urlscan.io logo urlscan.io
SecurityTrails logo

analyze.nw-click.com Open in urlscan Pro
2600:9000:224a:e400:c:d509:13c0:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://analyze.nw-click.com/personal-loan/apply/street-address
Submission: On November 02 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 4 countries across 17 domains to perform 84 HTTP transactions. The main IP is 2600:9000:224a:e400:c:d509:13c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is analyze.nw-click.com. The Cisco Umbrella rank of the primary domain is 508445.
TLS certificate: Issued by Amazon on August 25th 2022. Valid for: a year.
This is the only time analyze.nw-click.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2600:9000:224... 16509 (AMAZON-02)
11 104.18.42.63 13335 (CLOUDFLAR...)
9 52.21.227.162 14618 (AMAZON-AES)
1 6 34.236.64.108 14618 (AMAZON-AES)
2 2600:9000:20e... 16509 (AMAZON-02)
6 13.225.79.112 16509 (AMAZON-02)
10 2606:4700:20:... 13335 (CLOUDFLAR...)
1 13.225.84.207 16509 (AMAZON-02)
1 52.5.60.38 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:1f18:24e... 14618 (AMAZON-AES)
4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 13.226.153.39 16509 (AMAZON-02)
4 184.86.103.210 20940 (AKAMAI-ASN1)
3 2a03:2880:f01... 32934 (FACEBOOK)
3 2600:1f18:24e... 14618 (AMAZON-AES)
1 2001:4860:480... 15169 (GOOGLE)
4 52.36.48.34 16509 (AMAZON-02)
1 108.157.4.86 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 108.157.4.53 16509 (AMAZON-02)
1 52.30.44.244 16509 (AMAZON-02)
1 52.211.89.118 16509 (AMAZON-02)
84 25
5    2600:9000:224a:e400:c:d509:13c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
analyze.nw-click.com
11    104.18.42.63 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
www.nerdwallet.com
9    52.21.227.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-227-162.compute-1.amazonaws.com
leadid.onthebarrelhead.com
6    34.236.64.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-64-108.compute-1.amazonaws.com
api.trustedform.com
2    2600:9000:20eb:e200:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.trustedform.com
6    13.225.79.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-79-112.fra2.r.cloudfront.net
cdn.segment.com
10    2606:4700:20::681a:21 (United States)

