urlscan.io logo urlscan.io
SecurityTrails logo

analyze.nw-click.com Open in urlscan Pro
2600:9000:20ed:2c00:c:d509:13c0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://s3.us-east-2.amazonaws.com/neldtontesmaphe/neldtontesmaphe.html#qs=r-aekggadhhhjbckiafgjgghhacccgbjgeafejgbabababaedadgbacc...
Effective URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditio...
Submission: On November 14 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 3 countries across 22 domains to perform 88 HTTP transactions. The main IP is 2600:9000:20ed:2c00:c:d509:13c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is analyze.nw-click.com. The Cisco Umbrella rank of the primary domain is 954485.
TLS certificate: Issued by Amazon on August 25th 2022. Valid for: a year.
This is the only time analyze.nw-click.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 52.219.109.49 16509 (AMAZON-02)
1 1 14.192.51.91 135542 (LIGHTCLOU...)
1 1 34.224.181.209 14618 (AMAZON-AES)
1 1 18.210.69.85 14618 (AMAZON-AES)
1 1 34.204.122.224 14618 (AMAZON-AES)
16 2600:9000:20e... 16509 (AMAZON-02)
9 104.18.14.6 13335 (CLOUDFLAR...)
6 23.22.5.68 14618 (AMAZON-AES)
1 6 52.71.143.120 14618 (AMAZON-AES)
2 2600:9000:20e... 16509 (AMAZON-02)
6 13.224.207.4 16509 (AMAZON-02)
1 13.224.208.198 16509 (AMAZON-02)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 52.86.93.38 14618 (AMAZON-AES)
5 2600:1f18:24e... 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 52.36.82.178 16509 (AMAZON-02)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 13.224.214.97 16509 (AMAZON-02)
12 23.36.1.40 20940 (AKAMAI-ASN1)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 13.224.214.90 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
88 22
1    52.219.109.49 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3.us-east-2.amazonaws.com
s3.us-east-2.amazonaws.com
1    14.192.51.91 (Central, Hong Kong)

ASN135542 (LIGHTCLOUD-AS-AP LIGHT CLOUD TECHNOLOGY, MY)
PTR: buscadorcito.com
communisearch.duckdns.org
1    34.224.181.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-181-209.compute-1.amazonaws.com
ddggpro.com
1    18.210.69.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-69-85.compute-1.amazonaws.com
speedtrkzone.com
1    34.204.122.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-122-224.compute-1.amazonaws.com
tracking.plpro.co
16    2600:9000:20ed:2c00:c:d509:13c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
analyze.nw-click.com
9    104.18.14.6 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
www.nerdwallet.com
6    23.22.5.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-5-68.compute-1.amazonaws.com
leadid.onthebarrelhead.com
6    52.71.143.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-143-120.compute-1.amazonaws.com
api.trustedform.com
2    2600:9000:20ed:5800:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.trustedform.com
6    13.224.207.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-207-4.phl50.r.cloudfront.net
cdn.segment.com
1    13.224.208.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-208-198.phl50.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
4    2606:4700:20::ac43:4aaa (United States)

ASN13335 (CLOUDFLARENET, US)
api.onthebarrelhead.com
1    52.86.93.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-93-38.compute-1.amazonaws.com
deviceid.trueleadid.com
5    2600:1f18:24e6:b901:6790:af1:bf99:3f63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rum.browser-intake-datadoghq.com
2    2607:f8b0:4006:81e::2008 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2607:f8b0:4006:81f::200a (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    52.36.82.178 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-82-178.us-west-2.compute.amazonaws.com
api.segment.io
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    13.224.214.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-97.phl50.r.cloudfront.net
static.hotjar.com
vars.hotjar.com
12    23.36.1.40 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-1-40.deploy.static.akamaitechnologies.com
analytics.tiktok.com
3    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    13.224.214.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-90.phl50.r.cloudfront.net
script.hotjar.com
1    2607:f8b0:4006:822::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
16 nw-click.com
analyze.nw-click.com — Cisco Umbrella Rank: 954485
1 MB
12 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 804
88 KB
10 onthebarrelhead.com
leadid.onthebarrelhead.com — Cisco Umbrella Rank: 596265
api.onthebarrelhead.com — Cisco Umbrella Rank: 705455
8 KB
9 nerdwallet.com
www.nerdwallet.com — Cisco Umbrella Rank: 34819
56 KB
8 trustedform.com
api.trustedform.com — Cisco Umbrella Rank: 25584
cdn.trustedform.com — Cisco Umbrella Rank: 28740
42 KB
6 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1331
42 KB
5 browser-intake-datadoghq.com
rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 2902
4 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 364
184 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 139
132 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 625
script.hotjar.com — Cisco Umbrella Rank: 763
vars.hotjar.com — Cisco Umbrella Rank: 824
71 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 376
12 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
203 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
142 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
351 B
1 segment.io
api.segment.io — Cisco Umbrella Rank: 950
178 B
1 trueleadid.com
deviceid.trueleadid.com — Cisco Umbrella Rank: 15757
2 KB
1 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
2 KB
1 plpro.co
tracking.plpro.co
2 KB
1 speedtrkzone.com
speedtrkzone.com
940 B
1 ddggpro.com
ddggpro.com
379 B
1 duckdns.org
communisearch.duckdns.org
446 B
1 amazonaws.com
s3.us-east-2.amazonaws.com
469 B
88 22
Domain Requested by
16 analyze.nw-click.com s3.us-east-2.amazonaws.com
analyze.nw-click.com
cdn.trustedform.com
12 analytics.tiktok.com s3.us-east-2.amazonaws.com
analytics.tiktok.com
9 www.nerdwallet.com analyze.nw-click.com
cdn.trustedform.com
6 cdn.segment.com s3.us-east-2.amazonaws.com
analyze.nw-click.com
cdn.segment.com
6 api.trustedform.com 1 redirects api.trustedform.com
cdn.trustedform.com
6 leadid.onthebarrelhead.com analyze.nw-click.com
deviceid.trueleadid.com
5 rum.browser-intake-datadoghq.com analyze.nw-click.com
4 maps.googleapis.com analyze.nw-click.com
maps.googleapis.com
4 api.onthebarrelhead.com analyze.nw-click.com
3 connect.facebook.net s3.us-east-2.amazonaws.com
connect.facebook.net
3 bat.bing.com www.googletagmanager.com
bat.bing.com
2 www.facebook.com
2 www.googletagmanager.com analyze.nw-click.com
www.googletagmanager.com
2 cdn.trustedform.com analyze.nw-click.com
api.trustedform.com
1 vars.hotjar.com static.hotjar.com
1 www.google-analytics.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.googletagmanager.com
1 api.segment.io analyze.nw-click.com
1 deviceid.trueleadid.com d2m2wsoho8qq12.cloudfront.net
1 d2m2wsoho8qq12.cloudfront.net analyze.nw-click.com
1 tracking.plpro.co 1 redirects
1 speedtrkzone.com 1 redirects
1 ddggpro.com 1 redirects
1 communisearch.duckdns.org 1 redirects
1 s3.us-east-2.amazonaws.com
88 26
Subject Issuer Validity Valid
*.s3.us-east-2.amazonaws.com
Amazon		 2022-09-21 -
2023-08-31		 a year crt.sh
*.analyze.nw-click.com
Amazon		 2022-08-25 -
2023-09-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-08 -
2023-04-07		 a year crt.sh
leadid.onthebarrelhead.com
R3		 2022-11-14 -
2023-02-12		 3 months crt.sh
*.segment.com
Amazon		 2022-01-12 -
2023-02-10		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
onthebarrelhead.com
Cloudflare Inc ECC CA-3		 2022-04-30 -
2023-04-30		 a year crt.sh
deviceid.trueleadid.com
Amazon		 2022-01-07 -
2023-02-05		 a year crt.sh
*.browser-intake-datadoghq.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-21 -
2023-07-22		 a year crt.sh
*.trustedform.com
Amazon		 2022-09-11 -
2023-10-09		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
cdn.trustedform.com
Amazon		 2022-04-14 -
2023-05-13		 a year crt.sh
*.segment.io
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.hotjar.com
Amazon		 2022-10-25 -
2023-11-23		 a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-24 -
2022-11-22		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
Frame ID: D650F27EA8708A0A51B4288351D71197
Requests: 77 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=5CE506C6-D97B-C845-E9D3-CD8F400E14C8&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Frame ID: 3ECC7DC4CE53536F5DD0B78590F88F79
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=5CE506C6-D97B-C845-E9D3-CD8F400E14C8&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Frame ID: D72F23E95351A0F2598BDE3825CB419B
Requests: 2 HTTP requests in this frame

Frame: https://api.trustedform.com/certs
Frame ID: 2D6B75B265DB1778B23E57B3F199DC88
Requests: 1 HTTP requests in this frame

Frame: https://api.trustedform.com/certs/c1b6fd42cf40c6ec45efab48f698b7c5feed11f1/snapshot
Frame ID: 0AD4D4D3009C3586F8837121E048A294
Requests: 4 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
Frame ID: DCE02FF1817635927D6C390134C9015F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NerdWallet: Make all the right money movesNerdWalletNerdWallet

Page URL History Show full URLs

  1. https://s3.us-east-2.amazonaws.com/neldtontesmaphe/neldtontesmaphe.html Page URL
  2. http://communisearch.duckdns.org/qs=r-aekggadhhhjbckiafgjgghhacccgbjgeafejgbabababaedadgbaccadbkjadfkcacdjfeeacb HTTP 302
    http://ddggpro.com/?E=0S73g7xSqd2k%2buCrnmQgZsAYk4WQEn7kDbfaF54T%2fx8%3d&s1=43850_11150853_11_2... HTTP 302
    https://speedtrkzone.com/?E=0S73g7xSqd2k%2buCrnmQgZsAYk4WQEn7kDbfaF54T%2fx8%3d&s1=43850_11150853_11_2... HTTP 302
    http://tracking.plpro.co/aff_c?offer_id=99&aff_id=1006&aff_sub=42626&aff_sub2=43850_11150853_11_2491_... HTTP 302
    https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=Ne... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

