08 Mar 2021 23:03:37 GMT
content-length
0
x-request-id
dd8c2519-c2ae-4721-9f8c-b848528e1412
cache-control
no-cache, no-store, max-age=0, must-revalidate, private
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding, User-Agent
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-security-policy
script-src 'self' 'unsafe-inline' https://www.google-analytics.com/analytics.js https://platform.cloud.coveo.com https://zn0oprkdidlwov71z-coveo.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://static.cloud.coveo.com; object-src 'none'
x-frame-options
deny
access-control-allow-origin
https://www.ird.govt.nz
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-methods
HEAD, DELETE, POST, GET, OPTIONS, PUT, PATCH
access-control-allow-headers
Authorization, Origin, Accept, X-Requested-With, X-Http-Method-Override, Range, Content-Type
searches
platform-au.cloud.coveo.com/rest/ua/v15/analytics/ 		200 B
957 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://platform-au.cloud.coveo.com/rest/ua/v15/analytics/searches?org=newzealandinlandrevenueprod35m1k6es
Requested by
Host: static.cloud.coveo.com
URL: https://static.cloud.coveo.com/searchui/v2.9159/js/CoveoJsSearch.Lazy.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.66.99.212 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-99-212.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
2362d1e4cbc294ad01d104d9cf616333f1757ea477108cbaa864247d8c0a2853
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' https://www.google-analytics.com/analytics.js https://platform.cloud.coveo.com https://zn0oprkdidlwov71z-coveo.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://static.cloud.coveo.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ird.govt.nz/
Authorization
Bearer eyJhbGciOiJIUzI1NiJ9.eyJzZWFyY2hIdWIiOiJDb3JlLVNlYXJjaF9QUk9EIiwidjgiOnRydWUsIm9yZ2FuaXphdGlvbiI6Im5ld3plYWxhbmRpbmxhbmRyZXZlbnVlcHJvZDM1bTFrNmVzIiwidXNlcklkcyI6W3sicHJvdmlkZXIiOiJFbWFpbCBTZWN1cml0eSBQcm92aWRlciIsIm5hbWUiOiJhbm9ueW1vdXMiLCJ0eXBlIjoiVXNlciJ9XSwicm9sZXMiOlsicXVlcnlFeGVjdXRvciJdLCJleHAiOjE2MTUyNDc3MzAsImlhdCI6MTYxNTI0NDEzMH0.o28XRxz1GC6pZKibrTtIQiM0vtWrz_WMX2eOMsVhves
Content-Type
application/json; charset="UTF-8"

Response headers

date
Mon, 08 Mar 2021 23:03:38 GMT
x-content-type-options
nosniff
p3p
CP="-"
vary
Accept-Encoding, User-Agent
content-length
200
x-xss-protection
1; mode=block
x-request-id
4bf1577b-ea88-41af-b5a0-9786e8e577fc
pragma
no-cache
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-origin
https://www.ird.govt.nz
access-control-expose-headers
Content-Range
cache-control
no-cache, no-store, max-age=0, must-revalidate, private
access-control-allow-credentials
true
content-security-policy
script-src 'self' 'unsafe-inline' https://www.google-analytics.com/analytics.js https://platform.cloud.coveo.com https://zn0oprkdidlwov71z-coveo.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://static.cloud.coveo.com; object-src 'none'
expires
0
/
zn2fvnsnu56qlnv3l-inlandrevenue.siteintercept.qualtrics.com/SIE/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn2fvnsnu56qlnv3l-inlandrevenue.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_2fvnsnU56qLNV3L
Requested by
Host: www.ird.govt.nz
URL: https://www.ird.govt.nz/assets/home/js/main.js?v=146.12.0.989-v2&cms=145-5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
890ed4f132ee2204334f76e7b4804f9de3e6f75d6ba0f9210b2d7e9f1e6e9e17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ird.govt.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 23:03:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
427317
cf-polished
origSize=60856
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
08b5ae0a5d00004c44643ca000000001
cf-bgj
minify
server
cloudflare
x-powered-by
Express
etag
W/"edb8-8bMGBhPGUNIfPVQn9/uGe6Lp/X0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
cf-ray
62cfb2bd6b714c44-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-235836-45&cid=1208449866.1615244614&jid=1178387828&_u=YEBAAEAAAAAAAC~&z=1595332179