ASN13335 (CLOUDFLARENET, US)
api.onthebarrelhead.com
1    13.225.84.207 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-207.fra2.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
1    52.5.60.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-60-38.compute-1.amazonaws.com
deviceid.trueleadid.com
2    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    2600:1f18:24e6:b902:dc17:b01c:c3d9:f3be (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
session-replay.browser-intake-datadoghq.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    13.226.153.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-153-39.dus51.r.cloudfront.net
static.hotjar.com
4    184.86.103.210 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-103-210.deploy.static.akamaitechnologies.com
analytics.tiktok.com
3    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2600:1f18:24e6:b901:6ab1:aefc:4ed:7c71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rum.browser-intake-datadoghq.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    52.36.48.34 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-48-34.us-west-2.compute.amazonaws.com
api.segment.io
1    108.157.4.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-86.dus51.r.cloudfront.net
script.hotjar.com
2    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    108.157.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-53.dus51.r.cloudfront.net
vars.hotjar.com
1    52.30.44.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-44-244.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    52.211.89.118 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-89-118.eu-west-1.compute.amazonaws.com
ws17.hotjar.com
Apex Domain
Subdomains		 Transfer
19 onthebarrelhead.com
leadid.onthebarrelhead.com — Cisco Umbrella Rank: 632421
api.onthebarrelhead.com — Cisco Umbrella Rank: 802076
12 KB
11 nerdwallet.com
www.nerdwallet.com — Cisco Umbrella Rank: 41544
59 KB
8 trustedform.com
api.trustedform.com — Cisco Umbrella Rank: 32532
cdn.trustedform.com — Cisco Umbrella Rank: 39039
42 KB
6 segment.com
cdn.segment.com — Cisco Umbrella Rank: 2290
42 KB
5 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 889
script.hotjar.com — Cisco Umbrella Rank: 1168
vars.hotjar.com — Cisco Umbrella Rank: 1210
in.hotjar.com — Cisco Umbrella Rank: 2124
ws17.hotjar.com — Cisco Umbrella Rank: 79675
70 KB
5 nw-click.com
analyze.nw-click.com — Cisco Umbrella Rank: 508445
1 MB
4 segment.io
api.segment.io — Cisco Umbrella Rank: 1247
709 B
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 915
72 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 616
12 KB
4 browser-intake-datadoghq.com
session-replay.browser-intake-datadoghq.com — Cisco Umbrella Rank: 14801
rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 3965
4 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 629
184 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
133 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
203 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 121
141 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2041
351 B
1 trueleadid.com
deviceid.trueleadid.com — Cisco Umbrella Rank: 24650
2 KB
1 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
2 KB
84 17
Domain Requested by
11 www.nerdwallet.com analyze.nw-click.com
cdn.trustedform.com
10 api.onthebarrelhead.com analyze.nw-click.com
9 leadid.onthebarrelhead.com analyze.nw-click.com
deviceid.trueleadid.com
6 cdn.segment.com analyze.nw-click.com
cdn.segment.com
6 api.trustedform.com 1 redirects api.trustedform.com
cdn.trustedform.com
5 analyze.nw-click.com analyze.nw-click.com
cdn.trustedform.com
4 api.segment.io analyze.nw-click.com
4 analytics.tiktok.com analyze.nw-click.com
analytics.tiktok.com
4 bat.bing.com www.googletagmanager.com
bat.bing.com
analyze.nw-click.com
4 maps.googleapis.com analyze.nw-click.com
maps.googleapis.com
3 rum.browser-intake-datadoghq.com analyze.nw-click.com
3 connect.facebook.net analyze.nw-click.com
connect.facebook.net
2 www.facebook.com analyze.nw-click.com
2 www.googletagmanager.com analyze.nw-click.com
www.googletagmanager.com
2 cdn.trustedform.com analyze.nw-click.com
api.trustedform.com
1 ws17.hotjar.com analyze.nw-click.com
1 in.hotjar.com analyze.nw-click.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 region1.google-analytics.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 session-replay.browser-intake-datadoghq.com analyze.nw-click.com
1 deviceid.trueleadid.com d2m2wsoho8qq12.cloudfront.net
1 d2m2wsoho8qq12.cloudfront.net analyze.nw-click.com
84 24
Subject Issuer Validity Valid
*.analyze.nw-click.com
Amazon		 2022-08-25 -
2023-09-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-08 -
2023-04-07		 a year crt.sh
leadid.onthebarrelhead.com
R3		 2022-09-14 -
2022-12-13		 3 months crt.sh
*.segment.com
Amazon		 2022-01-12 -
2023-02-10		 a year crt.sh
onthebarrelhead.com
Cloudflare Inc ECC CA-3		 2022-04-30 -
2023-04-30		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
deviceid.trueleadid.com
Amazon		 2022-01-07 -
2023-02-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.browser-intake-datadoghq.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-21 -
2023-07-22		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.hotjar.com
Amazon		 2022-10-25 -
2023-11-23		 a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-11 -
2022-11-09		 3 months crt.sh
*.segment.io
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.trustedform.com
Amazon		 2022-09-11 -
2023-10-09		 a year crt.sh
cdn.trustedform.com
Amazon		 2022-04-14 -
2023-05-13		 a year crt.sh

This page contains 6 frames:

Primary Page: https://analyze.nw-click.com/personal-loan/apply/street-address
Frame ID: 8CE753EE6E4A41AD6CD8DBB98EDAF27E
Requests: 69 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=CDE3B035-250D-DD14-FC04-11F37DE22714&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Frame ID: 33EC26038EFC561F03007821F2D6EEE2
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=CDE3B035-250D-DD14-FC04-11F37DE22714&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Frame ID: 73FEBBFB4D5C467431D0CB75F2C16694
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html
Frame ID: 84C7011BFE4EE16FD817023AA19CE80B
Requests: 1 HTTP requests in this frame

Frame: https://api.trustedform.com/certs
Frame ID: 5D000002EF68343BCF91564EC2FBE40D
Requests: 1 HTTP requests in this frame

Frame: https://api.trustedform.com/certs/0d6b25f48e5fe590c2540dcecce80dbc3d8fb5a8/snapshot
Frame ID: 5C961AFD4B70291AC87F7B69EA5C42FB
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NerdWallet: Make all the right money movesNerdWalletNerdWallet

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

84
Requests

98 %
HTTPS

46 %
IPv6

17
Domains

24
Subdomains

25
IPs

4
Countries

1873 kB
Transfer

6945 kB
Size

22
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16673861657000.2621028216586607&invert_field_sensitivity=false HTTP 301
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16673861657000.2621028216586607&invert_field_sensitivity=false

