www.newamericanfunding.com Open in urlscan Pro
35.71.138.75 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://users.tpg.com.au/jefalast/prqt/naf
Effective URL:
https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source=Dagnts&utm_medium=e...
Submission: On May 22 via api (May 22nd 2022, 7:45:38 am UTC) from BE — Scanned from DE

Summary HTTP 73 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 25 domains to perform 73 HTTP transactions. The main IP is 35.71.138.75, located in United States and belongs to AMAZON-02, US. The main domain is www.newamericanfunding.com. The Cisco Umbrella rank of the primary domain is 87069.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 3rd 2022. Valid for: a year.

This is the only time www.newamericanfunding.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	203.26.24.80 203.26.24.80	7545 (TPG-INTER...) (TPG-INTERNET-AP TPG Telecom Limited)
1 1	34.95.111.143 34.95.111.143	15169 (GOOGLE) (GOOGLE)
2 2	35.169.19.145 35.169.19.145	14618 (AMAZON-AES) (AMAZON-AES)
14	35.71.138.75 35.71.138.75	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2600:9000:214... 2600:9000:214f:7e00:12:548e:a040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	178.250.2.140 178.250.2.140	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	151.139.128.8 151.139.128.8	20446 (STACKPATH...) (STACKPATH-CDN)
6	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.117.59.81 34.117.59.81	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	54.231.200.208 54.231.200.208	() ()
4	2a00:1450:400... 2a00:1450:4001:800::2004	() ()
4	2a00:1450:400... 2a00:1450:4001:830::2003	() ()
2	2a00:1450:400... 2a00:1450:4001:812::2002	() ()
1	178.250.0.157 178.250.0.157	() ()
1	212.82.100.181 212.82.100.181	() ()
1	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	() ()
73	28

1 203.26.24.80 (Australia)

ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU)
PTR: users.tpgi.com.au

users.tpg.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.111.143 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 143.111.95.34.bc.googleusercontent.com

www.br2ghatrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.169.19.145 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-19-145.compute-1.amazonaws.com

mrktrecord12.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trktotal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 35.71.138.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: ab6bda7645e7272c3.awsglobalaccelerator.com

www.newamericanfunding.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:214f:7e00:12:548e:a040:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.newamericanfunding.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.140 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.8 (United States)

ASN20446 (STACKPATH-CDN, US)

use.fortawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.59.81 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 81.59.117.34.bc.googleusercontent.com

ipinfo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.200.208 (None, )

ASN- ()

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (None, )

ASN- ()

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (None, )

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (None, )

ASN- ()

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (None, )

ASN- ()

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:181:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	newamericanfunding.com www.newamericanfunding.com — Cisco Umbrella Rank: 87069 assets.newamericanfunding.com — Cisco Umbrella Rank: 537735 fbcapi.newamericanfunding.com Failed	268 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5275	111 KB
4	google.de www.google.de	692 B
4	google.com www.google.com	692 B
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 92 googleads.g.doubleclick.net	4 KB
4	criteo.com 1 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4508 gum.criteo.com — Cisco Umbrella Rank: 393 mug.criteo.com	8 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 375	12 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	7 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 413	7 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	93 KB
2	gstatic.com fonts.gstatic.com	68 KB
2	fortawesome.com use.fortawesome.com — Cisco Umbrella Rank: 21377	354 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46 ajax.googleapis.com — Cisco Umbrella Rank: 295	35 KB
1	facebook.com www.facebook.com	297 B
1	yahoo.com sp.analytics.yahoo.com	633 B
1	amazonaws.com s3.amazonaws.com	657 B
1	ipinfo.io ipinfo.io — Cisco Umbrella Rank: 6566	507 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 110	15 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 621	14 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	81 KB
1	trktotal.com 1 redirects trktotal.com	958 B
1	mrktrecord12.com 1 redirects mrktrecord12.com	325 B
1	br2ghatrk.com 1 redirects www.br2ghatrk.com — Cisco Umbrella Rank: 838070	467 B
1	tpg.com.au users.tpg.com.au	559 B
73	25

	Domain	Requested by
14	www.newamericanfunding.com	users.tpg.com.au www.newamericanfunding.com
9	assets.newamericanfunding.com	www.newamericanfunding.com
6	dev.visualwebsiteoptimizer.com	www.newamericanfunding.com dev.visualwebsiteoptimizer.com
4	www.google.de	www.newamericanfunding.com
4	www.google.com	www.newamericanfunding.com
3	bat.bing.com	users.tpg.com.au bat.bing.com www.newamericanfunding.com
3	www.google-analytics.com	www.googletagmanager.com www.newamericanfunding.com
3	cdnjs.cloudflare.com	www.newamericanfunding.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	stats.g.doubleclick.net	www.newamericanfunding.com
2	gum.criteo.com	1 redirects static.criteo.net
2	s.yimg.com	users.tpg.com.au www.newamericanfunding.com
2	connect.facebook.net	users.tpg.com.au connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com
2	use.fortawesome.com	www.newamericanfunding.com use.fortawesome.com
1	www.facebook.com	www.newamericanfunding.com
1	sp.analytics.yahoo.com	www.newamericanfunding.com
1	mug.criteo.com	www.newamericanfunding.com
1	s3.amazonaws.com	www.newamericanfunding.com
1	ipinfo.io	www.newamericanfunding.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.criteo.net	dynamic.criteo.com
1	www.googletagmanager.com	www.newamericanfunding.com
1	ajax.googleapis.com	www.newamericanfunding.com
1	dynamic.criteo.com	www.newamericanfunding.com
1	fonts.googleapis.com	www.newamericanfunding.com
1	trktotal.com	1 redirects
1	mrktrecord12.com	1 redirects
1	www.br2ghatrk.com	1 redirects
1	users.tpg.com.au
0	fbcapi.newamericanfunding.com Failed	www.newamericanfunding.com
73	31

This site contains links to these domains. Also see Links.

Domain
www.benefits.va.gov
www.nmlsconsumeraccess.org

Subject Issuer	Validity	Valid
*.newamericanfunding.com Go Daddy Secure Certificate Authority - G2	`2022-05-03` - `2023-05-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
assets.newamericanfunding.com Amazon	`2022-01-07` - `2023-02-05`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
use.fonticons.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-28` - `2022-05-29`	3 months	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-05-02` - `2022-06-22`	2 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
ipinfo.io GTS CA 1D4	`2022-04-23` - `2022-07-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source=Dagnts&utm_medium=email&utm_content=default&utm_campaign=dagnts_catchall2&utm_term=default&sub_id=357555332&pub_id=42424_12
Frame ID: 0EC89C7467CBE3240D4C7684DA0FE698
Requests: 77 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.newamericanfunding.com&origin=onetag
Frame ID: 4B09C2E08921BAF44294934F43170567
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lander Form JNew American Funding | Request Mortgage Quote | New American Funding

Page URL History Show full URLs

http://users.tpg.com.au/jefalast/prqt/naf Page URL
https://www.br2ghatrk.com/J84C5/76KDZW/ HTTP 302
https://mrktrecord12.com/?E=GTb1AMKXFUxkcZca3yT4E9pgVz%2ft6P9%2bDbfaF54T%2fx8%3d&s1=12&s2=161f17a2159... HTTP 302
https://trktotal.com/?E=GTb1AMKXFUxkcZca3yT4E9pgVz%2ft6P9%2bDbfaF54T%2fx8%3d&s1=12&s2=161f17a2159... HTTP 302
https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

VWO (Analytics) Expand

Overall confidence: 100%
Detected patterns

dev\.visualwebsiteoptimizer\.com/?([\d.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

73
Requests

95 %
HTTPS

59 %
IPv6

25
Domains

31
Subdomains

28
IPs

6
Countries

1313 kB
Transfer

2826 kB
Size

24
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.benefits.va.gov/homeloans/index.asp
Title: http://www.benefits.va.gov/homeloans/index.asp

Search URL Search Domain Scan URL

URL: http://www.nmlsconsumeraccess.org/EntityDetails.aspx/COMPANY/6606
Title: NMLS ID#6606

Search URL Search Domain Scan URL

URL: http://www.nmlsconsumeraccess.org/
Title: NMLS Consumer Access

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://users.tpg.com.au/jefalast/prqt/naf Page URL
https://www.br2ghatrk.com/J84C5/76KDZW/ HTTP 302
https://mrktrecord12.com/?E=GTb1AMKXFUxkcZca3yT4E9pgVz%2ft6P9%2bDbfaF54T%2fx8%3d&s1=12&s2=161f17a2159647d8988d76d9d6b44bcb&s3=__ HTTP 302
https://trktotal.com/?E=GTb1AMKXFUxkcZca3yT4E9pgVz%2ft6P9%2bDbfaF54T%2fx8%3d&s1=12&s2=161f17a2159647d8988d76d9d6b44bcb&s3=__&ckmguid=ebef74ae-ba70-4bc6-a0a0-a618cf38bf53 HTTP 302
https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source=Dagnts&utm_medium=email&utm_content=default&utm_campaign=dagnts_catchall2&utm_term=default&sub_id=357555332&pub_id=42424_12 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://gum.criteo.com/sid/json?origin=onetag&domain=newamericanfunding.com&sn=ChromeSyncframe&so=0&topUrl=www.newamericanfunding.com&cw=1&lsw=1&topicsavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=TlSi3nxpM2kvTmFLZm01eDllVjY1M0N3bTJQZXkxSU9iRFlNWm0zeUJoeXBYU0JsQ2V6R2tJUGxNT2NWbzVPMnozZzlkRndsL0FCdFBEWk9MWkxNKzg4TEtEYlEyYi9IRDBOWmU3TStxK3BVTFVqbnc2dDdXQng3eWl3eEE4MzdQcko3QTQwVklWY29rdnFzREtpeDJRaEFFYllzU3Zha2d0cW5MbWt2c1Q0ak9CNTNmMThiaEswQkZPeGg2QkFiVGZCMkdKNzIzSnF2ZnFjTE5LMG01blJCWUZsR25lNFhQQVRzYStoSVhoa2xkUFVsaDZCN3dVd0dZWC95cXNRN1hTSE44TTRENVAwUnM3TVRBQ2NOL3JWWTdISHd2SzNvd0xsL2luWGVuZUJkVWhIND18&cppv=2

73 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK naf Show response
users.tpg.com.au/jefalast/prqt/ 215 B
559 B 1059ms
331ms Document
text/html 203.26.24.80
TPG-INTERNET-AP T...