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| webpackJsonpCoveo__temporary object| Coveo function| _ function| Globalize object| __core-js_shared__ function| __extends object| Coveo__temporary object| dataLayer object| TAX_COVEO_CONFIG object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery function| $xa function| moment object| html5 object| Modernizr function| Galleria object| FullCalendar function| Hammer object| Backbone function| SearchIndex function| Bloodhound boolean| mCustomScrollbar object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer function| dmAsyncInit object| XA undefined| movieTracker object| XAContext object| _gaq string| facetName function| Popper object| pir function| flatpickr object| regeneratorRuntime function| onYouTubeIframeAPIReady boolean| initialzied object| _gat object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.45.0

0 Cookies

2 Console Messages

Source Level URL
Text
console-api log URL: https://www.ird.govt.nz/assets/home/js/main.js?v=146.12.0.989-v2&cms=145-5(Line 41)
Message:
nz_ab=*** sl_cd=*** wfftc_ef=***
console-api log URL: https://www.ird.govt.nz/assets/home/js/main.js?v=146.12.0.989-v2&cms=145-5(Line 41)
Message:
[object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' ; script-src 'self' *.cloud.coveo.com *.windows.net *.google-analytics.com *.googletagmanager.com *.gstatic.com *.google.com *.hotjar.com *.qualtrics.com data: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com staticcdn.co.nz *.staticcdn.co.nz *.sharepoint.com australiaeast1-mediap.svc.ms *.cloud.coveo.com *.windows.net *.ird.govt.nz *.gstatic.com *.google.com *.google.com.au *.google.co.nz *.doubleclick.net *.cloudfront.net *.qualtrics.com; connect-src * ; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' *.ird.govt.nz staticcdn.co.nz *.staticcdn.co.nz *.google.com *.youtube.com *.cloudfront.net *.googletagmanager.com *.hotjar.com *.slideshare.net *.qualtrics.com; form-action 'self' *.ird.govt.nz; font-src 'self' data: *.typekit.net *.gstatic.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
platform-au.cloud.coveo.com
services.ird.govt.nz-portal.digiman.co.za
ssl.google-analytics.com
static.cloud.coveo.com
stats.g.doubleclick.net
use.typekit.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.ird.govt.nz
zn2fvnsnu56qlnv3l-inlandrevenue.siteintercept.qualtrics.com
www.google.de
104.17.209.240
13.32.21.127
185.71.230.125
2a00:1450:4001:801::2008
2a00:1450:4001:813::2008
2a00:1450:4001:813::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2004
2a00:1450:400c:c0c::9c
2a02:26f0:6c00::210:ba0a
41.185.8.146
54.66.99.212
0451aa5fab1b63f58a03c1435e3ae0a73c57c6b3ef584af002c82f8d89050af0
09b8c37159ca6dfe96332c090762bf3b44a01b39e414699a951c04e668ec44c8
0bc0242755a4e1ea23258fec415c83688b4d5d146895b681aba1c23a42c17dfd
0de04115740efacd14bfc532aea885f908e87b74e9aede87fe7911b0e99495ae
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f6b7b91f17e0901025656e4efff2399ad711a4ad99deab3629d6c363c345425
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1b631c545e0e9acda2fa9adef7ce9415a95fc6a325ea80268d1793bf913180ae
2362d1e4cbc294ad01d104d9cf616333f1757ea477108cbaa864247d8c0a2853