84 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request street-address
analyze.nw-click.com/personal-loan/apply/ 		1 KB
975 B 		Document
General
Check archive.org
Download Go to
Full URL
https://analyze.nw-click.com/personal-loan/apply/street-address
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:e400:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a9673a133346936a8b633f44be08517d374094ef9316eafc2b7367ea7d8c51b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=0, s-maxage=2
content-encoding
gzip
content-type
text/html
date
Wed, 02 Nov 2022 10:49:26 GMT
etag
W/"b61eb7aa3e7f3585887caf4ce0359a0b"
last-modified
Tue, 01 Nov 2022 23:56:54 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
x-amz-cf-id
lZ12S1eTr-feTundrmtksLcLGNExgu5npf0Mn-Buzo7uSP7iPefpeg==
x-amz-cf-pop
DUS51-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
Gotham-Medium--critical.ee5c613487.woff2
www.nerdwallet.com/cdn/fonts/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/cdn/fonts/Gotham-Medium--critical.ee5c613487.woff2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan/apply/street-address
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.42.63 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18157870a65e487555dce9077bd3351b73a34fbdb844c4619b6fb5c530d58273

Request headers

Referer
https://analyze.nw-click.com/
Origin
https://analyze.nw-click.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 10:49:25 GMT
x-amz-version-id
WGxNQy8mBtoftWr2HdFv7vIcvFCp7NaI
cf-cache-status
HIT
x-amz-request-id
VEQ1EKY7GJPVVED4
age
373037
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9436
x-amz-id-2
nx7VaTlEcs5T9L8t+XZvWcTbBDRheWXKcuzwtkfgnqnQqCTXGX7Vc0qRs4SdK/LfREdpeooes1E=
last-modified
Mon, 22 Mar 2021 20:57:27 GMT
server
cloudflare
etag
"ee5c6134876f0895658e48bb0bda8971"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
763c4dad5bf96957-FRA
x-nerd
Edge
Gotham-Book--critical.fdbad282be.woff2
www.nerdwallet.com/cdn/fonts/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/cdn/fonts/Gotham-Book--critical.fdbad282be.woff2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan/apply/street-address
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.42.63 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba8be65746ca30fadff7deb639117ec587a44e0428f89218d70bc5e4888ac308

Request headers

Referer
https://analyze.nw-click.com/
Origin
https://analyze.nw-click.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 10:49:25 GMT
x-amz-version-id
YqixNq.3i6.6M4vrHwt_2_NRU9maJc4k
cf-cache-status
HIT
x-amz-request-id
MSNNRN9Z8H9PA9J3
age
3603725
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9492
x-amz-id-2
GmTBbnxS3ppjOwrPS9fgEn3HIlsU7X4tgpVRz++jUfkdqAGGHfcmTZTc3DApmChvHU5/vl75bY8=
last-modified
Mon, 22 Mar 2021 20:57:29 GMT
server
cloudflare
etag
"fdbad282bee3da1c38146487b9c2f412"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
763c4dad5bfc6957-FRA
x-nerd
Edge
Gotham-Bold--critical.dcf83fb890.woff2
www.nerdwallet.com/cdn/fonts/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/cdn/fonts/Gotham-Bold--critical.dcf83fb890.woff2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan/apply/street-address
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.42.63 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ae4bbc3bbd5733dcaf9302940b4115e5871733f71ab3f3e7250e693b4d05f6d

Request headers

Referer
https://analyze.nw-click.com/
Origin
https://analyze.nw-click.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 10:49:25 GMT
x-amz-version-id
csXDMdMerAERSVKnyZV8Lz_tNycn6X8X
cf-cache-status
HIT
x-amz-request-id
K6JA4JMCBGD6YXRM
age
373035
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9112
x-amz-id-2
rB7pnD3Mya9L+4o1TPKyz7yE5L5aDyVucHQFVZr8vEHiTjKBJSWstgXCsJH8DRGPmpd1tNRn1Zg=
last-modified
Mon, 22 Mar 2021 20:57:29 GMT
server
cloudflare
etag
"dcf83fb8902adcc5fd75fdf6da548573"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
763c4dad5bfd6957-FRA
x-nerd
Edge
ChronicleDisplay-Semibold--critical.2c31edcaf3.woff2
www.nerdwallet.com/cdn/fonts/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/cdn/fonts/ChronicleDisplay-Semibold--critical.2c31edcaf3.woff2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan/apply/street-address
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.42.63 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c45992da4f0169a7651346ef0a4cb27efe93b28a3b80d230a6f428a0e242db65

Request headers

Referer
https://analyze.nw-click.com/
Origin
https://analyze.nw-click.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 10:49:25 GMT
x-amz-version-id
hxLS9BBjDUYsoPEtm4oIowkdM_ODkcgf
cf-cache-status
HIT
x-amz-request-id
2QXA88JK4GHYSCX0
age
8596621
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11012
x-amz-id-2
ojIbqiwc6jJymQqBIukQPVDfk+deNQzpNT5zcJfzaEUYUVLyBGsTxr/hSB7LybswWdTX5GvT18Y=
last-modified
Mon, 22 Mar 2021 20:57:29 GMT
server
cloudflare
etag
"2c31edcaf37bc7ca0ca1103d29b5f5f1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
763c4dad5c006957-FRA
x-nerd
Edge
ChronicleDisplay-Roman--critical.835fdb1566.woff2
www.nerdwallet.com/cdn/fonts/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/cdn/fonts/ChronicleDisplay-Roman--critical.835fdb1566.woff2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan/apply/street-address
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.42.63 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
159c6b1e9f2d3b4d2fc9530c5da40152f37a34551bd0a7fb528f7ff6e3d9d83a