General

Check archive.org

Show headers Download Go to

Full URL: http://users.tpg.com.au/jefalast/prqt/naf
Protocol: HTTP/1.1
Server: 203.26.24.80 , Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS: users.tpgi.com.au
Software: Apache /
Resource Hash: 4a72f9ae943f368a67c4abee3476c1f228b2f50ee07a89e21137aa2f9292c69a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 173
Content-Type: text/html
Date: Sun, 22 May 2022 07:45:33 GMT
ETag: "480c0-d7-ac78c680"
Expires: Mon, 23 May 2022 07:45:33 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Sun, 17 Apr 2022 19:30:18 GMT
Server: Apache
Vary: Accept-Encoding

GET
H2

200

Primary Request / Show response
www.newamericanfunding.com/lfj/dagnts/
Redirect Chain

https://www.br2ghatrk.com/J84C5/76KDZW/
https://mrktrecord12.com/?E=GTb1AMKXFUxkcZca3yT4E9pgVz%2ft6P9%2bDbfaF54T%2fx8%3d&s1=12&s2=161f17a2159647d8988d76d9d6b44bcb&s3=__
https://trktotal.com/?E=GTb1AMKXFUxkcZca3yT4E9pgVz%2ft6P9%2bDbfaF54T%2fx8%3d&s1=12&s2=161f17a2159647d8988d76d9d6b44bcb&s3=__&ckmguid=ebef74ae-ba70-4bc6-a0a0-a618cf38bf53
https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source=Dagnts&utm_medium=email&utm_content=default&utm_campaign=dagnts_catchall2&utm_term=de...

96 KB
20 KB

874ms
524ms

Document
text/html

35.71.138.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source=Dagnts&utm_medium=email&utm_content=default&utm_campaign=dagnts_catchall2&utm_term=default&sub_id=357555332&pub_id=42424_12

Requested by

Host: users.tpg.com.au
URL: http://users.tpg.com.au/jefalast/prqt/naf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.71.138.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ab6bda7645e7272c3.awsglobalaccelerator.com

Software

nginx /

Resource Hash

d5eeae46c9661fea731fd997c6afffdb6866b54c04d3c0f468ac029a35fffcbe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://users.tpg.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

amp-access-control-allow-source-origin: http://74.80.208.44
cache-control: private,max-age=0
content-encoding: gzip
content-length: 19145
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
content-type: text/html; charset=utf-8
date: Sun, 22 May 2022 07:45:35 GMT
server: nginx
server-timing: dtSInfo;desc="0", dtRpid;desc="523103316"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-oneagent-js-injection: true
x-request-id: c3cdb7f095f40388a4bc85ffd19438e1
x-ruxit-js-agent: true
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private
content-length: 388
content-type: text/html; charset=utf-8
date: Sun, 22 May 2022 07:45:34 GMT
location: https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source=Dagnts&utm_medium=email&utm_content=default&utm_campaign=dagnts_catchall2&utm_term=default&sub_id=357555332&pub_id=42424_12
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 ruxitagentjs_ICA27QVfghjlqrtux_10239220408103229.js Show response
www.newamericanfunding.com/ 337 KB
123 KB 620ms
619ms Script
text/javascript 35.71.138.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newamericanfunding.com/ruxitagentjs_ICA27QVfghjlqrtux_10239220408103229.js

Requested by

Host: www.newamericanfunding.com
URL: https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source=Dagnts&utm_medium=email&utm_content=default&utm_campaign=dagnts_catchall2&utm_term=default&sub_id=357555332&pub_id=42424_12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.71.138.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ab6bda7645e7272c3.awsglobalaccelerator.com

Software

nginx /

Resource Hash

f1c235d0dbd612ddf050450be7a4ed02353c3b043edb420abd679656ad49fd03

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source=Dagnts&utm_medium=email&utm_content=default&utm_campaign=dagnts_catchall2&utm_term=default&sub_id=357555332&pub_id=42424_12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
amp-access-control-allow-source-origin: http://74.80.208.44
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
server: nginx
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable,max-age=0
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 124716
x-xss-protection: 1; mode=block
x-request-id: 2d2c2c2a893b97e7dc35cb653dc35625
expires: Mon, 22 May 2023 07:45:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 128ms
46ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato|Open+Sans:300,400,600,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea51c1db95d9a533fc4eea0588b21175d83d3867ee72a71402c9866905012036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 22 May 2022 07:45:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 22 May 2022 07:45:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 May 2022 07:45:35 GMT

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.7.1/ 1 KB
1 KB 124ms
46ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.7.1/slick.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4092618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 394
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-559"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DihvPXtDm5Y3SZfNuRhwce%2FuFIP%2FkbvcfoYWj%2BLYdAuVtjnTRXxbc8FH5ZNw%2FQ1Hirez%2BfcdtRrdfeqdUsybvYce7UWnJOFj9P3%2FNPcZxeZS9xO9giLGj1cJYI1ON%2FL7dnotu7jpBvmeZPz00gV1o6uY"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70f3eee6abf4908b-FRA
expires: Fri, 12 May 2023 07:45:35 GMT

GET
H2 200 bootstrap.min.css
www.newamericanfunding.com/css/ 16 KB
4 KB 348ms
347ms Stylesheet
text/css 35.71.138.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newamericanfunding.com/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.71.138.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ab6bda7645e7272c3.awsglobalaccelerator.com

Software

nginx /

Resource Hash

a77db4ac21841c3a09b7536f9e27776b0100ce38c8d689dd813a1cd1f3831138

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source=Dagnts&utm_medium=email&utm_content=default&utm_campaign=dagnts_catchall2&utm_term=default&sub_id=357555332&pub_id=42424_12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server-timing: dtSInfo;desc="0", dtRpid;desc="546539273"
vary: Accept-Encoding
content-length: 2992
x-xss-protection: 1; mode=block
x-request-id: 7a60759f9c4356e2634cb74924614e6e
amp-access-control-allow-source-origin: http://74.80.208.44
last-modified: Mon, 09 May 2022 19:03:09 GMT
server: nginx
x-frame-options: DENY
etag: "38d27d6cd763d81:0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: public;max-age,max-age=691200,max-age=0
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
accept-ranges: bytes

GET
H2 200 dynamiclongform-b.min.css
www.newamericanfunding.com/css/ 30 KB
9 KB 380ms
379ms Stylesheet
text/css 35.71.138.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newamericanfunding.com/css/dynamiclongform-b.min.css?v=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.71.138.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ab6bda7645e7272c3.awsglobalaccelerator.com

Software

nginx /

Resource Hash

1a5ab0903aa18f8a86d8a30aec33fbcc2ad017950beac1f5a0cf7bac2614617f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source=Dagnts&utm_medium=email&utm_content=default&utm_campaign=dagnts_catchall2&utm_term=default&sub_id=357555332&pub_id=42424_12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server-timing: dtSInfo;desc="0", dtRpid;desc="1065720301"
vary: Accept-Encoding
content-length: 8356
x-xss-protection: 1; mode=block
x-request-id: c68a2b4d74eb23aec9a85e97f76e808a
amp-access-control-allow-source-origin: http://74.80.208.44
last-modified: Mon, 09 May 2022 19:10:16 GMT
server: nginx
x-frame-options: DENY
etag: "bf9b36bd863d81:0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: public;max-age,max-age=691200,max-age=0
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
accept-ranges: bytes

GET
H2 200 logo-new-american-white.png
assets.newamericanfunding.com/images/logos/ 4 KB
4 KB 230ms
40ms Image
image/png 2600:9000:214f:7e00:12:548e:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.newamericanfunding.com/images/logos/logo-new-american-white.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:7e00:12:548e:a040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5dc84f561da42bdda2d631a4e42d6cde8cb002ac1b42ebf01aa83a7906d9c7b7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' 'unsafe-inline' naf-emails.s3.amazonaws.com s3.amazonaws.com; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 09:58:34 GMT
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 7249623
x-cache: Hit from cloudfront
content-length: 3900
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 25 Sep 2017 17:33:48 GMT
server: AmazonS3
x-frame-options: DENY
etag: "dd9a1b30fd0e27aa00446c38da4423e1"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-version-id: null
cache-control: public, max-age=31536000, max-age=0
content-security-policy: default-src 'self'; img-src 'self' 'unsafe-inline' naf-emails.s3.amazonaws.com s3.amazonaws.com; style-src 'self' 'unsafe-inline'
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: 2TPe9zyeyrp1UFzwiWzv6-2-jz95kXwFOBDx1ecBUVdqTO3KboteUg==
expires: 30

GET
H2 200 gradient.jpg
assets.newamericanfunding.com/images/bg/ 359 B
1000 B 504ms
314ms Image
image/jpeg 2600:9000:214f:7e00:12:548e:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.newamericanfunding.com/images/bg/gradient.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:7e00:12:548e:a040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1d9519933c9bcca61b26125cc6acb022c41ef1a257b478d1392f8bae76fa3860

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' 'unsafe-inline' naf-emails.s3.amazonaws.com s3.amazonaws.com; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src 'self' 'unsafe-inline' naf-emails.s3.amazonaws.com s3.amazonaws.com; style-src 'self' 'unsafe-inline'
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: RefreshHit from cloudfront
date: Sun, 22 May 2022 07:45:37 GMT
content-length: 359
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 08 Jul 2021 21:37:17 GMT
server: AmazonS3
x-frame-options: DENY
etag: "c2a18d8fc7c12aa14053301ac597df4b"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-version-id: lrwcmBFrmMdV0tySLEEkgeuHJsZnZWE8
cache-control: max-age=0
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: PDls9rEyxAhKNVByqJw0MuGC4Rvy6STbH-ydP--eGpQ8ViVYJSNOng==