88
Requests

98 %
HTTPS

40 %
IPv6

22
Domains

26
Subdomains

22
IPs

3
Countries

1983 kB
Transfer

7244 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://s3.us-east-2.amazonaws.com/neldtontesmaphe/neldtontesmaphe.html Page URL
  2. http://communisearch.duckdns.org/qs=r-aekggadhhhjbckiafgjgghhacccgbjgeafejgbabababaedadgbaccadbkjadfkcacdjfeeacb HTTP 302
    http://ddggpro.com/?E=0S73g7xSqd2k%2buCrnmQgZsAYk4WQEn7kDbfaF54T%2fx8%3d&s1=43850_11150853_11_2491_32&s2=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&s3=32 HTTP 302
    https://speedtrkzone.com/?E=0S73g7xSqd2k%2buCrnmQgZsAYk4WQEn7kDbfaF54T%2fx8%3d&s1=43850_11150853_11_2491_32&s2=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&s3=32&ckmguid=28d43762-fd1d-4179-b303-672571f1dccf HTTP 302
    http://tracking.plpro.co/aff_c?offer_id=99&aff_id=1006&aff_sub=42626&aff_sub2=43850_11150853_11_2491_32&aff_sub3=388527089&aff_sub4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&aff_sub5=32 HTTP 302
    https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16684537570690.7826284065790969&invert_field_sensitivity=false HTTP 301
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16684537570690.7826284065790969&invert_field_sensitivity=false

88 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
neldtontesmaphe.html
s3.us-east-2.amazonaws.com/neldtontesmaphe/ 		113 B
469 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s3.us-east-2.amazonaws.com/neldtontesmaphe/neldtontesmaphe.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.109.49 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
113
Content-Type
text/html
Date
Mon, 14 Nov 2022 19:22:36 GMT
ETag
"0c960fc16b0f14a21e3b3ffb1e836058"
Last-Modified
Sun, 13 Nov 2022 16:57:22 GMT
Server
AmazonS3
x-amz-id-2
I4dl1t6QD0Ip9DTpjoxLJOzxNnfw3fEprAKIy31NswniD5HWGo8iaF5/ClHVlHr9F4qE4f0xpFA=
x-amz-request-id
2Y8KRD28W9GP16PB
Primary Request personal-loan
analyze.nw-click.com/
Redirect Chain
  • http://communisearch.duckdns.org/qs=r-aekggadhhhjbckiafgjgghhacccgbjgeafejgbabababaedadgbaccadbkjadfkcacdjfeeacb
  • http://ddggpro.com/?E=0S73g7xSqd2k%2buCrnmQgZsAYk4WQEn7kDbfaF54T%2fx8%3d&s1=43850_11150853_11_2491_32&s2=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&s3=32
  • https://speedtrkzone.com/?E=0S73g7xSqd2k%2buCrnmQgZsAYk4WQEn7kDbfaF54T%2fx8%3d&s1=43850_11150853_11_2491_32&s2=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&s3=32&ckmguid=28d43762-f...
  • http://tracking.plpro.co/aff_c?offer_id=99&aff_id=1006&aff_sub=42626&aff_sub2=43850_11150853_11_2491_32&aff_sub3=388527089&aff_sub4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&aff...
  • https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId...
1 KB
972 B 		Document
General
Check archive.org
Download Go to
Full URL
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
Requested by
Host: s3.us-east-2.amazonaws.com
URL: https://s3.us-east-2.amazonaws.com/neldtontesmaphe/neldtontesmaphe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:2c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b9b7fe37d238a70a7420a3ef743fd7cb77674cc55ad3730a485052a828c59448

Request headers

Referer
https://s3.us-east-2.amazonaws.com/neldtontesmaphe/neldtontesmaphe.html#qs=r-aekggadhhhjbckiafgjgghhacccgbjgeafejgbabababaedadgbaccadbkjadfkcacdjfeeacb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
public, max-age=0, s-maxage=2
content-encoding
gzip
content-type
text/html
date
Mon, 14 Nov 2022 19:22:37 GMT
etag
W/"7e8a9157bc0b8043f157f4799c7b7dba"
last-modified
Thu, 10 Nov 2022 23:55:39 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 193d4441ee6d312fd234f2d28e48c110.cloudfront.net (CloudFront)
x-amz-cf-id
y-vAYphJDaAMt7cz1dAI_WC14ZfqAo1LCWj1TghBP2QayU7HYpiLmg==
x-amz-cf-pop
PHL50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront

Redirect headers

Access-Control-Allow-Headers
Tune-SDK-Version
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
655
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 14 Nov 2022 19:22:36 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx
Tracking_id
102a47773c6c6ef0fe470919d58f38
X-Request-Id
297cbcb539de56660919d99bc5aa5761
X-Robots-Tag
noindex, nofollow
Gotham-Medium--critical.ee5c613487.woff2
www.nerdwallet.com/cdn/fonts/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/cdn/fonts/Gotham-Medium--critical.ee5c613487.woff2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.14.6 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18157870a65e487555dce9077bd3351b73a34fbdb844c4619b6fb5c530d58273

Request headers

Referer
https://analyze.nw-click.com/
Origin
https://analyze.nw-click.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:36 GMT
x-amz-version-id
WGxNQy8mBtoftWr2HdFv7vIcvFCp7NaI
cf-cache-status
HIT
x-amz-request-id
TWWY8MYMQNP19K22
age
9664260
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9436
x-amz-id-2
ogYbiruFQ1uV4M9UwthZGwdK6NE+beUSZHUtUUiQMp9YJOym0yX2sM0iHIh8nylCeEhfR+hRKXU=
last-modified
Mon, 22 Mar 2021 20:57:27 GMT
server
cloudflare
etag
"ee5c6134876f0895658e48bb0bda8971"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
76a21dec792932f0-EWR
x-nerd
Edge
Gotham-Book--critical.fdbad282be.woff2
www.nerdwallet.com/cdn/fonts/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/cdn/fonts/Gotham-Book--critical.fdbad282be.woff2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.14.6 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba8be65746ca30fadff7deb639117ec587a44e0428f89218d70bc5e4888ac308

Request headers

Referer
https://analyze.nw-click.com/
Origin
https://analyze.nw-click.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:36 GMT
x-amz-version-id
YqixNq.3i6.6M4vrHwt_2_NRU9maJc4k
cf-cache-status
HIT
x-amz-request-id
TWWMW96KX5ABW67H
age
9664260
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9492
x-amz-id-2
q/z8alRtAzw+Hnza5cWRhxhmTGKwNJX9QW7eNX9b55pqc1h0aBkgurFQDlxNbQ3uRfh1CshlvOA=
last-modified
Mon, 22 Mar 2021 20:57:29 GMT
server
cloudflare
etag
"fdbad282bee3da1c38146487b9c2f412"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
76a21dec792b32f0-EWR
x-nerd
Edge
Gotham-Bold--critical.dcf83fb890.woff2
www.nerdwallet.com/cdn/fonts/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/cdn/fonts/Gotham-Bold--critical.dcf83fb890.woff2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.14.6 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ae4bbc3bbd5733dcaf9302940b4115e5871733f71ab3f3e7250e693b4d05f6d

Request headers

Referer
https://analyze.nw-click.com/
Origin
https://analyze.nw-click.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:36 GMT
x-amz-version-id
csXDMdMerAERSVKnyZV8Lz_tNycn6X8X
cf-cache-status
HIT
x-amz-request-id
TWWJN8P6EGTD7WQH
age
9664260
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9112
x-amz-id-2
SyTqDnqoRok18c1vxXgMsF/74Xvsyz+GS2KnwvoU0zc8BwOC7+qU2wq2TgM4Hrx1JNc8+YJF0Sg=
last-modified
Mon, 22 Mar 2021 20:57:29 GMT
server
cloudflare
etag
"dcf83fb8902adcc5fd75fdf6da548573"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
76a21dec792d32f0-EWR
x-nerd
Edge
ChronicleDisplay-Semibold--critical.2c31edcaf3.woff2
www.nerdwallet.com/cdn/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/cdn/fonts/ChronicleDisplay-Semibold--critical.2c31edcaf3.woff2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.14.6 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c45992da4f0169a7651346ef0a4cb27efe93b28a3b80d230a6f428a0e242db65

Request headers

Referer
https://analyze.nw-click.com/
Origin
https://analyze.nw-click.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:36 GMT
x-amz-version-id
hxLS9BBjDUYsoPEtm4oIowkdM_ODkcgf
cf-cache-status
HIT
x-amz-request-id
TWWHR2T5B6F3HZRJ
age
9664260
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11012
x-amz-id-2
OCiuF5QrGVbIVNyePetETccvoGPvuYSdqc73bF4FQzwvbeDgSCQsmHPGjxll58tIOKoLr7wEqz8=
last-modified
Mon, 22 Mar 2021 20:57:29 GMT
server
cloudflare
etag
"2c31edcaf37bc7ca0ca1103d29b5f5f1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
76a21dec793032f0-EWR
x-nerd
Edge
ChronicleDisplay-Roman--critical.835fdb1566.woff2
www.nerdwallet.com/cdn/fonts/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/cdn/fonts/ChronicleDisplay-Roman--critical.835fdb1566.woff2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.14.6 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
159c6b1e9f2d3b4d2fc9530c5da40152f37a34551bd0a7fb528f7ff6e3d9d83a