237f63244df9252bc2df1c1efd7ca7f37b161f28a5336870a703058c91822b4c
2663b25bd4a7cfc13adaf8a863bc0f7d9ef20c5362022e59f356a88ebf72a721
30ca0cf551f847693016ad4791f4a5b42711d815807e6f9450aa7bfbd1ec7852
3302ef568a096b5d784190fc4a27a5360a9e0a22c069d90253c6341e311024d8
362ef9065042d20e50792140612bb1355767231edab879960549b2f94768380a
3854ce70ade7bc497587dce9c441d4eb737135830c10ca4be69429be4a95b46f
39ba06c41e0986286333f77a997cfc5132b078474e9f327a157be05a10264bc8
3f4260572af148f04ca4effdbe93a05e2372f3b5daa21341944843cf237e0f7c
42c8cb018303fae5aa5c076cae51495f698a884eea975477e0fb4d2a46290066
4c6fde841616799524ae40b886f27b8c5b4e857476a053f1acac3222a3d09385
5057648443a7ab2444e0e97ed3dfb0765b85fde3b69f828b9d12faac8b5fdc80
50db9aabf015efab98add144b7028f893da4cebb8e170c0914fb3a76d0e94dd4
534b1e3753d5b29219a61b1e2e4eff2b5dce7eaa0c6964ac0c015bc3e5a36ef7
5c377d65527238bbc12c68424c71d1c8c7e7b72b7c2c6510eac4f31e6ce935af
5eb695d5e238f06d9552d57c9613ca7810eb2ce0e6aff8c99ac83b2fd8e2f58a
5f0da0f67adb3e7ccf50ceb8dd57d5f81bc226ca4befb7c7234bd37a1bbe3a5c
672bab5a6f1700206191fea70ec663af652b0c1dfdaba496529ca7c799b4dda8
7553f87d65bab10cd8ee295ebe78f09a60e879c4a24a083a3f868676f1a46092
78f98b419478600e64573978f893e0a51b1d9f510cdac0e218fd0d6e994b6cfd
7a2dd21532e68bb69249e38f9f22315cd53843f618a78b6169c3ae64ac02294f
7ac6a49c25ac359904103660a75c3b1048f271ec4baf67b93a9c796d6889d382
7b29b50a7fabb77e9ab40f7d6e7f8a23e76c022528009f786f8692bf0d03bba2
7ceb0ffa75cfb8cdf425576db4e3e7e5ff7ebb2a615d22fac7b465447106b99a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
889520bc2573bafa85fe6c2349432f801c6b5404ea5ca40224a5d7f87cecf054
890ed4f132ee2204334f76e7b4804f9de3e6f75d6ba0f9210b2d7e9f1e6e9e17
906d95ef892054452a6bb22201cde4c24a7ffce4de462949a6e7a3d3ca945a70
9501a7edd6ad33bfa57e53bb196bcc911e92fd2e09a59ec19265485ef04ad6b2
9c3ee2a2f67bf5321b0ec2b11d2a08f6f3f8f9b5e38931be2d420bca2dac46aa
9e08f029388b6abcb1b107b3eb70dedd2ea64e9216356bdc1ff2770b1beef6c9
a55757951ab193b5fd7c6877bed484e1ddbfac39546180f2d2ed62255c831d79
a5a3c30f186f949a0e014dd8bc0fd8df51b1c388f1783969b393923ede1a8907
b38e79ee40590865f74bee19f18eebca81e5dc7f8c1b7ddc68965512fa391389
bc99c93c4bf64baa160338d28cfb2affd4bd37498ec0d52232016e7cdc51fc64
c4d140ff3cc7bda3fa39f2fc0897c95bd1e140e44932cb42ccfebe9fedb101ef
c8f239cb6514e997262a7e18bbd8ebd3f2913ea696f11a19be617ee8875a86a7
ce02933ac97b5e3cc08cad0e0a860a1e3dbabe78d6854d0a25777a55b5de9d43
cef8606a897074fe5371276570a80b5ab58eb25c67def14072c1acf7a19f6621
d4b1c7eaeb81a154ddde2b3838dcf90d30a4a23c6f42ea0887cdd98e43fa9a91
d96972e84f8b03eca88d2af8f9eb4ce69446f86c03af03bf7fb109dd9847896c
d9a0280f3e63a156286761fbd850d4608747cc4824fe614af52ddc7a2856eae3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e08069362721d144d84f24395fd827901ad1eb93254333b4090971e4bad7a4a6
e25cb9507212e1baf90bed027ff19b44de17279fbe76e1cc30d86163c78a8918
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bc814c2ff563a9cdfcc8647f01b8b6de252bf3d0b0ab82d6fc24a78116d01b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f37e21c653607facbf39ad55a0d09b23fbda4ee1be8202257bd4c218eb1544ee
f79bd57ebc600cd520774bbb58c446c5ae6a8cab74c86c378652e3aa4d4ffc1e
fb13fa99dcd8d521b12b3996c7d89c7282416baff7669f4a4f4d6de5409202a1