GET
H2 200 purchase-white.png
assets.newamericanfunding.com/images/icons/ 671 B
1 KB 465ms
275ms Image
image/png 2600:9000:214f:7e00:12:548e:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.newamericanfunding.com/images/icons/purchase-white.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:7e00:12:548e:a040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0d9dbc7fd94c88a27d847152aa1187146cb1a83fa4e97d2b920614770a3702cc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' 'unsafe-inline' naf-emails.s3.amazonaws.com s3.amazonaws.com; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src 'self' 'unsafe-inline' naf-emails.s3.amazonaws.com s3.amazonaws.com; style-src 'self' 'unsafe-inline'
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: RefreshHit from cloudfront
date: Sun, 22 May 2022 07:45:37 GMT
content-length: 671
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 08 Jul 2021 20:17:27 GMT
server: AmazonS3
x-frame-options: DENY
etag: "60a5e39f9bacf2a1bf3ba78e3885924b"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-version-id: di1SYI4lsP1l0TaioaDsRpt8Fsp8tbJh
cache-control: max-age=0
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: jfp9E_swbjhv0lql5twwpox76P9LKnRA3Uv_Ajds9EWLI_U95PrSjg==

GET
H2 200 purchase-dark.png
assets.newamericanfunding.com/images/icons/ 1 KB
2 KB 424ms
234ms Image
image/png 2600:9000:214f:7e00:12:548e:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.newamericanfunding.com/images/icons/purchase-dark.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:7e00:12:548e:a040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6edffc356433a7d852141810018fe672e8492539f9d11c26986fbb1bc726b7d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' 'unsafe-inline' naf-emails.s3.amazonaws.com s3.amazonaws.com; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src 'self' 'unsafe-inline' naf-emails.s3.amazonaws.com s3.amazonaws.com; style-src 'self' 'unsafe-inline'
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: RefreshHit from cloudfront
date: Sun, 22 May 2022 07:45:37 GMT
content-length: 1258
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 08 Jul 2021 20:23:33 GMT
server: AmazonS3
x-frame-options: DENY
etag: "f02089e296a75b5697fe1c7c2eaa0e51"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-version-id: _T1hT56MDudf7n189jCWri75PeuxaDxg
cache-control: max-age=0
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: VgbvrKFCXVc8-1oZGPpjlLgYApygEI8h2jNuIIZ0uMbzvQUnLqKDbg==

GET
H2 200 refinance-white.png
assets.newamericanfunding.com/images/icons/ 1 KB
2 KB 705ms
516ms Image
image/png 2600:9000:214f:7e00:12:548e:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.newamericanfunding.com/images/icons/refinance-white.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:7e00:12:548e:a040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

850f365c97a72f65e02a6070187e1b181ad940a83d01305f8d6ef7995831c466

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' 'unsafe-inline' naf-emails.s3.amazonaws.com s3.amazonaws.com; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src 'self' 'unsafe-inline' naf-emails.s3.amazonaws.com s3.amazonaws.com; style-src 'self' 'unsafe-inline'
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: RefreshHit from cloudfront
date: Sun, 22 May 2022 07:45:37 GMT
content-length: 1308
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 08 Jul 2021 20:17:27 GMT
server: AmazonS3
x-frame-options: DENY
etag: "e594d75e1a456d5b59edb101ad5752f0"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-version-id: y8i09Jk64qv45wKwKSLhUMc8.W6.V2NB
cache-control: max-age=0
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: oyWKGSpHpQyOkNLOVxCKG8KcmNujSTijJUAHWJctFnbH87SalJKi_w==

GET
H2 200 refinance-dark.png
assets.newamericanfunding.com/images/icons/ 2 KB
3 KB 665ms
476ms Image
image/png 2600:9000:214f:7e00:12:548e:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.newamericanfunding.com/images/icons/refinance-dark.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:7e00:12:548e:a040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

853132bb72144f1565e59d4b5e504e8a30d62d5bf6c4c448d389999476b77d87

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' 'unsafe-inline' naf-emails.s3.amazonaws.com s3.amazonaws.com; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src 'self' 'unsafe-inline' naf-emails.s3.amazonaws.com s3.amazonaws.com; style-src 'self' 'unsafe-inline'
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: RefreshHit from cloudfront
date: Sun, 22 May 2022 07:45:37 GMT
content-length: 2503
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 08 Jul 2021 20:23:34 GMT
server: AmazonS3
x-frame-options: DENY
etag: "65ef811a0105424453bc189c4cc20768"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-version-id: lB_4Xd3UfKVipvJcMRoUupHCP3M_M462
cache-control: max-age=0
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: WixPv4WKwyDAsewyTjDu360G0h8LnHws54wv3WZkDdVBoOxGza8t5w==

GET
H2 200 accolade-reviews-experience-white.png
assets.newamericanfunding.com/images/home/ 2 KB
2 KB 640ms
498ms Image
image/png 2600:9000:214f:7e00:12:548e:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.newamericanfunding.com/images/home/accolade-reviews-experience-white.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:7e00:12:548e:a040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b77579a6afee59a8e83f0348ee8123691d314259829a16eea2f0943f6c01e514

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' 'unsafe-inline' naf-emails.s3.amazonaws.com s3.amazonaws.com; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src 'self' 'unsafe-inline' naf-emails.s3.amazonaws.com s3.amazonaws.com; style-src 'self' 'unsafe-inline'
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: RefreshHit from cloudfront
date: Sun, 22 May 2022 07:45:37 GMT
content-length: 1846
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 30 Mar 2021 01:55:39 GMT
server: AmazonS3
x-frame-options: DENY
etag: "40588e2c83470473568ea2ccbcab301a"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-version-id: 8BYYWc8XYKHdUlgezR0RqbY7bYVZpmVk
cache-control: max-age=0
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: 3Qm0wlk4QohoeSXEHn_Z2JhCEMVgnmD0ay1oNhERhPq4evo6j3KpUA==

GET
H2 200 accolade-inc-5000-white.png
assets.newamericanfunding.com/images/home/ 4 KB
4 KB 627ms
485ms Image
image/png 2600:9000:214f:7e00:12:548e:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.newamericanfunding.com/images/home/accolade-inc-5000-white.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:7e00:12:548e:a040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

aa14ba333c2a455f701745e5fb66363dbfa7314bd34ca0c3468e775d0336f625

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' 'unsafe-inline' naf-emails.s3.amazonaws.com s3.amazonaws.com; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src 'self' 'unsafe-inline' naf-emails.s3.amazonaws.com s3.amazonaws.com; style-src 'self' 'unsafe-inline'
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: RefreshHit from cloudfront
date: Sun, 22 May 2022 07:45:37 GMT
content-length: 3772
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 23 Sep 2021 02:15:42 GMT
server: AmazonS3
x-frame-options: DENY
etag: "ae23b7331ed0ab5571281714002271d4"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-version-id: vynpLSB5ScUnBrQEjdA5qLGtvsafuNWd
cache-control: max-age=0
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: 9P81emavK3VrUGFH84ZQHuAwtsRppwAKzmCbaE8c_21fHh8w0VrpaQ==

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 523 B
642 B 144ms
42ms Script
application/javascript 178.250.2.140
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=40445

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.140 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6a2a48868397d51dcb49fb332cc31708377657d01c9ea1918f6f8d16e5c9e6c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:35 GMT
content-encoding: br
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 criteo-events.js Show response
www.newamericanfunding.com/scripts/ 4 KB
2 KB 386ms
385ms Script
application/javascript 35.71.138.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newamericanfunding.com/scripts/criteo-events.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.71.138.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ab6bda7645e7272c3.awsglobalaccelerator.com

Software

nginx /

Resource Hash

eabdc61feb8193557f03ac137a8d39f71a55974d1e622f88bde68a715b2070ff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source=Dagnts&utm_medium=email&utm_content=default&utm_campaign=dagnts_catchall2&utm_term=default&sub_id=357555332&pub_id=42424_12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server-timing: dtSInfo;desc="0", dtRpid;desc="-865428892"
vary: Accept-Encoding
content-length: 1081
x-xss-protection: 1; mode=block
x-request-id: a18c1043b3b8299f86f5378b77e87393
amp-access-control-allow-source-origin: http://74.80.208.44
last-modified: Tue, 17 May 2022 22:01:26 GMT
server: nginx
x-frame-options: DENY
etag: "0bf4da7396ad81:0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: public;max-age,max-age=691200,max-age=0
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
accept-ranges: bytes

GET
H2 200 countdown.js Show response
www.newamericanfunding.com/scripts/ 1 KB
1 KB 370ms
369ms Script
application/javascript 35.71.138.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newamericanfunding.com/scripts/countdown.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.71.138.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ab6bda7645e7272c3.awsglobalaccelerator.com

Software

nginx /

Resource Hash

2e03d3ac16dccd7ddeebbc28b02fd3585ac5f6f41f6eb48db03e6e0fc810c4ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source=Dagnts&utm_medium=email&utm_content=default&utm_campaign=dagnts_catchall2&utm_term=default&sub_id=357555332&pub_id=42424_12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server-timing: dtSInfo;desc="0", dtRpid;desc="1696521664"
vary: Accept-Encoding
content-length: 616
x-xss-protection: 1; mode=block
x-request-id: 47684784e1d612886eb49ffd4af1bd8e
amp-access-control-allow-source-origin: http://74.80.208.44
last-modified: Mon, 09 May 2022 19:03:11 GMT
server: nginx
x-frame-options: DENY
etag: "b2407d6dd763d81:0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: public;max-age,max-age=691200,max-age=0
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
accept-ranges: bytes

GET
H2 200 url-param-helper.min.js Show response
www.newamericanfunding.com/scripts/ 16 KB
7 KB 364ms
364ms Script
application/javascript 35.71.138.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newamericanfunding.com/scripts/url-param-helper.min.js?v=8

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.71.138.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ab6bda7645e7272c3.awsglobalaccelerator.com

Software

nginx /

Resource Hash

94274e4fe6c686e5470c69bd3e2bb979fd00818dc046402b7f4e323866777466

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source=Dagnts&utm_medium=email&utm_content=default&utm_campaign=dagnts_catchall2&utm_term=default&sub_id=357555332&pub_id=42424_12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server-timing: dtSInfo;desc="0", dtRpid;desc="-1764770756"
vary: Accept-Encoding
content-length: 6700
x-xss-protection: 1; mode=block
x-request-id: 4586d2f122a815c826f14057fde21441
amp-access-control-allow-source-origin: http://74.80.208.44
last-modified: Tue, 17 May 2022 21:07:49 GMT
server: nginx
x-frame-options: DENY
etag: "e2dd4b2a326ad81:0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: public;max-age,max-age=691200,max-age=0
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
accept-ranges: bytes