Request headers

Referer
https://analyze.nw-click.com/
Origin
https://analyze.nw-click.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:36 GMT
x-amz-version-id
TByrbO0kqrqPKmq32uLn3LcxEk8692TL
cf-cache-status
HIT
x-amz-request-id
TWWJ7WEJPHAS5R80
age
9664260
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10240
x-amz-id-2
5sg+LN78+Eiq8mprtKY7VdaHLsgOogCgs1oMiZsimR5mhKfsXFeqZF6rbifAMSnOcgXiLkzlIE0=
last-modified
Mon, 22 Mar 2021 20:57:28 GMT
server
cloudflare
etag
"835fdb1566f032e3c41742af1a1ebc3c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
76a21dec793132f0-EWR
x-nerd
Edge
nerdwallet.ad5d5308.css
analyze.nw-click.com/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analyze.nw-click.com/nerdwallet.ad5d5308.css
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:2c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d7da9f674b731fd8f94b81f211bbc652be9e4635f4c5f91d9dbe6312a1f97dd1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:37 GMT
content-encoding
gzip
via
1.1 193d4441ee6d312fd234f2d28e48c110.cloudfront.net (CloudFront)
last-modified
Thu, 10 Nov 2022 23:55:39 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
x-amz-server-side-encryption
AES256
etag
W/"4259076606db0f005664610eae4992aa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
h5wP4G5rALjCQBF7dJ72YbHY8qdlWrBqCkgonIDsrTsCkrvOzCWYXw==
nw-pixel-v1.gif
www.nerdwallet.com/blog/wp-content/themes/nerdwallet/assets/tracking/ 		42 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nerdwallet.com/blog/wp-content/themes/nerdwallet/assets/tracking/nw-pixel-v1.gif
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.14.6 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:36 GMT
content-security-policy
frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
x-cache-status
HIT
content-security-policy-report-only
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval';
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42
x-xss-protection
1; mode=block;
last-modified
Fri, 11 Nov 2022 01:48:51 GMT
server
cloudflare
etag
"636daa03-2a"
x-frame-options
SAMEORIGIN
vary
Origin, Origin
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
76a21dec8f391760-EWR
x-nerd
Edge
expires
Thu, 31 Dec 2037 23:55:55 GMT
nerdwallet.5172c221.js
analyze.nw-click.com/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://analyze.nw-click.com/nerdwallet.5172c221.js
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:2c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6984cff50e70f2ae4235a0ff5df823b3ad473fe89129d910a210bde7509b4a1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:37 GMT
content-encoding
gzip
via
1.1 193d4441ee6d312fd234f2d28e48c110.cloudfront.net (CloudFront)
last-modified
Thu, 10 Nov 2022 23:55:39 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
x-amz-server-side-encryption
AES256
etag
W/"f1eb922602e4a662f51eb7f5a361f3e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
uoPXh9XC2w80HFmu0EeFCZCHNwh4cGPOKV3pm-pYYOFK-G3u6BwfgA==
GenerateToken
leadid.onthebarrelhead.com/2.11.9/ 		36 B
992 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/GenerateToken?msn=1&pid=2bca0ad5-e03e-4466-b02f-8a4b84294aef&_=762854091
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.5172c221.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.22.5.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-5-68.compute-1.amazonaws.com
Software
envoy /
Resource Hash
b01ed2315bcad25c0e9dc4b98c0432852ff5cfa2135ccbce168da152850626ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 14 Nov 2022 19:22:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
75
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bootstrap.js
cdn.trustedform.com/
Redirect Chain
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16684537570690.7826284065790969&invert_field_sensitivity=false
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16684537570690.7826284065790969&invert_field_sensitivity=false
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16684537570690.7826284065790969&invert_field_sensitivity=false
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
Protocol
H2
Server
2600:9000:20ed:5800:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b38ca12e230a61d08701d7fe2da4b7ec41b510d6af7712cc41b34e8b971de8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:38 GMT
x-amz-version-id
zf4ijuzvSsU0Tal.ZZJLDHqE7VqwjEi9
content-encoding
gzip
last-modified
Mon, 24 Oct 2022 17:48:28 GMT
server
AmazonS3
via
1.1 4e2a7874b5959279490dd3b94b18a312.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
etag
W/"647d5353b63df3b4ed201da87c98cc2d"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
3rf7hV8khFhtx_LxgDHW6pH2ABbWwTRVVZEOn2Rf8iGUlAC2PW_xMg==

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16684537570690.7826284065790969&invert_field_sensitivity=false
date
Mon, 14 Nov 2022 19:22:37 GMT
server
awselb/2.0
content-length
134
content-type
text/html
analytics.min.js
cdn.segment.com/analytics.js/v1/y9MooXE9G8HKp9OvwOdnfdGG7A2RJ6zX/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/y9MooXE9G8HKp9OvwOdnfdGG7A2RJ6zX/analytics.min.js
Requested by
Host: s3.us-east-2.amazonaws.com
URL: https://s3.us-east-2.amazonaws.com/neldtontesmaphe/neldtontesmaphe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-4.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c4c1b1d717b95f71df6aee145bd0bcf9d5783c2437af39325ff4e6f8fb817670

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
QcLVjOy6VnK2U8L0J8JDv1Pd8Yl5cWKa
content-encoding
br
via
1.1 235099561ba63a2b7662a2b20d9ac036.cloudfront.net (CloudFront)
date
Mon, 14 Nov 2022 19:22:06 GMT
x-amz-cf-pop
PHL50-C1
age
97
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 24 Oct 2022 19:49:52 GMT
server
AmazonS3
etag
W/"220f4c88786a54007569c509167e843b"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
aMZggHd08Unmipfdh4F831e84xzi_jMQYRJG_FWIwu6N0_xEmFsKaA==
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 3ECC 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=5CE506C6-D97B-C845-E9D3-CD8F400E14C8&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.5172c221.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.208.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-208-198.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
40904
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 14 Nov 2022 08:00:53 GMT
ETag
W/"63472048-dbb"
Last-Modified
Wed, 12 Oct 2022 20:15:04 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
X-Amz-Cf-Id
IN3Ou-qOLxOpHHV__hOFrVf0qiXLGxd4bD4prNUnRQ7lWyyzxd2Ldw==
X-Amz-Cf-Pop
PHL50-C1
X-Cache
Hit from cloudfront
SaveDom
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/SaveDom?msn=2&pid=2bca0ad5-e03e-4466-b02f-8a4b84294aef&token=5CE506C6-D97B-C845-E9D3-CD8F400E14C8&_=762854092
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.5172c221.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.22.5.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-5-68.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 14 Nov 2022 19:22:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
6
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
session
api.onthebarrelhead.com/api/v1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.onthebarrelhead.com/api/v1/session
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.5172c221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65d3434b584549ccbfde484225ccf848d7d456c73395fe12671a07f1833f69a8

Request headers

Accept
application/json, text/plain, */*
Referer
https://analyze.nw-click.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 14 Nov 2022 19:22:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
origin,accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovzuotlTtgGyqIs%2BKA%2FMtso%2BYtsl4BS%2F8LAORR9%2FdQg1s3EzlviWN7WDL0piyoz7l0Moy1cSkWekvbn2e6%2BE707zA4lH%2BexZDqRbdxEk%2Be4Hl9EjFqShsvyZbAD6B9mc94KntCzCgkaTG%2B0oJ3Mq6MqZPumG"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
cf-ray
76a21df0c900186d-EWR
session
api.onthebarrelhead.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.onthebarrelhead.com/api/v1/session
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://analyze.nw-click.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match
access-control-allow-methods
POST
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76a21df0887b186d-EWR
date
Mon, 14 Nov 2022 19:22:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ixhJLGmoIRjr4IiNU45R9gNjLbV%2B9HV1zx2aP1NUNQkRGVhKU6SZvcyiA2dlc3AIopeG%2FaZjTdNeiERiP0wVdFxuWCNw6XV1l9pGStZ0Vz3NbeuxgWrYEmc8Y1fyUTozS%2BXNJQvdmQikT4EWynIDfWDT0hov"}],"group":"cf-nel","max_age":604800}
server
cloudflare
a69414b8-64f2-4c4e-8311-a506e451ede9
https://analyze.nw-click.com/ 		25 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://analyze.nw-click.com/a69414b8-64f2-4c4e-8311-a506e451ede9
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48da1f3149b6e00e95d8ef4a57e773ab558a864b77c96f6019e4cfebe19106a6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length
25754
settings
cdn.segment.com/v1/projects/y9MooXE9G8HKp9OvwOdnfdGG7A2RJ6zX/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/y9MooXE9G8HKp9OvwOdnfdGG7A2RJ6zX/settings
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.5172c221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-4.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ac5c8700425310ef8e5dd04cc42515831c0893f0137255bdf49c4f29782ab8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
quEYcqPjz5HZqgT5dGoscvRxRKMvGSqg
content-encoding
br
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
date
Mon, 14 Nov 2022 16:49:48 GMT
x-amz-cf-pop
PHL50-C1
age
9248
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 31 Oct 2022 17:39:29 GMT
server
AmazonS3
etag
W/"9a905a3d64738bd0c4b6f88f651f4fbb"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
8rnPWNfUaxfQxFhCz7Y44HLW765J0-9Q2bTSIC-Q2cmn4ieSkkFWdQ==
iframe.html
deviceid.trueleadid.com/ Frame D72F 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deviceid.trueleadid.com/iframe.html?token=5CE506C6-D97B-C845-E9D3-CD8F400E14C8&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Requested by
Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=5CE506C6-D97B-C845-E9D3-CD8F400E14C8&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.93.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-93-38.compute-1.amazonaws.com
Software
nginx /
Resource Hash
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer
https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=86400 public
content-encoding
gzip
content-type
text/html
date
Mon, 14 Nov 2022 19:22:37 GMT
etag
W/"632c7ff9-1049"
expires
Tue, 15 Nov 2022 19:22:37 GMT
last-modified
Thu, 22 Sep 2022 15:32:09 GMT
p3p
CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server
nginx
ajs-destination.bundle.69f445038fee7a77bb89.js
cdn.segment.com/analytics-next/bundles/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.69f445038fee7a77bb89.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/y9MooXE9G8HKp9OvwOdnfdGG7A2RJ6zX/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-4.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a856c49200096e83ed1a3612d4b4fcb1961a1f66f1a5f78c19bb71e31b98d221

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 06:37:44 GMT
x-amz-version-id
VEXb3ALUrfGxSh3NC1VHYwYSJtI9Uquz
content-encoding
br
via
1.1 235099561ba63a2b7662a2b20d9ac036.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
477894
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 01 Nov 2022 20:34:54 GMT
server
AmazonS3
etag
W/"a92b4438941110932485ba4d769e9fcf"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
1FzB-BI3zBDwpHHdmcQLQ8TmAK1FTjcvIjOcTSNmeXtKQE-R2RVk6g==
SaveDeviceId.js
leadid.onthebarrelhead.com/2.11.9/ Frame D72F 		0
960 B 		Script
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/SaveDeviceId.js?lac=22813350-8774-3000-19AC-FC31C47988BB&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&methods=48&token=5CE506C6-D97B-C845-E9D3-CD8F400E14C8&uuid=1fdf3aba14aa4b928c56f6c1fa6020d2
Requested by
Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=5CE506C6-D97B-C845-E9D3-CD8F400E14C8&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.22.5.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-5-68.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://deviceid.trueleadid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 19:22:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
6
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
rum
rum.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.17.1%2Cservice%3Aanalyze-front-end&dd-api-key=puba17748089e0d77f22b4c6dfedca76a53&dd-evp-origin-version=4.17.1&dd-evp-origin=browser&dd-request-id=241cc381-e2b0-43d5-b652-8ba4ca3dcf82&batch_time=1668453757600
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.5172c221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:6790:af1:bf99:3f63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
schemaFilter.bundle.debb169c1abb431faaa6.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/y9MooXE9G8HKp9OvwOdnfdGG7A2RJ6zX/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-4.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 06:36:04 GMT
x-amz-version-id
XGkYvibAxfQWna3zU6586lgsc0JSa2z0
content-encoding
gzip
via
1.1 235099561ba63a2b7662a2b20d9ac036.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
1687594
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 25 Oct 2022 21:38:08 GMT
server
AmazonS3
etag
W/"3e448afdfea355c0f19700d04431ce7d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
Qnxpo7WPtL5lRaNklw4HOaDZSTJh6RpBb4BzkNmrl6clOtTcmA4SLQ==
ed984d68b220640a83ac.js
cdn.segment.com/next-integrations/actions/amplitude-plugins/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/actions/amplitude-plugins/ed984d68b220640a83ac.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/y9MooXE9G8HKp9OvwOdnfdGG7A2RJ6zX/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-4.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64445cdba1784cfe6dc6664a9d3ecde1d38565d04e349c6880db5f906bbd3aca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
ezoM5m0K7bvFDT3vhFqu5Oz2y3a.hU7Y
content-encoding
gzip
via
1.1 235099561ba63a2b7662a2b20d9ac036.cloudfront.net (CloudFront)
date
Mon, 14 Nov 2022 10:36:21 GMT
x-amz-cf-pop
PHL50-C1
age
83025
x-cache
Hit from cloudfront
last-modified
Thu, 27 Oct 2022 22:49:52 GMT
server
AmazonS3
etag
W/"93735322fe38b377fdda31af7a1e04d0"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
WeVQeaVSi8zHMM-eQaKJ27EBYWueok7xiQFTQbutX_2KlkfTLkpQ9w==
688.js
cdn.segment.com/next-integrations/actions/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/actions/688.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/amplitude-plugins/ed984d68b220640a83ac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-4.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1f63019de0e822b458883425231102caffd2264c09769a6e84e7a5264b41163a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
C1PVSL7XhnBKu.dHuu6nhSVC0dY1.k1s
content-encoding
br
via
1.1 235099561ba63a2b7662a2b20d9ac036.cloudfront.net (CloudFront)
date
Mon, 14 Nov 2022 07:10:37 GMT
x-amz-cf-pop
PHL50-C1
age
43921
x-cache
Hit from cloudfront
last-modified
Thu, 27 Oct 2022 22:49:51 GMT
server
AmazonS3
etag
W/"76e7b0ae7fedc42778084c894ea9d0dc"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
6KOceS1q6EZYccnSpRsNA7DWacKW_OU4tfzRV-KC2BgRev2DzDMpkA==
certs
api.trustedform.com/ Frame 2D6B 		475 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16684537570690.7826284065790969&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.143.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-143-120.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
853e34ec7ce0e41c4ca5b514a4c2b534e52bf39bf42f2e0eaa28178b4206801b

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Nov 2022 19:22:37 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
475
gtm.js
www.googletagmanager.com/ 		217 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MNTN8H2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.5172c221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5407429c1de116021bd47a460a228cd4bd0e7662e202aa94052d9ba4e94195fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75387
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 14 Nov 2022 19:22:37 GMT
js
maps.googleapis.com/maps/api/ 		167 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyDS-PiX0T0HhN3K_69LEvUOYySpGxNAaGk&libraries=places
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.5172c221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
970f8def9185a05f5cbe09849ce7c5b3578f7ace77ce02b5be29e23e17a592b6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:37 GMT
content-encoding
gzip
server
mafe
vary
Accept-Language
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=20
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55545
x-xss-protection
0
expires
Mon, 14 Nov 2022 19:52:37 GMT
upgrade.28544a93.png
analyze.nw-click.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/upgrade.28544a93.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:2c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
37473b44ff83bdebfe4656b14121fcf6213f1ab9c96be74e0b060f3cd9c11c11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:38 GMT
via
1.1 193d4441ee6d312fd234f2d28e48c110.cloudfront.net (CloudFront)
last-modified
Thu, 10 Nov 2022 23:55:39 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
etag
"b422751a04be77117bf763c033cc4353"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
2903
x-amz-cf-id
EO1UzlxH6iSMlJCnUzwfX2bHf3jwZr451YgVzBWbWPMcP-tcmfAjvw==
sofi.1a9e3ad8.png
analyze.nw-click.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/sofi.1a9e3ad8.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:2c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
209bbba6f7163b259848583858ea8e1cb5761089ad194de95a97e9601f9d7ccc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:38 GMT
via
1.1 193d4441ee6d312fd234f2d28e48c110.cloudfront.net (CloudFront)
last-modified
Thu, 10 Nov 2022 23:55:39 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
etag
"c4ce1ffe77ee99b77622a8ce267fd01e"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
1598
x-amz-cf-id
_P95HwuLf2ydVLy-iVsNVPaQFe3EYFgi-ydSvx6dR5L75M-6yqrU0w==
lendingclub.9d282818.png
analyze.nw-click.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/lendingclub.9d282818.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:2c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d793e9fc718ea6e7c8e81ddf7cdef6cc4bf5817c4869171b56fddbdee811269

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:38 GMT
via
1.1 193d4441ee6d312fd234f2d28e48c110.cloudfront.net (CloudFront)
last-modified
Thu, 10 Nov 2022 23:55:39 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
etag
"bbfb5d51d9a49005840cfba234bf3724"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
5732
x-amz-cf-id
vZrrHPBhqV9fv1GI3hHKfiOl_jBD00fzHLVO-J2A3QoBzFHnwD_PWA==
bestegg.48958c73.png
analyze.nw-click.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/bestegg.48958c73.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:2c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae68e771989d53e83a9887becea1cf92f05bb050409188d4476e8fe12834eaa4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:38 GMT
via
1.1 193d4441ee6d312fd234f2d28e48c110.cloudfront.net (CloudFront)
last-modified
Thu, 10 Nov 2022 23:55:39 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
etag
"cabb4579944c8b296d788a5ed918857f"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
3870
x-amz-cf-id
PugSwAOZF0U7ygm9zcyuL3eA3iynao4LgPdMFiZK2EcV4OJsw0Qo1A==
prosper.b70e666b.png
analyze.nw-click.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/prosper.b70e666b.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:2c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c53686b7318dc68f809d337ab0a9ec82db4d9d77e4f8c2d882151aef6cca082

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:38 GMT
via
1.1 193d4441ee6d312fd234f2d28e48c110.cloudfront.net (CloudFront)
last-modified
Thu, 10 Nov 2022 23:55:39 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
etag
"d732796ac77a22219c2f0e4c9c661590"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
4042
x-amz-cf-id
u8DcqSDzdg34hcoH_AVK5Q4nKFe9u7xh3bsLQDVu90Fx_MD37RbGBQ==
graphic.5182f59d.svg
analyze.nw-click.com/ 		56 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/graphic.5182f59d.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:2c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d37da68533f0bec1e870616609117f51870aa044e96f81c85bfb24a32e3253e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:38 GMT
content-encoding
gzip
via
1.1 193d4441ee6d312fd234f2d28e48c110.cloudfront.net (CloudFront)
last-modified
Thu, 10 Nov 2022 23:55:39 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
etag
W/"ac26fc1d0e12f359d738a22e75ea1be3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
G3PZ8vXfj-6x5-rqFGejyJ48I7JhLufY06Pup8K9WrVgBFy2lwRy7w==
step1.4798433f.svg
analyze.nw-click.com/ 		28 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/step1.4798433f.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:2c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df7d904b769cd337e322637742dc8a004200cc4142d7b4fb40f1b3c222191774

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:38 GMT
content-encoding
gzip
via
1.1 193d4441ee6d312fd234f2d28e48c110.cloudfront.net (CloudFront)
last-modified
Thu, 10 Nov 2022 23:55:39 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
etag
W/"b1ff304176046161d4322acb12f5a3ea"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
uP7yO1f74fhEAHbSvdgrB2RbItrojt-BM63O71tvrAf57T6IauhoIg==
step2.951bb7f4.svg
analyze.nw-click.com/ 		13 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/step2.951bb7f4.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:2c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b71779fb6bf169b8f365ad4ed7bb2559e122941f613cc69e6cd2004635f92fc0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:38 GMT
content-encoding
gzip
via
1.1 193d4441ee6d312fd234f2d28e48c110.cloudfront.net (CloudFront)
last-modified
Thu, 10 Nov 2022 23:55:39 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
etag
W/"b0de2862c933fecd011c45411876b971"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
UWrgq9ZnRpttRh46lhykAUtlLnU8-RHYHXRDAylfBxF2ym5lCHyoOg==
step3.837fc13e.svg
analyze.nw-click.com/ 		40 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/step3.837fc13e.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:2c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d925fff8efab019e1af1ff0f17536c75c75a98d4a3a4e2a0da301bb7e43488fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:38 GMT
content-encoding
gzip
via
1.1 193d4441ee6d312fd234f2d28e48c110.cloudfront.net (CloudFront)
last-modified
Thu, 10 Nov 2022 23:55:39 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
etag
W/"a798479fcc047df801b207b7f84457a5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
9DK1VCHMQhOdHEbjr-tm6m1gQq49DbIS8hNvha1qCV-QI2BD63QXdA==
trustedform-1.8.30.js
cdn.trustedform.com/ 		99 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/trustedform-1.8.30.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16684537570690.7826284065790969&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:5800:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6cdacbf051630f7d0e1f669c81e43a897165a3f7909adb2ec5b73ab0d8fa8863