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 121ms
38ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 03:31:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 May 2023 03:31:27 GMT

GET
H2 200 crystal.min.js Show response
www.newamericanfunding.com/scripts/ 12 KB
5 KB 356ms
353ms Script
application/javascript 35.71.138.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newamericanfunding.com/scripts/crystal.min.js?v=081621

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.71.138.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ab6bda7645e7272c3.awsglobalaccelerator.com

Software

nginx /

Resource Hash

8b2993427231b689c36ca8ee8f0c0e97d08b3ca55b0e8dcd06d9b5d7a9441feb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source=Dagnts&utm_medium=email&utm_content=default&utm_campaign=dagnts_catchall2&utm_term=default&sub_id=357555332&pub_id=42424_12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server-timing: dtSInfo;desc="0", dtRpid;desc="138079318"
vary: Accept-Encoding
content-length: 4526
x-xss-protection: 1; mode=block
x-request-id: 1ee6bccb61eea0933c51e352b3b1a39f
amp-access-control-allow-source-origin: http://74.80.208.44
last-modified: Tue, 17 May 2022 21:07:49 GMT
server: nginx
x-frame-options: DENY
etag: "763d4d2a326ad81:0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: public;max-age,max-age=691200,max-age=0
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
accept-ranges: bytes

GET
H2 200 slick1.7.1-nick-modified.min.js Show response
www.newamericanfunding.com/scripts/ 42 KB
15 KB 458ms
455ms Script
application/javascript 35.71.138.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newamericanfunding.com/scripts/slick1.7.1-nick-modified.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.71.138.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ab6bda7645e7272c3.awsglobalaccelerator.com

Software

nginx /

Resource Hash

6163d42cd4f6ee6b0ec2649ab91189654d07eef9dbd92e0ba768612f813a21ff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source=Dagnts&utm_medium=email&utm_content=default&utm_campaign=dagnts_catchall2&utm_term=default&sub_id=357555332&pub_id=42424_12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server-timing: dtSInfo;desc="0", dtRpid;desc="2120549871"
vary: Accept-Encoding
content-length: 14246
x-xss-protection: 1; mode=block
x-request-id: d0fca107d4abb63686c915e8742ac5c6
amp-access-control-allow-source-origin: http://74.80.208.44
last-modified: Tue, 17 May 2022 21:07:49 GMT
server: nginx
x-frame-options: DENY
etag: "f293492a326ad81:0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: public;max-age,max-age=691200,max-age=0
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
accept-ranges: bytes

GET
H2 200 Dynamiclongform-2.min.js Show response
www.newamericanfunding.com/scripts/ 48 KB
16 KB 431ms
428ms Script
application/javascript 35.71.138.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newamericanfunding.com/scripts/Dynamiclongform-2.min.js?v=19

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.71.138.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ab6bda7645e7272c3.awsglobalaccelerator.com

Software

nginx /

Resource Hash

9dd379e32b8ecaa0011f2d5e6c1a3303b50b1b046d692ded1192c6485cd82ec2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source=Dagnts&utm_medium=email&utm_content=default&utm_campaign=dagnts_catchall2&utm_term=default&sub_id=357555332&pub_id=42424_12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server-timing: dtSInfo;desc="0", dtRpid;desc="1320623343"
vary: Accept-Encoding
content-length: 15095
x-xss-protection: 1; mode=block
x-request-id: a4c26d86b2b4db3b312942a93b4d9d5e
amp-access-control-allow-source-origin: http://74.80.208.44
last-modified: Tue, 17 May 2022 21:07:49 GMT
server: nginx
x-frame-options: DENY
etag: "951a4b2a326ad81:0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: public;max-age,max-age=691200,max-age=0
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
accept-ranges: bytes

GET
H2 200 jquery.mask.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.13/ 8 KB
3 KB 51ms
47ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.13/jquery.mask.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0aaed71320dc122a42a59383acc7b8071ba4aa5c7c47d667773218b38c32b443

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7472447
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-1f3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmXcamLIuAbAZUvZ4f7mtolsuvGtGZOHyBCkMKfdX4e7eHXvX4mAGD4mHhOWwAcFWQ9ZZHV5cf4AiP3ewVn%2BD3FC0xoMdnQFXaUxMrCc8f7BI%2FP%2F2Koxx2KAifMk7Pg2NX0U1mabJICSoLY1%2FK0nANgX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70f3eeeb5889908b-FRA
expires: Fri, 12 May 2023 07:45:36 GMT

GET
H2 200 progressbar.min.js Show response
www.newamericanfunding.com/scripts-compiled/dist/ 22 KB
9 KB 409ms
406ms Script
application/javascript 35.71.138.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newamericanfunding.com/scripts-compiled/dist/progressbar.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.71.138.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ab6bda7645e7272c3.awsglobalaccelerator.com

Software

nginx /

Resource Hash

fb178d0a551b045b17f8876b0cedaa4cedfd253c4de00150469b776666226d45

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source=Dagnts&utm_medium=email&utm_content=default&utm_campaign=dagnts_catchall2&utm_term=default&sub_id=357555332&pub_id=42424_12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server-timing: dtSInfo;desc="0", dtRpid;desc="-568547100"
vary: Accept-Encoding
content-length: 8592
x-xss-protection: 1; mode=block
x-request-id: 1d76c977b31c23c34a39f5b96dd637a8
amp-access-control-allow-source-origin: http://74.80.208.44
last-modified: Mon, 09 May 2022 19:03:11 GMT
server: nginx
x-frame-options: DENY
etag: "e5f1736dd763d81:0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: public;max-age,max-age=691200,max-age=0
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
accept-ranges: bytes

GET
H2 200 parsley.min.js Show response
www.newamericanfunding.com/scripts/ 42 KB
17 KB 436ms
433ms Script
application/javascript 35.71.138.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newamericanfunding.com/scripts/parsley.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.71.138.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ab6bda7645e7272c3.awsglobalaccelerator.com

Software

nginx /

Resource Hash

dc80b239609a20048dfffddbda84c2b7eb107c1d4b9c9245bf20226d2b95e0da

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source=Dagnts&utm_medium=email&utm_content=default&utm_campaign=dagnts_catchall2&utm_term=default&sub_id=357555332&pub_id=42424_12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server-timing: dtSInfo;desc="0", dtRpid;desc="-407646680"
vary: Accept-Encoding
content-length: 16041
x-xss-protection: 1; mode=block
x-request-id: f509894a74aa702516fbd1951630b652
amp-access-control-allow-source-origin: http://74.80.208.44
last-modified: Tue, 17 May 2022 21:07:49 GMT
server: nginx
x-frame-options: DENY
etag: "fab9572a326ad81:0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: public;max-age,max-age=691200,max-age=0
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
accept-ranges: bytes

GET
H2 200 d622b6b8.js Show response
use.fortawesome.com/ 10 KB
4 KB 140ms
40ms Script
application/javascript 151.139.128.8
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fortawesome.com/d622b6b8.js
Requested by: Host: www.newamericanfunding.com
URL: https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source=Dagnts&utm_medium=email&utm_content=default&utm_campaign=dagnts_catchall2&utm_term=default&sub_id=357555332&pub_id=42424_12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.8 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 095ad0b0018dff572ef0295960325979dd2e86bbb8dbcd34a8c346b515ee7644

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:36 GMT
content-encoding: gzip
last-modified: Mon, 15 Nov 2021 21:23:32 GMT
etag: "ecc374f47039f40b743bfba3524e0108"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw: 1653205536.cds276.fr8.hn,1653205536.cds136.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60, private, must-revalidate
accept-ranges: bytes
content-length: 4081

GET
H2 200 balancetext.min.js Show response
cdnjs.cloudflare.com/ajax/libs/balance-text/3.2.0/ 9 KB
3 KB 51ms
48ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/balance-text/3.2.0/balancetext.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcb31c4ac1ffbf43d3f036c39f64e614b9e623a205b40e7ddb3ec6b9cf663694

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8764267
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2546
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:10 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d72-2397"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7hWT5rG3Xw1kOr9s%2Bp2cNTkX1bnmwDQ9bQdhFDTDPNydsIr3T6X55zr2JgDCUYz2iw5XMjFExnAxEL5pQXZpyUo5ppMGEkASBJhBQXwe9KupSPaLzuFm0UuqrNFN91mfI6a2rvmt3cHZfFWXx1QmwDH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70f3eeeb588c908b-FRA
expires: Fri, 12 May 2023 07:45:36 GMT

GET
H2 200 ruxitagentjs_D_10239220408103229.js
www.newamericanfunding.com/ 41 KB
16 KB 394ms
393ms Other
text/javascript 35.71.138.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newamericanfunding.com/ruxitagentjs_D_10239220408103229.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.71.138.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ab6bda7645e7272c3.awsglobalaccelerator.com

Software

nginx /

Resource Hash

9264e3ee3196db4257dff44aa744e2060acf7d963c2395146714604e28795cdc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source=Dagnts&utm_medium=email&utm_content=default&utm_campaign=dagnts_catchall2&utm_term=default&sub_id=357555332&pub_id=42424_12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
amp-access-control-allow-source-origin: http://74.80.208.44
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
server: nginx
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable,max-age=0
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 15305
x-xss-protection: 1; mode=block
x-request-id: 3a0b96927f46ce605a571e178f5af4d8
expires: Mon, 22 May 2023 07:45:36 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 17 KB
4 KB 533ms
433ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=326170&u=https%3A%2F%2Fwww.newamericanfunding.com%2Flfj%2Fdagnts%2F%3Frefinance%3D23950391%26purchase%3D23950276%26phone%3D8553070924%26utm_source%3DDagnts%26utm_medium%3Demail%26utm_content%3Ddefault%26utm_campaign%3Ddagnts_catchall2%26utm_term%3Ddefault%26sub_id%3D357555332%26pub_id%3D42424_12&r=0.4900691118861751
Requested by: Host: www.newamericanfunding.com
URL: https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source=Dagnts&utm_medium=email&utm_content=default&utm_campaign=dagnts_catchall2&utm_term=default&sub_id=357555332&pub_id=42424_12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 2f842a4aac122e4676ca976c46add9bdf5f1b634be9a013b121edccd16cc421d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 07:45:37 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 293 KB
81 KB 157ms
71ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P8VB28