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
C4KqA2Ml8NtIH1tcFWoBNv3GWDN3hi8K
content-encoding
gzip
via
1.1 4e2a7874b5959279490dd3b94b18a312.cloudfront.net (CloudFront)
date
Mon, 14 Nov 2022 19:22:29 GMT
last-modified
Mon, 24 Oct 2022 17:48:28 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
20
etag
W/"a5b5dad6197e972a745a719bfccfb334"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
tD198UDxTRG1eEhPOW6fx0anR9Qz5DqM3u4d5KV-Td1qCT3dCmT6Ig==
supergraph
www.nerdwallet.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/api/supergraph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.14.6 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-caller-client-id,x-client-platform
Access-Control-Request-Method
POST
Origin
https://analyze.nw-click.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-caller-client-id,x-client-platform
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
76a21df24c3f32f0-EWR
content-security-policy
frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
content-security-policy-report-only
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval';
date
Mon, 14 Nov 2022 19:22:37 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Access-Control-Request-Headers, Origin, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-nerd
Edge
x-xss-protection
1; mode=block;
events
api.onthebarrelhead.com/api/v1/session/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.onthebarrelhead.com/api/v1/session/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://analyze.nw-click.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match
access-control-allow-methods
POST
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76a21df24c01186d-EWR
date
Mon, 14 Nov 2022 19:22:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icnyQXOvb9xXCgVfFFr7TWOk%2BpSyGT8EJujHxJSwGWSzPRiaLgwGyvNXvjAcwpDqDzpgsptHOJHFSPxYZ5NR055hN7xC7QS52UHXEjMrZmm%2FiJQMUceiONn%2FxAVNeer3%2Bl%2B7aIAM83jY%2FeDLIZlw42jHToMB"}],"group":"cf-nel","max_age":604800}
server
cloudflare
supergraph
www.nerdwallet.com/api/ 		90 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/api/supergraph
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.5172c221.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.14.6 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a709f64c0ad4ed779c79dc322da24427b9f84153535d642b027395b01be8c7a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept
*/*
Referer
https://analyze.nw-click.com/
accept-language
en-US,en;q=0.9
x-caller-client-id
analyze
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
x-client-platform
web
content-type
application/json

Response headers

date
Mon, 14 Nov 2022 19:22:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-security-policy
frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
content-security-policy-report-only
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval';
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
server
cloudflare
etag
W/"5a-HjoFZyoNa7LnW/3egUQEkuk7BQs"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
76a21df2bc6417bd-EWR
x-nerd
Edge
events
api.onthebarrelhead.com/api/v1/session/ 		150 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.onthebarrelhead.com/api/v1/session/events
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.5172c221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a7d6aaefba6e2265f62e8a55f731125712d7660a7d36976536ce31fc7e1fb68

Request headers

Accept
application/json, text/plain, */*
Referer
https://analyze.nw-click.com/
accept-language
en-US,en;q=0.9
Authorization
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIyOGViMDk1OTBhZmM0ZjU0YmQ2YmU0ZTlkZmYxMmNmMSIsImlhdCI6MTY2ODQ1Mzc1NywiZXhwIjoxNjY4NTQwMTU3LCJ2IjoiMiIsInN1YiI6NzA2OTY4MTB9.9bjfkTRkvejN5OSly1CAjx2b1k_uXMJz59HNdvvPDyM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 14 Nov 2022 19:22:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZaNqHOB8wmR3vtlRZ3w5rV5pE51T4duCeJyhODxDQxxGDfYArcX72mXMuehFMIkc0%2F6dQfysF1EHjkQdhVpM6ZYWotZ50zkioUEL%2FEMu%2Bq3dec3NgDkD%2B4Xzrvmt1plclXLB2Ga2sBQ4SnGpzDTn6PVSWda"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
cf-ray
76a21df28c6a186d-EWR
content-length
150
p
api.segment.io/v1/ 		21 B
178 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.5172c221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.82.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-82-178.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://analyze.nw-click.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://analyze.nw-click.com
date
Mon, 14 Nov 2022 19:22:38 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNTN8H2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 14 Nov 2022 19:22:37 GMT
last-modified
Wed, 09 Nov 2022 21:23:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3B6A907955EC4D2FB4E1CC0ABFA929C5 Ref B: EWR30EDGE1020 Ref C: 2022-11-14T19:22:37Z
etag
"077538f81f4d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11421
hotjar-542041.js
static.hotjar.com/c/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-542041.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNTN8H2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-97.phl50.r.cloudfront.net
Software
/
Resource Hash
755759b3fedae83ecf172e4da44bdc2717f7665a4ed6846ef5704ed8c18216e4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:21:41 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
56
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/779b5a7612224c4b2a21e3132f08e2e9
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
x-amz-cf-id
YAtg9FvxrIu2rZasA4Gh6UT0Z__pvzZw4yNEGKdXGL4Zs-Le_lVUZQ==
events.js
analytics.tiktok.com/i18n/pixel/ 		177 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9682D3C77U9N0P9530G&lib=ttq
Requested by
Host: s3.us-east-2.amazonaws.com
URL: https://s3.us-east-2.amazonaws.com/neldtontesmaphe/neldtontesmaphe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.1.40 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-1-40.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
578b1029e5781ed6c5c9643906b0782f7d5d89b1daa04348e8ed9fdcce59cfa3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-akamai-request-id
48478060.2b1baea3
date
Mon, 14 Nov 2022 19:22:37 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-1-36.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-parent-response-time
39,23.36.1.36
server-timing
cdn-cache; desc=MISS, edge; dur=12, origin; dur=27, inner; dur=3
pragma
no-cache
server
nginx
x-tt-logid
2022111419223786887D790673227BDDD6
x-cache-remote
TCP_MISS from a23-220-105-76.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
27,23.220.105.76
x-tt-trace-host
01805dd5b33f2fecd0b1907d90c6a9fae62a45b730b359d12c31a7a3784a1c0baa6928b138204e5b34da8afc0f008a9a6d936a1fe07b5b10dd1579cf344589b4100d8de17416089e9f0ead93a61ba558f0bd6be4a60220a1fd18c07cc35a63e2ff
expires
Mon, 14 Nov 2022 19:22:37 GMT
js
www.googletagmanager.com/gtag/ 		185 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X4363VV9ZN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNTN8H2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7699812bcf70eb59f8e88ce83641872689ae7d5d83ca13f94fd528a52d352da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
69095
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 14 Nov 2022 19:22:37 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: s3.us-east-2.amazonaws.com
URL: https://s3.us-east-2.amazonaws.com/neldtontesmaphe/neldtontesmaphe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 14 Nov 2022 19:22:37 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27337
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
A0oQxWB+el8EmjbsoMFpftrqQOiycok+e1taGaaB3NGY2J6pXoyKkzqe/twXObbwqxj5Y1eCR283wx6At7hgtw==
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.5172c221.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23
x-xss-protection
0
snapshot
api.trustedform.com/certs/c1b6fd42cf40c6ec45efab48f698b7c5feed11f1/ Frame 0AD4 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/c1b6fd42cf40c6ec45efab48f698b7c5feed11f1/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.30.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.143.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-143-120.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 14 Nov 2022 19:22:37 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
sofi.1a9e3ad8.png
analyze.nw-click.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/sofi.1a9e3ad8.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.30.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:2c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
209bbba6f7163b259848583858ea8e1cb5761089ad194de95a97e9601f9d7ccc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:38 GMT
via
1.1 193d4441ee6d312fd234f2d28e48c110.cloudfront.net (CloudFront)
last-modified
Thu, 10 Nov 2022 23:55:39 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
etag
"c4ce1ffe77ee99b77622a8ce267fd01e"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
1598
x-amz-cf-id
XZ88_xN49-hM5J_LjONdHCDvSHUPyhXt9kWI787RJ1m8hb4JGgve5w==
graphic.5182f59d.svg
analyze.nw-click.com/ 		56 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/graphic.5182f59d.svg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.30.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:2c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d37da68533f0bec1e870616609117f51870aa044e96f81c85bfb24a32e3253e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:38 GMT
content-encoding
gzip
via
1.1 193d4441ee6d312fd234f2d28e48c110.cloudfront.net (CloudFront)
last-modified
Thu, 10 Nov 2022 23:55:39 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
etag
W/"ac26fc1d0e12f359d738a22e75ea1be3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
0K9c-sNDpRtmJSdLstjQBnJEQpKF2h-ANVzSWVHTb0Cu-EpbGvAMXw==
step1.4798433f.svg
analyze.nw-click.com/ 		28 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/step1.4798433f.svg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.30.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:2c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df7d904b769cd337e322637742dc8a004200cc4142d7b4fb40f1b3c222191774

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:38 GMT
content-encoding
gzip
via
1.1 193d4441ee6d312fd234f2d28e48c110.cloudfront.net (CloudFront)
last-modified
Thu, 10 Nov 2022 23:55:39 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
etag
W/"b1ff304176046161d4322acb12f5a3ea"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
aEKBaHOO6pu24fmkDbD5JZVjDyIUCMeAMXbMpiXgY7q0D0wYYnYwLw==
step2.951bb7f4.svg
analyze.nw-click.com/ 		13 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/step2.951bb7f4.svg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.30.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:2c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b71779fb6bf169b8f365ad4ed7bb2559e122941f613cc69e6cd2004635f92fc0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42626&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42626&subId2=43850_11150853_11_2491_32&subId3=388527089&subId4=beipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv&subId5=32&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102a47773c6c6ef0fe470919d58f38&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:38 GMT
content-encoding
gzip
via
1.1 193d4441ee6d312fd234f2d28e48c110.cloudfront.net (CloudFront)
last-modified
Thu, 10 Nov 2022 23:55:39 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
etag
W/"b0de2862c933fecd011c45411876b971"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
7oirDreGMn9iFjhJWnpc3ceiCMj3VV5vGd3075G3SMVjLz7DYhq38g==
nw-pixel-v1.gif
www.nerdwallet.com/blog/wp-content/themes/nerdwallet/assets/tracking/ 		42 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nerdwallet.com/blog/wp-content/themes/nerdwallet/assets/tracking/nw-pixel-v1.gif
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.30.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.14.6 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:22:38 GMT
content-security-policy
frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
x-cache-status
HIT
content-security-policy-report-only
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval';
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42
x-xss-protection
1; mode=block;
last-modified
Fri, 11 Nov 2022 01:48:51 GMT
server
cloudflare
etag
"636daa03-2a"
x-frame-options
SAMEORIGIN
vary
Origin, Origin
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
76a21df34f509e17-EWR
x-nerd
Edge
expires
Thu, 31 Dec 2037 23:55:55 GMT
fingerprints
api.trustedform.com/certs/c1b6fd42cf40c6ec45efab48f698b7c5feed11f1/ Frame 0AD4 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/c1b6fd42cf40c6ec45efab48f698b7c5feed11f1/fingerprints
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.30.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.143.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-143-120.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 14 Nov 2022 19:22:37 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
rum
rum.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.17.1%2Cservice%3Aanalyze-front-end&dd-api-key=puba17748089e0d77f22b4c6dfedca76a53&dd-evp-origin-version=4.17.1&dd-evp-origin=browser&dd-request-id=e12a5240-04ea-4f6b-add3-9b181f627eb5&batch_time=1668453757967
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.5172c221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:6790:af1:bf99:3f63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
truncated
/ 		10 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
text/javascript
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.89
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 14 Nov 2022 19:22:38 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20715
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Ln03etuwulQ0dyswQAW2ar827aTrRVeGYvjSxh2DXhHgGZ2+cKKP6Qf7hpgcz8EEQdbvE8kpFWWS1k658egGIQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
145605262667436
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/145605262667436?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b99f916505ac1faff49375dc42e2b2f230ed8cd8f743ffe9509ce1635fef4dc7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 14 Nov 2022 19:22:38 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86184
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
iVnQ4igctQbIuOhAUttvCOmYBFdxbWayQ6F/DyJmOnfSmYYj5rvWd6R4Z8uQj6vXf7lLrWmozmj67GhlFH7esA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
modules.b738078c6419b4df4360.js
script.hotjar.com/ 		262 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.b738078c6419b4df4360.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-542041.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-90.phl50.r.cloudfront.net
Software
/
Resource Hash
67cb1288960184f65c3874803c2ba1506ef85a9f4d81a35e9342b581dc10f598
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 12:14:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 558a7274c3bf9c351a26dc5ddb8c820a.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
284912
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68482
last-modified
Fri, 11 Nov 2022 12:13:35 GMT
etag
"8f0c4297c2d458710337dddf28967bf3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
SF9NUFQXUrk73vEFDD3iOCpO1WVry25NDxxUIM18TSKbbDSuh_dfUA==
collect
www.google-analytics.com/g/ 		0
351 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-X4363VV9ZN&gtm=2oeb90&_p=1140891404&cid=1137576288.1668453758&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668453758&sct=1&seg=0&dl=https%3A%2F%2Fanalyze.nw-click.com%2Fpersonal-loan%3Futm_source%3DDA%26utm_medium%3Daffiliate%26utm_campaign%3D42626%26offer%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26affiliateId%3D1006%26affiliateName%3DDA%26subId1%3D42626%26subId2%3D43850_11150853_11_2491_32%26subId3%3D388527089%26subId4%3DbeipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv%26subId5%3D32%26subId6%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26hoTid%3D102a47773c6c6ef0fe470919d58f38%26hoOfferId%3D99&dt=NerdWallet%3A%20Make%20all%20the%20right%20money%20moves&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X4363VV9ZN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 19:22:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://analyze.nw-click.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5715165.js
bat.bing.com/p/action/ 		0
119 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5715165.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Mon, 14 Nov 2022 19:22:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6B7443B22EFD4B7A8BE71DD1812BC08B Ref B: EWR30EDGE1020 Ref C: 2022-11-14T19:22:38Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5715165&tm=gtm002&Ver=2&mid=48ce209d-a1f4-4d45-a50a-3789b5e819b3&sid=b337fa90645111ed8e2ffda09f836de9&vid=b3385420645111ed94a22398fa4c82c1&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=NerdWallet%3A%20Make%20all%20the%20right%20money%20moves&p=https%3A%2F%2Fanalyze.nw-click.com%2Fpersonal-loan%3Futm_source%3DDA%26utm_medium%3Daffiliate%26utm_campaign%3D42626%26offer%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26affiliateId%3D1006%26affiliateName%3DDA%26subId1%3D42626%26subId2%3D43850_11150853_11_2491_32%26subId3%3D388527089%26subId4%3DbeipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv%26subId5%3D32%26subId6%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26hoTid%3D102a47773c6c6ef0fe470919d58f38%26hoOfferId%3D99&r=&lt=2148&evt=pageLoad&sv=1&rn=36625
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 14 Nov 2022 19:22:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C738813CC3864643ABE81A1563FEC78B Ref B: EWR30EDGE1020 Ref C: 2022-11-14T19:22:38Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9682D3C77U9N0P9530G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.1.40 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-1-40.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
83cf8149ef742c4af7261b8fb4029470a341d867454da9f8fc145042cc1e5c52

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-akamai-request-id
ca30326.2b1baf67
date
Mon, 14 Nov 2022 19:22:38 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-1-36.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-parent-response-time
16,23.36.1.36
server-timing
cdn-cache; desc=MISS, edge; dur=10, origin; dur=6, inner; dur=2
pragma
no-cache
server
nginx
x-tt-logid
20221114192238DF596763AC600B8E389B
x-cache-remote
TCP_MISS from a23-220-105-88.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
6,23.220.105.88
x-tt-trace-host
01805dd5b33f2fecd0b1907d90c6a9fae62a45b730b359d12c31a7a3784a1c0baa6d930bba1b31698d02807a879b2062bc17b88c109c9b85b6e8d41b7ce7956b4647aec52fa552b5c437da9e3adf84fcaf2b6ee0ad041e08e90196997d293568c7
expires
Mon, 14 Nov 2022 19:22:38 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
688 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9682D3C77U9N0P9530G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.1.40 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-1-40.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
ca304ca.2b1bafbc
date
Mon, 14 Nov 2022 19:22:38 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-1-36.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-parent-response-time
322,23.36.1.36
server-timing
cdn-cache; desc=MISS, edge; dur=12, origin; dur=314, inner; dur=305
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202211141922385F534BBCBB2EEF7EFA1E
x-cache-remote
TCP_MISS from a23-220-105-88.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
314,23.220.105.88
x-tt-trace-host
01805dd5b33f2fecd0b1907d90c6a9fae62a45b730b359d12c31a7a3784a1c0baa6d930bba1b31698d02807a879b2062bc17b88c109c9b85b6e8d41b7ce7956b46e43c02c80fc714d24d7d4d14f2f43b6c06bc26da2ad333060aa2340ade132234
expires
Mon, 14 Nov 2022 19:22:38 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
682 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9682D3C77U9N0P9530G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.1.40 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-1-40.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
f025995.2b1bafbd
date
Mon, 14 Nov 2022 19:22:38 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-1-36.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-parent-response-time
32,23.36.1.36
server-timing
cdn-cache; desc=MISS, edge; dur=29, origin; dur=8, inner; dur=5
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2022111419223859319F46A9E3B57BCE09
x-cache-remote
TCP_MISS from a23-220-105-89.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
8,23.220.105.89
x-tt-trace-host
01805dd5b33f2fecd0b1907d90c6a9fae62a45b730b359d12c31a7a3784a1c0baadcdf15259b7ef64dbef1107bca2c27d08e58c0a265dba77ca3ba9d6d16d8046bbc2538f0d3d844a3dac250dbdce3e969536fe22eebb9ecb08349b8f20079c907
expires
Mon, 14 Nov 2022 19:22:38 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
685 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9682D3C77U9N0P9530G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.1.40 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-1-40.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
6aacdfce.2b1bafbe
date
Mon, 14 Nov 2022 19:22:38 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-1-36.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-parent-response-time
28,23.36.1.36
server-timing
cdn-cache; desc=MISS, edge; dur=17, origin; dur=16, inner; dur=6
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20221114192238CA2AE198D58EAC89169B
x-cache-remote
TCP_MISS from a23-220-105-68.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
16,23.220.105.68
x-tt-trace-host
01805dd5b33f2fecd0b1907d90c6a9fae62a45b730b359d12c31a7a3784a1c0baa4e060c83bbc26bcd935d5657a38bc4c9e42474cc17169f699a42d698ff3e485a85aea649a96f0a6837f11c67d77014b7a4af6ab5d527a806f698b84b8406ad13
expires
Mon, 14 Nov 2022 19:22:38 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
685 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9682D3C77U9N0P9530G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.1.40 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-1-40.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
4847898f.2b1bafd0
date
Mon, 14 Nov 2022 19:22:38 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-1-36.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-parent-response-time
41,23.36.1.36
server-timing
cdn-cache; desc=MISS, edge; dur=14, origin; dur=30, inner; dur=8
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20221114192238BBAA738D6301FF83388B
x-cache-remote
TCP_MISS from a23-220-105-76.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
30,23.220.105.76
x-tt-trace-host
01805dd5b33f2fecd0b1907d90c6a9fae62a45b730b359d12c31a7a3784a1c0baa6928b138204e5b34da8afc0f008a9a6d75edd4c7bc2e2ebe2daf85d12fccff29049a0a112791e8e46dd41adbf24c28b3d26cd3c1572828ef978c1753b6df75a3
expires
Mon, 14 Nov 2022 19:22:38 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		860 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C9682D3C77U9N0P9530G&hostname=analyze.nw-click.com
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9682D3C77U9N0P9530G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.1.40 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-1-40.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e6f74b7febfa0a8adebc228bae002098d43710d7203f00ca9bcd13f04b589816