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a9d536384efa6a5b27e81bf8b7d16e279d9d7da7025bedfdb432dde9fc33be1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82079
x-xss-protection: 0
last-modified: Sun, 22 May 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 22 May 2022 07:45:36 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 169ms
71ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato|Open+Sans:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newamericanfunding.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 461607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 23:32:09 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 136ms
38ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato|Open+Sans:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newamericanfunding.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 398247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 17:08:09 GMT

GET
H2 200 icon-hud-white.png
assets.newamericanfunding.com/images/icons/ 2 KB
3 KB 182ms
39ms Image
image/png 2600:9000:214f:7e00:12:548e:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.newamericanfunding.com/images/icons/icon-hud-white.png

Requested by

Host: www.newamericanfunding.com
URL: https://www.newamericanfunding.com/css/dynamiclongform-b.min.css?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:7e00:12:548e:a040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d709f110bd9f41f30c9942e9d0f77e5b88f731665f1f1d9bcb04d206b5455ccf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' 'unsafe-inline' naf-emails.s3.amazonaws.com s3.amazonaws.com; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 17:53:50 GMT
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 8257907
x-cache: Hit from cloudfront
content-length: 2305
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 25 Sep 2017 17:33:29 GMT
server: AmazonS3
x-frame-options: DENY
etag: "aacefd3461c0d3d5ea6f77bcc2a4e25d"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-version-id: null
cache-control: public, max-age=31536000, max-age=0
content-security-policy: default-src 'self'; img-src 'self' 'unsafe-inline' naf-emails.s3.amazonaws.com s3.amazonaws.com; style-src 'self' 'unsafe-inline'
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: ZvQTUDdV1d4ABsJxhixNuEf3pgWYvHpFXmIhMpVp_ELLlyOcDFrzwA==
expires: 30

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 41 KB
14 KB 140ms
46ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=40445

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0722e77458fcedadb2b7596ee392d9cedf6e69d241d325798759adc50c5599c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:36 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 06:27:13 GMT
server: nginx
etag: W/"626a33c1-a5a0"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 23 May 2022 07:45:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 118ms
36ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8VB28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 650
date: Sun, 22 May 2022 07:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 22 May 2022 09:34:46 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 148ms
52ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8VB28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

0a9adccc17d9e34e3971bce91e3723f1fef884844fed6e6e10085e19745faef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14849
x-xss-protection: 0
server: cafe
etag: 10272469744856839321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 22 May 2022 07:45:36 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 121ms
37ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: users.tpg.com.au
URL: http://users.tpg.com.au/jefalast/prqt/naf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: QIFOEDLQp38+czMnl/cS4N/AdTjAQXHm4Yui9sZ8o1pUXEYAhNnqzpCchitaSoPdAv/dfHssXhmJtEr9eZdgbg==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Sun, 22 May 2022 07:45:36 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 114ms
39ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: users.tpg.com.au
URL: http://users.tpg.com.au/jefalast/prqt/naf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:44:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: 7GWPD237BPSY85CW
x-amz-id-2: IhIv4DjZ0NlCpZHZEd1Pk7Lsbjzqw9BRVDqOBizUZ0282c6VhhyLxvKN4IQa11I1JzIJnvAJP5w=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 17 Jan 2022 12:00:39 GMT
server: ATS
etag: "13a189bb8f25228852b3279db3659c28-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 154ms
60ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: users.tpg.com.au
URL: http://users.tpg.com.au/jefalast/prqt/naf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FDDD1B33BFA04FEE90593C401F63A8CE Ref B: FRA31EDGE0613 Ref C: 2022-05-22T07:45:36Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Sun, 22 May 2022 07:45:36 GMT
accept-ranges: bytes
content-length: 11333

POST
H2 200 PostPageVisit Show response
www.newamericanfunding.com/umbraco/Surface/Lead/ 455 B
1 KB 340ms
340ms XHR
application/json 35.71.138.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newamericanfunding.com/umbraco/Surface/Lead/PostPageVisit

Requested by

Host: www.newamericanfunding.com
URL: https://www.newamericanfunding.com/ruxitagentjs_ICA27QVfghjlqrtux_10239220408103229.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.71.138.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ab6bda7645e7272c3.awsglobalaccelerator.com

Software

nginx /

Resource Hash

4d1afecef16c7ca73196667ff2be44e0c9b273cd1be6aed1af28bf7c34da0047

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source=Dagnts&utm_medium=email&utm_content=default&utm_campaign=dagnts_catchall2&utm_term=default&sub_id=357555332&pub_id=42424_12
x-dtpc: 6$205536468_344h4vTCRPJIVUNHVNUPWRNPVDCPJMCMALCNAW-0e0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 22 May 2022 07:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
amp-access-control-allow-source-origin: http://74.80.208.44
server: nginx
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
cache-control: private,max-age=0
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' www.newamericanfunding.com thebrokernetwork.com www.thebrokernetwork.com qa.thebrokernetwork.com staging.thebrokernetwork.com uat.thebrokernetwork.com; default-src 'unsafe-eval' 'unsafe-inline' data: https:; script-src 'unsafe-eval' 'unsafe-inline' data: https: blob:; style-src 'unsafe-inline' data: https:; img-src data: https: blob:; font-src data: https:; connect-src https: blob:; media-src data: https: blob:; object-src https:; frame-src data: https:; child-src data: https: blob:; form-action https:;
server-timing: dtSInfo;desc="0", dtRpid;desc="1326169648", dtTao;desc="1"
timing-allow-origin: *
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: c8f3d35ded96d5fffc9eb391585fa1a4

GET
H2 200 geo Show response
ipinfo.io/ 226 B
507 B 230ms
148ms XHR
application/json 34.117.59.81
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ipinfo.io/geo?token=e7ad35d83b2fc8

Requested by

Host: www.newamericanfunding.com
URL: https://www.newamericanfunding.com/ruxitagentjs_ICA27QVfghjlqrtux_10239220408103229.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.59.81 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

81.59.117.34.bc.googleusercontent.com

Software

Resource Hash

ab9d330fef23c628addac5b9306b4d7a15bf84fd1db8588a91523b4547b475b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.newamericanfunding.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:37 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
via: 1.1 google
vary: Accept-Encoding
x-envoy-upstream-service-time: 5
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4B09 14 KB
6 KB 133ms
45ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.newamericanfunding.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.newamericanfunding.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6039
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 07:45:36 GMT
server-processing-duration-in-ticks: 2397
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 27998.json Show response
s.yimg.com/wi/config/ 2 B
485 B 207ms
133ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/27998.json

Requested by

Host: www.newamericanfunding.com
URL: https://www.newamericanfunding.com/ruxitagentjs_ICA27QVfghjlqrtux_10239220408103229.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: GZ2NGJ4WFVRZWRFW
x-amz-id-2: rm8HmbJDEXYLZ8J4GdAExl2lQcYt9c4469RoWKWXEl5dQ8w/VBbdgO7MbQitiQmtjibPea6BX5I=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
450 B 134ms
44ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-17024218-1&cid=1696780638.1653205537&jid=805819058&gjid=281671903&_gid=654172020.1653205537&_u=YGBAgAABAAAAAE~&z=603495430

Requested by

Host: www.newamericanfunding.com
URL: https://www.newamericanfunding.com/ruxitagentjs_ICA27QVfghjlqrtux_10239220408103229.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newamericanfunding.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 22 May 2022 07:45:37 GMT
content-type: text/plain
access-control-allow-origin: https://www.newamericanfunding.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 112ms
37ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1329688089&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newamericanfunding.com%2Flfj%2Fdagnts%2F%3Frefinance%3D23950391%26purchase%3D23950276%26phone%3D8553070924%26utm_source%3DDagnts%26utm_medium%3Demail%26utm_content%3Ddefault%26utm_campaign%3Ddagnts_catchall2%26utm_term%3Ddefault%26sub_id%3D357555332%26pub_id%3D42424_12&dr=http%3A%2F%2Fusers.tpg.com.au%2F&ul=en-us&de=UTF-8&dt=Lander%20Form%20J&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=805819058&gjid=281671903&cid=1696780638.1653205537&tid=UA-17024218-1&_gid=654172020.1653205537&gtm=2wg5b0P8VB28&z=1422448488

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 00:47:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25081
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET getreviewsgrandtotal
www.newamericanfunding.com/umbraco/surface/socialreview/ 0
0

GET
H/1.1 200
OK dontcall-min.png
s3.amazonaws.com/naf.com/images/icons/ 301 B
657 B 630ms
138ms Image
image/png 54.231.200.208

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/naf.com/images/icons/dontcall-min.png
Requested by: Host: www.newamericanfunding.com
URL: https://www.newamericanfunding.com/lfj/dagnts/?refinance=23950391&purchase=23950276&phone=8553070924&utm_source=Dagnts&utm_medium=email&utm_content=default&utm_campaign=dagnts_catchall2&utm_term=default&sub_id=357555332&pub_id=42424_12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.200.208 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad1db1404602f099c298a2d903d4db91e16fa2ca295599533971383523c6acf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 07:45:38 GMT
Last-Modified: Fri, 01 Nov 2019 00:12:08 GMT
Server: AmazonS3
x-amz-request-id: GZ2PKM7ED43JD82A
ETag: "377cef5f20b790c57fa11e79d8a3bd10"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 301
x-amz-id-2: StuVLBaJODPd5mtVya4dGaJot9HnWrPNxWAReE8q0CHKbx8P1yjb7HDemjs6QixAajU3MqziA+s=

GET
DATA 200
OK truncated
/ 220 B
220 B Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd724882dc8a94e7d01094c644badf758051ed60099bb88faf936286f214c97c

Request headers

Referer
Origin: https://www.newamericanfunding.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: application/font-woff2