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-akamai-request-id
8dd603dc.2b1bafd1
date
Mon, 14 Nov 2022 19:22:38 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-1-36.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-parent-response-time
26,23.36.1.36
server-timing
cdn-cache; desc=MISS, edge; dur=15, origin; dur=11, inner; dur=3
content-length
343
pragma
no-cache
server
nginx
x-tt-logid
20221114192238F6AB9189A7BDF77F2DAB
x-cache-remote
TCP_MISS from a23-220-105-82.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
12,23.220.105.82
x-tt-trace-host
01805dd5b33f2fecd0b1907d90c6a9fae62a45b730b359d12c31a7a3784a1c0baa89ade598e22994e7924df4216ad3231d32826ddf0f48705a0b0184e340e2652c2941aa8dead9b1bf01215c964fbf0f3c76a3c97e864b5fa717ea41cb06ec1215
expires
Mon, 14 Nov 2022 19:22:38 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
685 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9682D3C77U9N0P9530G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.1.40 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-1-40.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
15001b26.2b1bafd2
date
Mon, 14 Nov 2022 19:22:38 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-1-36.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-parent-response-time
34,23.36.1.36
server-timing
cdn-cache; desc=MISS, edge; dur=19, origin; dur=20, inner; dur=5
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20221114192238031D7F2C84CF7D7B8C54
x-cache-remote
TCP_MISS from a23-220-105-85.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
20,23.220.105.85
x-tt-trace-host
01805dd5b33f2fecd0b1907d90c6a9fae62a45b730b359d12c31a7a3784a1c0baa0d035976307fed91dcab2018fc5fc8b8aaee4ead8d92177243f745c0d9a91e323bd59b47b5276e2025555f75319d5a4951692755e37393369ca9a948880bdd93
expires
Mon, 14 Nov 2022 19:22:38 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
685 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9682D3C77U9N0P9530G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.1.40 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-1-40.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
f025b99.2b1bafd3
date
Mon, 14 Nov 2022 19:22:38 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-1-36.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-parent-response-time
27,23.36.1.36
server-timing
cdn-cache; desc=MISS, edge; dur=16, origin; dur=15, inner; dur=6
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202211141922386071B49BA03D41840FC0
x-cache-remote
TCP_MISS from a23-220-105-89.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
15,23.220.105.89
x-tt-trace-host
01805dd5b33f2fecd0b1907d90c6a9fae62a45b730b359d12c31a7a3784a1c0baadcdf15259b7ef64dbef1107bca2c27d02c83ebb58f3ead367315075f6718af18a7fbf1992b3c7705d84815389bacafb1344b8e9b9cdd82a51cb2d17cfbc4bcdf
expires
Mon, 14 Nov 2022 19:22:38 GMT
rum
rum.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.17.1%2Cservice%3Aanalyze-front-end&dd-api-key=puba17748089e0d77f22b4c6dfedca76a53&dd-evp-origin-version=4.17.1&dd-evp-origin=browser&dd-request-id=a8165d56-bcfa-43b6-8d6a-924ff04b5f94&batch_time=1668453758124
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.5172c221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:6790:af1:bf99:3f63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
box-c6ca1c87e308a39aabb76b56ba54398b.html
vars.hotjar.com/ Frame DCE0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-542041.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-97.phl50.r.cloudfront.net
Software
/
Resource Hash
a0084043f26a51ea743463b4a653e4850cbaae0868832e4471a199f753fc6b27
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://analyze.nw-click.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
889231
cache-control
max-age=31536000
content-encoding
br
content-length
1035
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 04 Nov 2022 12:22:07 GMT
etag
"b6d25d1350d6a014d80689f389e76f97"
last-modified
Fri, 04 Nov 2022 12:21:18 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
x-amz-cf-id
udOYcF8JkU6_B4yesP3KDINON-m76pY7Cnfels9dc7FP8VbrKW-WXQ==
x-amz-cf-pop
PHL50-C1
x-cache
Hit from cloudfront
x-robots-tag
none
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=145605262667436&ev=PageView&dl=https%3A%2F%2Fanalyze.nw-click.com%2Fpersonal-loan%3Futm_source%3DDA%26utm_medium%3Daffiliate%26utm_campaign%3D42626%26offer%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26affiliateId%3D1006%26affiliateName%3DDA%26subId1%3D42626%26subId2%3D43850_11150853_11_2491_32%26subId3%3D388527089%26subId4%3DbeipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv%26subId5%3D32%26subId6%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26hoTid%3D102a47773c6c6ef0fe470919d58f38%26hoOfferId%3D99&rl=&if=false&ts=1668453758193&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668453758192.678465502&it=1668453757992&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 14 Nov 2022 19:22:38 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
monitor
analytics.tiktok.com/api/v2/ 		0
685 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9682D3C77U9N0P9530G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.1.40 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-1-40.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
7dd5496f.2b1bb05e
date
Mon, 14 Nov 2022 19:22:38 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-1-36.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-parent-response-time
58,23.36.1.36
server-timing
cdn-cache; desc=MISS, edge; dur=17, origin; dur=46, inner; dur=5
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2022111419223864345E40C6132588D260
x-cache-remote
TCP_MISS from a23-220-105-87.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
46,23.220.105.87
x-tt-trace-host
01805dd5b33f2fecd0b1907d90c6a9fae62a45b730b359d12c31a7a3784a1c0baafd76c4cb59ab41e9d30b571245ee13a53cef9b70df65c35578aec5b66671078d2341effc506f361fbab159f52c279ef68c47c19bb56546ac809ca133fb8b6e3c
expires
Mon, 14 Nov 2022 19:22:38 GMT
rum
rum.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.17.1%2Cservice%3Aanalyze-front-end&dd-api-key=puba17748089e0d77f22b4c6dfedca76a53&dd-evp-origin-version=4.17.1&dd-evp-origin=browser&dd-request-id=ae7f5f8a-d5bc-4e99-8a04-2628960460d4&batch_time=1668453758210
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.5172c221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:6790:af1:bf99:3f63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
monitor
analytics.tiktok.com/api/v2/ 		0
683 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9682D3C77U9N0P9530G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.1.40 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-1-40.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
f025d68.2b1bb063
date
Mon, 14 Nov 2022 19:22:38 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-1-36.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-parent-response-time
18,23.36.1.36
server-timing
cdn-cache; desc=MISS, edge; dur=13, origin; dur=10, inner; dur=7
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20221114192238E4B24D9A39B9257AC44A
x-cache-remote
TCP_MISS from a23-220-105-89.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
10,23.220.105.89
x-tt-trace-host
01805dd5b33f2fecd0b1907d90c6a9fae62a45b730b359d12c31a7a3784a1c0baadcdf15259b7ef64dbef1107bca2c27d01594f4132c56804f581ae4e2f718f51ca84fb3f7ea1a118d19e07e309cc4b7e15335f04dfcf2a0ecc47cae8f95d82211
expires
Mon, 14 Nov 2022 19:22:38 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
685 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9682D3C77U9N0P9530G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.1.40 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-1-40.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
e33e545e.2b1bb065
date
Mon, 14 Nov 2022 19:22:38 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-1-36.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-parent-response-time
25,23.36.1.36
server-timing
cdn-cache; desc=MISS, edge; dur=14, origin; dur=17, inner; dur=12
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202211141922382AC8A01E8C60097F8AE2
x-cache-remote
TCP_MISS from a23-220-105-91.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
17,23.220.105.91
x-tt-trace-host
01805dd5b33f2fecd0b1907d90c6a9fae62a45b730b359d12c31a7a3784a1c0baa1029fdf04a710c3f948a6372afdc6b9cef28785cb3e1e862f7150adabce38109e28d24d7ead99d1ed87d7455c4c805064526ee37feb9c79e2e1dd8adff09ef40
expires
Mon, 14 Nov 2022 19:22:38 GMT
Snap
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/Snap?msn=3&pid=2bca0ad5-e03e-4466-b02f-8a4b84294aef&token=5CE506C6-D97B-C845-E9D3-CD8F400E14C8&_=762854093
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.5172c221.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.22.5.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-5-68.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 14 Nov 2022 19:22:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
9
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
InitFormData
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/InitFormData?msn=4&pid=2bca0ad5-e03e-4466-b02f-8a4b84294aef&token=5CE506C6-D97B-C845-E9D3-CD8F400E14C8&_=762854094
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.5172c221.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.22.5.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-5-68.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 14 Nov 2022 19:22:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
7
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
events
api.trustedform.com/certs/c1b6fd42cf40c6ec45efab48f698b7c5feed11f1/ Frame 0AD4 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/c1b6fd42cf40c6ec45efab48f698b7c5feed11f1/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.30.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.143.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-143-120.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 14 Nov 2022 19:22:38 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
Snap
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/Snap?msn=5&pid=2bca0ad5-e03e-4466-b02f-8a4b84294aef&token=5CE506C6-D97B-C845-E9D3-CD8F400E14C8&_=762854095
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.5172c221.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.22.5.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-5-68.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 14 Nov 2022 19:22:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
7
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=145605262667436&ev=Microdata&dl=https%3A%2F%2Fanalyze.nw-click.com%2Fpersonal-loan%3Futm_source%3DDA%26utm_medium%3Daffiliate%26utm_campaign%3D42626%26offer%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26affiliateId%3D1006%26affiliateName%3DDA%26subId1%3D42626%26subId2%3D43850_11150853_11_2491_32%26subId3%3D388527089%26subId4%3DbeipWzhZfqvBCixIbzFIbzDVAypqfnQcnjPGCzdcwDasnMdCVbvTenMbnckXv%26subId5%3D32%26subId6%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26hoTid%3D102a47773c6c6ef0fe470919d58f38%26hoOfferId%3D99&rl=&if=false&ts=1668453759713&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22NerdWallet%3A%20Make%20all%20the%20right%20money%20moves%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1668453758192.678465502&it=1668453757992&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 14 Nov 2022 19:22:39 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
events
api.trustedform.com/certs/c1b6fd42cf40c6ec45efab48f698b7c5feed11f1/ Frame 0AD4 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/c1b6fd42cf40c6ec45efab48f698b7c5feed11f1/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.30.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.143.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-143-120.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 14 Nov 2022 19:22:39 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
common.js
maps.googleapis.com/maps-api-v3/api/js/50/12a/ 		248 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/50/12a/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDS-PiX0T0HhN3K_69LEvUOYySpGxNAaGk&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7f6913366b53872adac07cbd9708d54830a578b5a59e6fcb600e32b340fa1bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 13:34:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69585
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 20:13:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Nov 2023 13:34:20 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/50/12a/ 		166 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/50/12a/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDS-PiX0T0HhN3K_69LEvUOYySpGxNAaGk&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c794b1db0cce54971541669b8c23bbe83b3406db2d70eecac666136e6627b93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 16:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8651
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62424
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 20:13:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Nov 2023 16:58:31 GMT
rum
rum.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.17.1%2Cservice%3Aanalyze-front-end&dd-api-key=puba17748089e0d77f22b4c6dfedca76a53&dd-evp-origin-version=4.17.1&dd-evp-origin=browser&dd-request-id=0490313e-c5a9-4f0f-89fe-fc7727c202a2&batch_time=1668453762926
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.5172c221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:6790:af1:bf99:3f63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| regeneratorRuntime object| LeadiDconfig object| LeadiD object| DD_RUM object| analytics function| parcelRequire object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| defaultStyleFrame object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording object| webpackChunk_name_Destination function| amplitude-pluginsDestination object| dataLayer object| google_tag_manager object| google_tag_data function| hj object| _hjSettings string| TiktokAnalyticsObject object| ttq function| fbq function| _fbq object| google object| module$contents$mapsapi$overlay$overlayView_OverlayView function| UET function| UET_init function| UET_push object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| gaGlobal object| ueto_58bb2fdf35 object| uetq object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge string| label string| id boolean| sensitiveData

26 Cookies

Domain/Path Name / Value
.speedtrkzone.com/ Name: st
Value: 6PORndnJRaQgrwpHZIa0NfruhUn6A93Hc/QQf1+jIl824KzvyIYjOA==
.speedtrkzone.com/ Name: tym
Value: /lMoR4A17MNV8ULWbyi4SPruhUn6A93Hc/QQf1+jIl824KzvyIYjOA==
.speedtrkzone.com/ Name: c31497
Value: 6PORndnJRaRzOYUgXkPDZVtna0sXWrZRkiwmcXjGMZFANqBLMHQrsQ==
.www.nerdwallet.com/ Name: __cf_bm
Value: 6eILDexwb23wnr2K7vIKlrQgE8rvnM4rZFBG2Xr.DXY-1668453756-0-AQUBqHcKpPPp8nvTvlSGaLp1wgXxxJJguwGtprTEez0WXCXZ+fb0I7VHStQ2fvB5Zzra1q/dOROabTjpHcx6caMQOn+BnVMJZ1nch59Id1z2
.www.nerdwallet.com/ Name: __cfruid
Value: 611dc01c6c2d1df56028fde0a30ba89cce40e2ad-1668453756
analyze.nw-click.com/ Name: leadid_token-22813350-8774-3000-19AC-FC31C47988BB-6A646C57-A079-2DAF-11AA-FA12E35CE4D2
Value: 5CE506C6-D97B-C845-E9D3-CD8F400E14C8
.deviceid.trueleadid.com/ Name: uuid
Value: 1fdf3aba14aa4b928c56f6c1fa6020d2
.nw-click.com/ Name: ajs_anonymous_id
Value: 93c929de-162f-41f8-9b97-149e20a43b75
.nw-click.com/ Name: _gcl_au
Value: 1.1.1117035520.1668453758
.bing.com/ Name: MUID
Value: 09A708C465476E0A28911A9864256FC3
.bat.bing.com/ Name: MR
Value: 0
.nw-click.com/ Name: _ga_X4363VV9ZN
Value: GS1.1.1668453758.1.0.1668453758.0.0.0
.nw-click.com/ Name: _ga
Value: GA1.1.1137576288.1668453758
.nw-click.com/ Name: _uetsid
Value: b337fa90645111ed8e2ffda09f836de9
.nw-click.com/ Name: _uetvid
Value: b3385420645111ed94a22398fa4c82c1
www.nerdwallet.com/ Name: AWSALBTGCORS
Value: MiJt9YOVU8bmBodkmCL83U6LFfXt76m1iRpyvHb8AsNOPXLOrtuds1UUJKlcEmGk40TDMKEhwsqJIaiRZj/6Sy4JD2TVahGMVxBBki3sIYE4/MUjWLK6h2NxFQcMtLgUqUOa9nGKTgNyRBbA22A34mtTMWGCe469Uws+vFrlPv8p
.tiktok.com/ Name: _ttp
Value: 2HYEkP5sFT0eyzit2bj2o4Jhrzc
.nw-click.com/ Name: _fbp
Value: fb.1.1668453758192.678465502
.nw-click.com/ Name: _tt_enable_cookie
Value: 1
.nw-click.com/ Name: _ttp
Value: 51fe4e57-f216-47cf-917f-9f5f1c804cb9
.nw-click.com/ Name: _hjSessionUser_542041
Value: eyJpZCI6IjQ4YjQzZTU0LTdmMGYtNWIxZS1hZmY1LTg0ZDhmNmU0NGYwMCIsImNyZWF0ZWQiOjE2Njg0NTM3NTgxNzMsImV4aXN0aW5nIjpmYWxzZX0=
.nw-click.com/ Name: _hjFirstSeen
Value: 1
analyze.nw-click.com/ Name: _hjIncludedInSessionSample
Value: 0
.nw-click.com/ Name: _hjSession_542041
Value: eyJpZCI6IjdhYWIxNzE3LTExODYtNGE0NS05YjZiLTM3YmFkOTNhNDA0NiIsImNyZWF0ZWQiOjE2Njg0NTM3NTgyMjcsImluU2FtcGxlIjpmYWxzZX0=
.nw-click.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
analyze.nw-click.com/ Name: _dd_s
Value: rum=1&id=d69e811b-6265-47a7-ba21-66a57b50e546&created=1668453757367&expire=1668454657367

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
analyze.nw-click.com
api.onthebarrelhead.com
api.segment.io
api.trustedform.com
bat.bing.com
cdn.segment.com
cdn.trustedform.com
communisearch.duckdns.org
connect.facebook.net
d2m2wsoho8qq12.cloudfront.net
ddggpro.com
deviceid.trueleadid.com
leadid.onthebarrelhead.com
maps.googleapis.com
rum.browser-intake-datadoghq.com
s3.us-east-2.amazonaws.com
script.hotjar.com
speedtrkzone.com
static.hotjar.com
tracking.plpro.co
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.nerdwallet.com
104.18.14.6
13.224.207.4
13.224.208.198
13.224.214.90
13.224.214.97
14.192.51.91
18.210.69.85
23.22.5.68
23.36.1.40
2600:1f18:24e6:b901:6790:af1:bf99:3f63
2600:9000:20ed:2c00:c:d509:13c0:93a1
2600:9000:20ed:5800:1c:7f1a:6680:93a1
2606:4700:20::ac43:4aaa
2607:f8b0:4006:81e::2008
2607:f8b0:4006:81f::200a
2607:f8b0:4006:822::200e
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
34.204.122.224
34.224.181.209
52.219.109.49
52.36.82.178
52.71.143.120
52.86.93.38
00b38ca12e230a61d08701d7fe2da4b7ec41b510d6af7712cc41b34e8b971de8
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
159c6b1e9f2d3b4d2fc9530c5da40152f37a34551bd0a7fb528f7ff6e3d9d83a
18157870a65e487555dce9077bd3351b73a34fbdb844c4619b6fb5c530d58273
1d37da68533f0bec1e870616609117f51870aa044e96f81c85bfb24a32e3253e
1f63019de0e822b458883425231102caffd2264c09769a6e84e7a5264b41163a
209bbba6f7163b259848583858ea8e1cb5761089ad194de95a97e9601f9d7ccc
2d793e9fc718ea6e7c8e81ddf7cdef6cc4bf5817c4869171b56fddbdee811269
37473b44ff83bdebfe4656b14121fcf6213f1ab9c96be74e0b060f3cd9c11c11
48da1f3149b6e00e95d8ef4a57e773ab558a864b77c96f6019e4cfebe19106a6
492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29
4ae4bbc3bbd5733dcaf9302940b4115e5871733f71ab3f3e7250e693b4d05f6d
4c53686b7318dc68f809d337ab0a9ec82db4d9d77e4f8c2d882151aef6cca082
5407429c1de116021bd47a460a228cd4bd0e7662e202aa94052d9ba4e94195fa
578b1029e5781ed6c5c9643906b0782f7d5d89b1daa04348e8ed9fdcce59cfa3
5a709f64c0ad4ed779c79dc322da24427b9f84153535d642b027395b01be8c7a
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
64445cdba1784cfe6dc6664a9d3ecde1d38565d04e349c6880db5f906bbd3aca
65d3434b584549ccbfde484225ccf848d7d456c73395fe12671a07f1833f69a8
67cb1288960184f65c3874803c2ba1506ef85a9f4d81a35e9342b581dc10f598
6cdacbf051630f7d0e1f669c81e43a897165a3f7909adb2ec5b73ab0d8fa8863
755759b3fedae83ecf172e4da44bdc2717f7665a4ed6846ef5704ed8c18216e4
7699812bcf70eb59f8e88ce83641872689ae7d5d83ca13f94fd528a52d352da7
83cf8149ef742c4af7261b8fb4029470a341d867454da9f8fc145042cc1e5c52
853e34ec7ce0e41c4ca5b514a4c2b534e52bf39bf42f2e0eaa28178b4206801b
8a7d6aaefba6e2265f62e8a55f731125712d7660a7d36976536ce31fc7e1fb68
8ac5c8700425310ef8e5dd04cc42515831c0893f0137255bdf49c4f29782ab8f
970f8def9185a05f5cbe09849ce7c5b3578f7ace77ce02b5be29e23e17a592b6
9c794b1db0cce54971541669b8c23bbe83b3406db2d70eecac666136e6627b93
a0084043f26a51ea743463b4a653e4850cbaae0868832e4471a199f753fc6b27
a856c49200096e83ed1a3612d4b4fcb1961a1f66f1a5f78c19bb71e31b98d221
ae68e771989d53e83a9887becea1cf92f05bb050409188d4476e8fe12834eaa4
b01ed2315bcad25c0e9dc4b98c0432852ff5cfa2135ccbce168da152850626ba
b71779fb6bf169b8f365ad4ed7bb2559e122941f613cc69e6cd2004635f92fc0
b7f6913366b53872adac07cbd9708d54830a578b5a59e6fcb600e32b340fa1bc
b99f916505ac1faff49375dc42e2b2f230ed8cd8f743ffe9509ce1635fef4dc7
b9b7fe37d238a70a7420a3ef743fd7cb77674cc55ad3730a485052a828c59448
ba8be65746ca30fadff7deb639117ec587a44e0428f89218d70bc5e4888ac308
c45992da4f0169a7651346ef0a4cb27efe93b28a3b80d230a6f428a0e242db65
c4c1b1d717b95f71df6aee145bd0bcf9d5783c2437af39325ff4e6f8fb817670
c6984cff50e70f2ae4235a0ff5df823b3ad473fe89129d910a210bde7509b4a1
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d7da9f674b731fd8f94b81f211bbc652be9e4635f4c5f91d9dbe6312a1f97dd1
d925fff8efab019e1af1ff0f17536c75c75a98d4a3a4e2a0da301bb7e43488fc
df7d904b769cd337e322637742dc8a004200cc4142d7b4fb40f1b3c222191774
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047
e6f74b7febfa0a8adebc228bae002098d43710d7203f00ca9bcd13f04b589816
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143