GET
H2 200 woff2.css
use.fortawesome.com/kits/d622b6b8/publications/116527/ 467 KB
350 KB 41ms
40ms Stylesheet
text/css 151.139.128.8
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fortawesome.com/kits/d622b6b8/publications/116527/woff2.css
Requested by: Host: use.fortawesome.com
URL: https://use.fortawesome.com/d622b6b8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.8 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 77fe5ff8fe0d5a18bca77be557dc3bd320ec4b4a66f6a4d3e667f040bd3c91e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:37 GMT
content-encoding: gzip
last-modified: Mon, 15 Nov 2021 21:23:33 GMT
etag: "fecb3aa4097e3d23eb85e1265e32ea9a"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw: 1653205537.cds276.fr8.hn,1653205537.cds055.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 357606

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 43ms
43ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1329688089&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.newamericanfunding.com%2Flfj%2Fdagnts%2F%3Frefinance%3D23950391%26purchase%3D23950276%26phone%3D8553070924%26utm_source%3DDagnts%26utm_medium%3Demail%26utm_content%3Ddefault%26utm_campaign%3Ddagnts_catchall2%26utm_term%3Ddefault%26sub_id%3D357555332%26pub_id%3D42424_12&dr=http%3A%2F%2Fusers.tpg.com.au%2F&ul=en-us&de=UTF-8&dt=Lander%20Form%20J&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=75%25&el=%2Flfj%2Fdagnts%2F&_u=aGDAAEABAAAAAG~&jid=10506775&gjid=938351361&cid=1696780638.1653205537&tid=UA-17024218-1&_gid=654172020.1653205537&_r=1&gtm=2wg5b0P8VB28&z=2054772360

Requested by

Host: www.newamericanfunding.com
URL: https://www.newamericanfunding.com/ruxitagentjs_ICA27QVfghjlqrtux_10239220408103229.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newamericanfunding.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 22 May 2022 07:45:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newamericanfunding.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 324428834398241 Show response
connect.facebook.net/signals/config/ 221 KB
67 KB 153ms
113ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/324428834398241?v=2.9.60&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

32616067620334a7ffaf7499b6d123aa4dfe40521f1a690d589406a4676f0dee

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 1ZLRQxtybCq9zKAzkI64ocQoxQRCPDDSPup7rNHnRiFpXwPsI8f8f+Fg+mex2UKoY39rIX0Fk6FttnnRCoBazQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 22 May 2022 07:45:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1653205537268
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 144ms
60ms Image
image/gif 2a00:1450:4001:800::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-17024218-1&cid=1696780638.1653205537&jid=805819058&_u=YGBAgAABAAAAAE~&z=406208854

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 07:45:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 145ms
61ms Image
image/gif 2a00:1450:4001:830::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-17024218-1&cid=1696780638.1653205537&jid=805819058&_u=YGBAgAABAAAAAE~&z=406208854

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 07:45:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 132ms
44ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-17024218-1&cid=1696780638.1653205537&jid=10506775&gjid=938351361&_gid=654172020.1653205537&_u=aGDAAEABAAAAAG~&z=1256835067

Requested by

Host: www.newamericanfunding.com
URL: https://www.newamericanfunding.com/ruxitagentjs_ICA27QVfghjlqrtux_10239220408103229.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newamericanfunding.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 22 May 2022 07:45:37 GMT
content-type: text/plain
access-control-allow-origin: https://www.newamericanfunding.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/848925655/ 3 KB
1 KB 136ms
53ms Script
text/javascript 2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/848925655/?random=1653205537184&cv=9&fst=1653205537184&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5b0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.newamericanfunding.com%2Flfj%2Fdagnts%2F%3Frefinance%3D23950391%26purchase%3D23950276%26phone%3D8553070924%26utm_source%3DDagnts%26utm_medium%3Demail%26utm_content%3Ddefault%26utm_campaign%3Ddagnts_catchall2%26utm_term%3Ddefault%26sub_id%3D357555332%26pub_id%3D42424_12&ref=http%3A%2F%2Fusers.tpg.com.au%2F&tiba=Lander%20Form%20J&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e5ab0563bda79f27dd9e534a42684fe8cfc0fba8ee107cf7fb582e7ea93a9039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 07:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1173
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/848925655/ 3 KB
2 KB 133ms
51ms Script
text/javascript 2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/848925655/?random=1653205537187&cv=9&fst=1653205537187&num=1&label=K8Y3CIun6cIBENen5pQD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5b0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.newamericanfunding.com%2Flfj%2Fdagnts%2F%3Frefinance%3D23950391%26purchase%3D23950276%26phone%3D8553070924%26utm_source%3DDagnts%26utm_medium%3Demail%26utm_content%3Ddefault%26utm_campaign%3Ddagnts_catchall2%26utm_term%3Ddefault%26sub_id%3D357555332%26pub_id%3D42424_12&ref=http%3A%2F%2Fusers.tpg.com.au%2F&tiba=Lander%20Form%20J&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

9f4d1ca812315c6cbda73d0f7eacd54451037bd2fb0a21b27e96c3e3e0c1ca0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 07:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1223
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 13003688.js Show response
bat.bing.com/p/action/ 0
137 B 174ms
173ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/13003688.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B71861C04FDC410EA4FE82915D4F2A05 Ref B: FRA31EDGE0613 Ref C: 2022-05-22T07:45:37Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Sun, 22 May 2022 07:45:37 GMT

GET
H2 204 0
bat.bing.com/action/ 0
176 B 59ms
59ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13003688&Ver=2&mid=8e9f436e-0e93-4438-8bea-5630f321b9a3&sid=2b5b0950d9a311ec88de5db874360f40&vid=2b5b2030d9a311ec9205a5a5f2036a03&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Lander%20Form%20J&p=https%3A%2F%2Fwww.newamericanfunding.com%2Flfj%2Fdagnts%2F%3Frefinance%3D23950391%26purchase%3D23950276%26phone%3D8553070924%26utm_source%3DDagnts%26utm_medium%3Demail%26utm_content%3Ddefault%26utm_campaign%3Ddagnts_catchall2%26utm_term%3Ddefault%26sub_id%3D357555332%26pub_id%3D42424_12&r=http%3A%2F%2Fusers.tpg.com.au%2F&lt=3907&evt=pageLoad&msclkid=N&sv=1&rn=626623

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A96393811C984E7497E10E8545F0D996 Ref B: FRA31EDGE0613 Ref C: 2022-05-22T07:45:37Z
date: Sun, 22 May 2022 07:45:37 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4B09
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=newamericanfunding.com&sn=ChromeSyncframe&so=0&topUrl=www.newamericanfunding.com&cw=1&lsw=1&topicsavail=0
https://mug.criteo.com/sid?cpp=TlSi3nxpM2kvTmFLZm01eDllVjY1M0N3bTJQZXkxSU9iRFlNWm0zeUJoeXBYU0JsQ2V6R2tJUGxNT2NWbzVPMnozZzlkRndsL0FCdFBEWk9MWkxNKzg4TEtEYlEyYi9IRDBOWmU3TStxK3BVTFVqbnc2dDdXQng3eWl3eE...

452 B
652 B

237ms
51ms

Fetch
application/json

178.250.0.157

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=TlSi3nxpM2kvTmFLZm01eDllVjY1M0N3bTJQZXkxSU9iRFlNWm0zeUJoeXBYU0JsQ2V6R2tJUGxNT2NWbzVPMnozZzlkRndsL0FCdFBEWk9MWkxNKzg4TEtEYlEyYi9IRDBOWmU3TStxK3BVTFVqbnc2dDdXQng3eWl3eEE4MzdQcko3QTQwVklWY29rdnFzREtpeDJRaEFFYllzU3Zha2d0cW5MbWt2c1Q0ak9CNTNmMThiaEswQkZPeGg2QkFiVGZCMkdKNzIzSnF2ZnFjTE5LMG01blJCWUZsR25lNFhQQVRzYStoSVhoa2xkUFVsaDZCN3dVd0dZWC95cXNRN1hTSE44TTRENVAwUnM3TVRBQ2NOL3JWWTdISHd2SzNvd0xsL2luWGVuZUJkVWhIND18&cppv=2

Requested by

Protocol

Server

178.250.0.157 -, , ASN (),

Reverse DNS

Software

Resource Hash

dc4b69ba7c417a49b29c88eb4b8a3fbae8b158db1b6a2d29235194c9de1c5459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 07:45:36 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5863
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 22 May 2022 07:45:36 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=TlSi3nxpM2kvTmFLZm01eDllVjY1M0N3bTJQZXkxSU9iRFlNWm0zeUJoeXBYU0JsQ2V6R2tJUGxNT2NWbzVPMnozZzlkRndsL0FCdFBEWk9MWkxNKzg4TEtEYlEyYi9IRDBOWmU3TStxK3BVTFVqbnc2dDdXQng3eWl3eEE4MzdQcko3QTQwVklWY29rdnFzREtpeDJRaEFFYllzU3Zha2d0cW5MbWt2c1Q0ak9CNTNmMThiaEswQkZPeGg2QkFiVGZCMkdKNzIzSnF2ZnFjTE5LMG01blJCWUZsR25lNFhQQVRzYStoSVhoa2xkUFVsaDZCN3dVd0dZWC95cXNRN1hTSE44TTRENVAwUnM3TVRBQ2NOL3JWWTdISHd2SzNvd0xsL2luWGVuZUJkVWhIND18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1324
content-length: 567
expires: 0

GET
H3 200 va-3a8c03cc83fd9c554b5af6e1cc1ffa80.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 222 KB
63 KB 78ms
38ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/va-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=326170&u=https%3A%2F%2Fwww.newamericanfunding.com%2Flfj%2Fdagnts%2F%3Frefinance%3D23950391%26purchase%3D23950276%26phone%3D8553070924%26utm_source%3DDagnts%26utm_medium%3Demail%26utm_content%3Ddefault%26utm_campaign%3Ddagnts_catchall2%26utm_term%3Ddefault%26sub_id%3D357555332%26pub_id%3D42424_12&r=0.4900691118861751
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 31764e4ca364928c614c72e307104e8063e6dce150f99f4c2504a0fc925e6fff

Request headers

Referer: https://www.newamericanfunding.com/
Origin: https://www.newamericanfunding.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:37 GMT
content-encoding: br
last-modified: Fri, 20 May 2022 07:49:01 GMT
server: gfra1
etag: "628747ed-fb7e"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64382
via: 1.1 google

GET
H3 200 track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 12 KB
4 KB 252ms
213ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=326170&u=https%3A%2F%2Fwww.newamericanfunding.com%2Flfj%2Fdagnts%2F%3Frefinance%3D23950391%26purchase%3D23950276%26phone%3D8553070924%26utm_source%3DDagnts%26utm_medium%3Demail%26utm_content%3Ddefault%26utm_campaign%3Ddagnts_catchall2%26utm_term%3Ddefault%26sub_id%3D357555332%26pub_id%3D42424_12&r=0.4900691118861751
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: b270ff5dca8e4fa641b4fb1e08683bc5826351cc3f6a3165e2d6134216a20187

Request headers

Referer: https://www.newamericanfunding.com/
Origin: https://www.newamericanfunding.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:37 GMT
content-encoding: br
last-modified: Fri, 20 May 2022 07:49:01 GMT
server: gfra1
etag: "628747ed-e85"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3717
via: 1.1 google

GET
H3 200 opa-3d1a80cbbc4fdc4472eae80c14d918ad.js Show response
dev.visualwebsiteoptimizer.com/analysis/4.0/ 104 KB
27 KB 93ms
54ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=326170&u=https%3A%2F%2Fwww.newamericanfunding.com%2Flfj%2Fdagnts%2F%3Frefinance%3D23950391%26purchase%3D23950276%26phone%3D8553070924%26utm_source%3DDagnts%26utm_medium%3Demail%26utm_content%3Ddefault%26utm_campaign%3Ddagnts_catchall2%26utm_term%3Ddefault%26sub_id%3D357555332%26pub_id%3D42424_12&r=0.4900691118861751
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 08cffab1dd52321cd190fa23e37cd1483e8a9e19b366fe0e9436a304ab476798

Request headers

Referer: https://www.newamericanfunding.com/
Origin: https://www.newamericanfunding.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:36 GMT
content-encoding: br
last-modified: Fri, 20 May 2022 07:48:57 GMT
server: gfra1
etag: "628747e9-6bca"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27594
via: 1.1 google

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 164ms
125ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=326170&d=newamericanfunding.com&u=DD4BD194B96701498B0B5EA76D1FB771F&h=0c8ef78eea83289967d2dc004fa311b2&t=false&r=0.22742367160704657

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 07:45:37 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 290ms
64ms Image
image/gif 212.82.100.181

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2022%20May%202022%2007%3A45%3A37%20GMT&n=0&b=Lander%20Form%20J&.yp=27998&f=https%3A%2F%2Fwww.newamericanfunding.com%2Flfj%2Fdagnts%2F%3Frefinance%3D23950391%26purchase%3D23950276%26phone%3D8553070924%26utm_source%3DDagnts%26utm_medium%3Demail%26utm_content%3Ddefault%26utm_campaign%3Ddagnts_catchall2%26utm_term%3Ddefault%26sub_id%3D357555332%26pub_id%3D42424_12&e=http%3A%2F%2Fusers.tpg.com.au%2F&enc=UTF-8&yv=1.12.0&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 07:45:37 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Sun, 22 May 2022 07:45:37 GMT

GET
DATA 200
OK truncated
/ 35 KB
35 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b13ff2be03a87b20075888ba3181ba73dfe069bf30c27ed7053f69b06bb7f4b9

Request headers

Referer
Origin: https://www.newamericanfunding.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 49 KB
49 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c2519c21832d1db0606a6d8e55508547384c2d80e08b73c7fda09ef82ba4b3c

Request headers

Referer
Origin: https://www.newamericanfunding.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 51 KB
51 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b341d6332ab166d26c01bb7cae8dc01ea2d4588940e1443ed10be6d48a199ceb

Request headers

Referer
Origin: https://www.newamericanfunding.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 51 KB
51 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16c6f70d1cb810d6fa6bd07f4b2d551ea51bf42f0c1e299f3a17e6f0c5f896d3

Request headers

Referer
Origin: https://www.newamericanfunding.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 29 KB
29 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20eb3c2b4f04f00252962a713ebdc92057bc9b77e0da564001aae5af49347c07

Request headers

Referer
Origin: https://www.newamericanfunding.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 165ms
61ms Image
image/gif 2a00:1450:4001:800::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-17024218-1&cid=1696780638.1653205537&jid=10506775&_u=aGDAAEABAAAAAG~&z=1272324717

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 07:45:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 164ms
63ms Image
image/gif 2a00:1450:4001:830::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-17024218-1&cid=1696780638.1653205537&jid=10506775&_u=aGDAAEABAAAAAG~&z=1272324717

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 07:45:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/848925655/ 42 B
64 B 150ms
51ms Image
image/gif 2a00:1450:4001:800::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/848925655/?random=1653205537187&cv=9&fst=1653202800000&num=1&label=K8Y3CIun6cIBENen5pQD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5b0&sendb=1&frm=0&url=https%3A%2F%2Fwww.newamericanfunding.com%2Flfj%2Fdagnts%2F%3Frefinance%3D23950391%26purchase%3D23950276%26phone%3D8553070924%26utm_source%3DDagnts%26utm_medium%3Demail%26utm_content%3Ddefault%26utm_campaign%3Ddagnts_catchall2%26utm_term%3Ddefault%26sub_id%3D357555332%26pub_id%3D42424_12&ref=http%3A%2F%2Fusers.tpg.com.au%2F&tiba=Lander%20Form%20J&async=1&fmt=3&is_vtc=1&random=1924857692&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 07:45:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/848925655/ 42 B
64 B 149ms
51ms Image
image/gif 2a00:1450:4001:830::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/848925655/?random=1653205537187&cv=9&fst=1653202800000&num=1&label=K8Y3CIun6cIBENen5pQD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5b0&sendb=1&frm=0&url=https%3A%2F%2Fwww.newamericanfunding.com%2Flfj%2Fdagnts%2F%3Frefinance%3D23950391%26purchase%3D23950276%26phone%3D8553070924%26utm_source%3DDagnts%26utm_medium%3Demail%26utm_content%3Ddefault%26utm_campaign%3Ddagnts_catchall2%26utm_term%3Ddefault%26sub_id%3D357555332%26pub_id%3D42424_12&ref=http%3A%2F%2Fusers.tpg.com.au%2F&tiba=Lander%20Form%20J&async=1&fmt=3&is_vtc=1&random=1924857692&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 07:45:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/848925655/ 42 B
64 B 148ms
49ms Image
image/gif 2a00:1450:4001:800::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/848925655/?random=1653205537184&cv=9&fst=1653202800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5b0&sendb=1&frm=0&url=https%3A%2F%2Fwww.newamericanfunding.com%2Flfj%2Fdagnts%2F%3Frefinance%3D23950391%26purchase%3D23950276%26phone%3D8553070924%26utm_source%3DDagnts%26utm_medium%3Demail%26utm_content%3Ddefault%26utm_campaign%3Ddagnts_catchall2%26utm_term%3Ddefault%26sub_id%3D357555332%26pub_id%3D42424_12&ref=http%3A%2F%2Fusers.tpg.com.au%2F&tiba=Lander%20Form%20J&async=1&fmt=3&is_vtc=1&random=4048767474&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 07:45:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/848925655/ 42 B
64 B 146ms
49ms Image
image/gif 2a00:1450:4001:830::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/848925655/?random=1653205537184&cv=9&fst=1653202800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5b0&sendb=1&frm=0&url=https%3A%2F%2Fwww.newamericanfunding.com%2Flfj%2Fdagnts%2F%3Frefinance%3D23950391%26purchase%3D23950276%26phone%3D8553070924%26utm_source%3DDagnts%26utm_medium%3Demail%26utm_content%3Ddefault%26utm_campaign%3Ddagnts_catchall2%26utm_term%3Ddefault%26sub_id%3D357555332%26pub_id%3D42424_12&ref=http%3A%2F%2Fusers.tpg.com.au%2F&tiba=Lander%20Form%20J&async=1&fmt=3&is_vtc=1&random=4048767474&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 07:45:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST events
fbcapi.newamericanfunding.com/ 0
0

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 122ms
38ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=324428834398241&ev=PageView&dl=https%3A%2F%2Fwww.newamericanfunding.com%2Flfj%2Fdagnts%2F%3Frefinance%3D23950391%26purchase%3D23950276%26phone%3D_removed_%26utm_source%3DDagnts%26utm_medium%3Demail%26utm_content%3Ddefault%26utm_campaign%3Ddagnts_catchall2%26utm_term%3Ddefault%26sub_id%3D357555332%26pub_id%3D42424_12%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%2522phone%2522%255D%252C%2522sensitiveParams%2522%253A%255B%255D%257D&rl=http%3A%2F%2Fusers.tpg.com.au%2F%3F_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522sensitiveParams%2522%253A%255B%255D%257D&if=false&ts=1653205537392&sw=1600&sh=1200&v=2.9.60&r=stable&ec=0&o=28&fbp=fb.1.1653205537389.604621829&eid=ob3_plugin-set_27b14296b30b91f7960101088641c8cea9f42a5baebe5087f15d1d4c09d84590&it=1653205537133&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 22 May 2022 07:45:37 GMT

GET
H3 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 406ms
406ms XHR
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: www.newamericanfunding.com
URL: https://www.newamericanfunding.com/ruxitagentjs_ICA27QVfghjlqrtux_10239220408103229.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newamericanfunding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:45:37 GMT
content-encoding: br
last-modified: Fri, 20 May 2022 07:48:57 GMT
server: gfra1
etag: "628747e9-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599
via: 1.1 google

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.newamericanfunding.com
URL: https://www.newamericanfunding.com/umbraco/surface/socialreview/getreviewsgrandtotal

Domain: fbcapi.newamericanfunding.com
URL: https://fbcapi.newamericanfunding.com/events

Verdicts & Comments Add Verdict or Comment

165 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.newamericanfunding.com/lfj/dagnts	1969-12-31 23:59:59	Name: localStorageLogger Value: alreadyLogged
www.br2ghatrk.com/	1970-01-20 03:13:29	Name: uniqueClick_76KDZW Value: fb243894-3d90-4f9e-a7f3-50fab5eb254f:1653205533
www.br2ghatrk.com/	1970-01-20 05:23:01	Name: transaction_id Value: 161f17a2159647d8988d76d9d6b44bcb
.trktotal.com/	1969-12-31 23:59:59	Name: st Value: J2DNqS/pFNFf2V9vbHzcrQeJgv/DzMHrTaqSMoxNXTSspZlBZXDxxg==
.trktotal.com/	1970-01-20 20:46:03	Name: tib Value: faVroZp0t6VJCfLQvVVmAweJgv/DzMHrTaqSMoxNXTSspZlBZXDxxg==
.trktotal.com/	1970-01-20 03:56:37	Name: c31595 Value: J2DNqS/pFNHrq9VqzQaeET8vuOxEBPkafIpxb+BLypTXdjOXgGxjSA==
www.newamericanfunding.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: v2vy3zvp25yh4rpi2n00jh0e
www.newamericanfunding.com/	1978-01-11 21:31:40	Name: SessionId Value: 52149da5-eb63-43a4-9450-bc57cc9842ae
.newamericanfunding.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_6_sn_15AE79570CB792480B7A075B01BA0582_perc_100000_ol_0_mul_1_app-3Ab532b35028ac74a8_1_rcs-3Acss_0
.newamericanfunding.com/	1969-12-31 23:59:59	Name: rxVisitor Value: 1653205536472L7EUVHETSB6S7QS7G4REG2LPI7120F7S
.newamericanfunding.com/	1969-12-31 23:59:59	Name: dtLatC Value: 963
.newamericanfunding.com/	1969-12-31 23:59:59	Name: dtSa Value: -
.newamericanfunding.com/	1970-01-20 05:23:01	Name: _gcl_au Value: 1.1.847981033.1653205537
.newamericanfunding.com/	1970-01-20 20:44:37	Name: _ga Value: GA1.2.1696780638.1653205537
.newamericanfunding.com/	1970-01-20 03:14:51	Name: _gid Value: GA1.2.654172020.1653205537
.newamericanfunding.com/	1970-01-20 03:13:25	Name: _dc_gtm_UA-17024218-1 Value: 1
.bing.com/	1970-01-20 12:35:01	Name: MUID Value: 0177621BD44D69F5312A73B7D5C668BE
.criteo.com/	1970-01-20 12:35:01	Name: uid Value: c70cdc81-2412-47b5-9ffc-0bc75b81a47d
.newamericanfunding.com/	1970-01-20 03:13:25	Name: _gat_UA-17024218-1 Value: 1
.newamericanfunding.com/	1969-12-31 23:59:59	Name: rxvt Value: 1653207337179\|1653205536474
.newamericanfunding.com/	1969-12-31 23:59:59	Name: dtPC Value: 6$205536468_344h11vTCRPJIVUNHVNUPWRNPVDCPJMCMALCNAW-0e0
.newamericanfunding.com/	1970-01-20 03:14:51	Name: _uetsid Value: 2b5b0950d9a311ec88de5db874360f40
.newamericanfunding.com/	1970-01-20 12:35:01	Name: _uetvid Value: 2b5b2030d9a311ec9205a5a5f2036a03
.newamericanfunding.com/	1970-01-20 12:00:27	Name: _vwo_uuid_v2 Value: DD4BD194B96701498B0B5EA76D1FB771F\|0c8ef78eea83289967d2dc004fa311b2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.newamericanfunding.com
bat.bing.com
cdnjs.cloudflare.com
connect.facebook.net
dev.visualwebsiteoptimizer.com
dynamic.criteo.com
fbcapi.newamericanfunding.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ipinfo.io
mrktrecord12.com
mug.criteo.com
s.yimg.com
s3.amazonaws.com
sp.analytics.yahoo.com
static.criteo.net
stats.g.doubleclick.net
trktotal.com
use.fortawesome.com
users.tpg.com.au
www.br2ghatrk.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.newamericanfunding.com
fbcapi.newamericanfunding.com
www.newamericanfunding.com
142.250.184.226
151.139.128.8
178.250.0.157
178.250.2.140
203.26.24.80
212.82.100.181
2600:9000:214f:7e00:12:548e:a040:93a1
2606:4700::6811:190e
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:800::2004
2a00:1450:4001:801::200a
2a00:1450:4001:810::2008
2a00:1450:4001:810::200a
2a00:1450:4001:812::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9a
2a02:2638:1::13
2a02:2638::3
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.117.59.81
34.95.111.143
34.96.102.137
35.169.19.145
35.71.138.75
54.231.200.208
0722e77458fcedadb2b7596ee392d9cedf6e69d241d325798759adc50c5599c6
08cffab1dd52321cd190fa23e37cd1483e8a9e19b366fe0e9436a304ab476798
095ad0b0018dff572ef0295960325979dd2e86bbb8dbcd34a8c346b515ee7644
0a9adccc17d9e34e3971bce91e3723f1fef884844fed6e6e10085e19745faef5
0aaed71320dc122a42a59383acc7b8071ba4aa5c7c47d667773218b38c32b443
0c2519c21832d1db0606a6d8e55508547384c2d80e08b73c7fda09ef82ba4b3c
0d9dbc7fd94c88a27d847152aa1187146cb1a83fa4e97d2b920614770a3702cc
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16c6f70d1cb810d6fa6bd07f4b2d551ea51bf42f0c1e299f3a17e6f0c5f896d3
1a5ab0903aa18f8a86d8a30aec33fbcc2ad017950beac1f5a0cf7bac2614617f
1d9519933c9bcca61b26125cc6acb022c41ef1a257b478d1392f8bae76fa3860
20eb3c2b4f04f00252962a713ebdc92057bc9b77e0da564001aae5af49347c07
2e03d3ac16dccd7ddeebbc28b02fd3585ac5f6f41f6eb48db03e6e0fc810c4ef
2f842a4aac122e4676ca976c46add9bdf5f1b634be9a013b121edccd16cc421d
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
31764e4ca364928c614c72e307104e8063e6dce150f99f4c2504a0fc925e6fff
32616067620334a7ffaf7499b6d123aa4dfe40521f1a690d589406a4676f0dee
3a9d536384efa6a5b27e81bf8b7d16e279d9d7da7025bedfdb432dde9fc33be1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a72f9ae943f368a67c4abee3476c1f228b2f50ee07a89e21137aa2f9292c69a
4d1afecef16c7ca73196667ff2be44e0c9b273cd1be6aed1af28bf7c34da0047
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
5dc84f561da42bdda2d631a4e42d6cde8cb002ac1b42ebf01aa83a7906d9c7b7
6163d42cd4f6ee6b0ec2649ab91189654d07eef9dbd92e0ba768612f813a21ff
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6a2a48868397d51dcb49fb332cc31708377657d01c9ea1918f6f8d16e5c9e6c0
6edffc356433a7d852141810018fe672e8492539f9d11c26986fbb1bc726b7d7
77fe5ff8fe0d5a18bca77be557dc3bd320ec4b4a66f6a4d3e667f040bd3c91e4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
850f365c97a72f65e02a6070187e1b181ad940a83d01305f8d6ef7995831c466
853132bb72144f1565e59d4b5e504e8a30d62d5bf6c4c448d389999476b77d87
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
8b2993427231b689c36ca8ee8f0c0e97d08b3ca55b0e8dcd06d9b5d7a9441feb
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9264e3ee3196db4257dff44aa744e2060acf7d963c2395146714604e28795cdc
94274e4fe6c686e5470c69bd3e2bb979fd00818dc046402b7f4e323866777466
9dd379e32b8ecaa0011f2d5e6c1a3303b50b1b046d692ded1192c6485cd82ec2
9f4d1ca812315c6cbda73d0f7eacd54451037bd2fb0a21b27e96c3e3e0c1ca0c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a77db4ac21841c3a09b7536f9e27776b0100ce38c8d689dd813a1cd1f3831138
aa14ba333c2a455f701745e5fb66363dbfa7314bd34ca0c3468e775d0336f625
ab9d330fef23c628addac5b9306b4d7a15bf84fd1db8588a91523b4547b475b2
acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1
ad1db1404602f099c298a2d903d4db91e16fa2ca295599533971383523c6acf9
b13ff2be03a87b20075888ba3181ba73dfe069bf30c27ed7053f69b06bb7f4b9
b270ff5dca8e4fa641b4fb1e08683bc5826351cc3f6a3165e2d6134216a20187
b341d6332ab166d26c01bb7cae8dc01ea2d4588940e1443ed10be6d48a199ceb
b77579a6afee59a8e83f0348ee8123691d314259829a16eea2f0943f6c01e514
d5eeae46c9661fea731fd997c6afffdb6866b54c04d3c0f468ac029a35fffcbe
d709f110bd9f41f30c9942e9d0f77e5b88f731665f1f1d9bcb04d206b5455ccf
dc4b69ba7c417a49b29c88eb4b8a3fbae8b158db1b6a2d29235194c9de1c5459
dc80b239609a20048dfffddbda84c2b7eb107c1d4b9c9245bf20226d2b95e0da
dcb31c4ac1ffbf43d3f036c39f64e614b9e623a205b40e7ddb3ec6b9cf663694
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ab0563bda79f27dd9e534a42684fe8cfc0fba8ee107cf7fb582e7ea93a9039
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
ea51c1db95d9a533fc4eea0588b21175d83d3867ee72a71402c9866905012036
eabdc61feb8193557f03ac137a8d39f71a55974d1e622f88bde68a715b2070ff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c235d0dbd612ddf050450be7a4ed02353c3b043edb420abd679656ad49fd03
fb178d0a551b045b17f8876b0cedaa4cedfd253c4de00150469b776666226d45
fd724882dc8a94e7d01094c644badf758051ed60099bb88faf936286f214c97c

www.newamericanfunding.com Open in urlscan Pro 35.71.138.75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

95 %HTTPS

59 %IPv6

25 Domains

31 Subdomains

28 IPs

6 Countries

1313 kBTransfer

2826 kBSize

24 Cookies

3 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.newamericanfunding.com Open in urlscan Pro
35.71.138.75 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

95 %
HTTPS

59 %
IPv6

25
Domains

31
Subdomains

28
IPs

6
Countries

1313 kB
Transfer

2826 kB
Size

24
Cookies

73 HTTP transactions
6 data transactions