Request headers

Referer
https://analyze.nw-click.com/
Origin
https://analyze.nw-click.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 10:49:25 GMT
x-amz-version-id
TByrbO0kqrqPKmq32uLn3LcxEk8692TL
cf-cache-status
HIT
x-amz-request-id
BE8CXGTBW8T2KBE1
age
6314617
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=0vY1au7cdfHV0Mua0icSEIdq_xcv2FwGKArJBiZRctc-1667386165-0-AbmmTeP3aFfoFH6asJ1D4GKjeJthgSk6s3_Li5g1VKciS3tAwWqulKGwO844ZmNCGo2xJd78_KbpkmhjKJhbxtHjpEbi-wQE1fUryF-Enm4r; report-to cf-csp-endpoint
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10240
x-amz-id-2
/CE67kgQVfrMXHnJLaxq3edYH/LjwVmBlpfWNh7dYNzFMFNhvUnYngbIiLHvbrMqT85Lqt7bGLo=
last-modified
Mon, 22 Mar 2021 20:57:28 GMT
server
cloudflare
etag
"835fdb1566f032e3c41742af1a1ebc3c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=0vY1au7cdfHV0Mua0icSEIdq_xcv2FwGKArJBiZRctc-1667386165-0-AbmmTeP3aFfoFH6asJ1D4GKjeJthgSk6s3_Li5g1VKciS3tAwWqulKGwO844ZmNCGo2xJd78_KbpkmhjKJhbxtHjpEbi-wQE1fUryF-Enm4r"}],"group":"cf-csp-endpoint","max_age":86400}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
763c4dad5bff6957-FRA
x-nerd
Edge
nerdwallet.f307382b.css
analyze.nw-click.com/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analyze.nw-click.com/nerdwallet.f307382b.css
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan/apply/street-address
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:e400:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2532c98639ec6d1bff263f34bac8780c82e35be28df1fa6c2364771f071217dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan/apply/street-address
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 10:49:26 GMT
content-encoding
gzip
via
1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
last-modified
Tue, 01 Nov 2022 23:56:54 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
x-amz-server-side-encryption
AES256
etag
W/"b377b933a101825aed969c6f210f57d7"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
iszv5wvPBADbn6eHaYJDGyRTCej9A-0cAPFrtMYZYpLZqq9F1DgJbw==
nw-pixel-v1.gif
www.nerdwallet.com/blog/wp-content/themes/nerdwallet/assets/tracking/ 		42 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nerdwallet.com/blog/wp-content/themes/nerdwallet/assets/tracking/nw-pixel-v1.gif
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan/apply/street-address
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.42.63 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 10:49:25 GMT
content-security-policy
frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
x-cache-status
HIT
content-security-policy-report-only
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval';
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42
x-xss-protection
1; mode=block;
last-modified
Tue, 01 Nov 2022 23:17:39 GMT
server
cloudflare
etag
"6361a913-2a"
x-frame-options
SAMEORIGIN
vary
Origin, Origin
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
763c4dad5ebc9a15-FRA
x-nerd
Edge
expires
Thu, 31 Dec 2037 23:55:55 GMT
nerdwallet.84131b91.js
analyze.nw-click.com/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://analyze.nw-click.com/nerdwallet.84131b91.js
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan/apply/street-address
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:e400:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f05373bb1fad67127a2552f6b357589b473890beaa567f053103a2e35b5820a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan/apply/street-address
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 10:49:26 GMT
content-encoding
gzip
via
1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
last-modified
Tue, 01 Nov 2022 23:56:54 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
x-amz-server-side-encryption
AES256
etag
W/"23f4346f874031e154d23817fecd2f9a"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
bFPZAnogU-ZU0gXFjSP_vU5yx9iJ6uAE-B0_CLF7ifJjuhbs9qf1GQ==
GenerateToken
leadid.onthebarrelhead.com/2.11.9/ 		36 B
991 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/GenerateToken?msn=1&pid=3495ba54-cdc9-4a3b-8473-4c8de51f0544&_=538136266
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-227-162.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e14ff545bd087c36a18801d36ca836821a4d5becdb633d8457d6a7df548c0125
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Wed, 02 Nov 2022 10:49:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
51
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bootstrap.js
cdn.trustedform.com/
Redirect Chain
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16673861657000.2621028216586607&invert_field_sensitivity=false
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16673861657000.2621028216586607&invert_field_sensitivity=false
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16673861657000.2621028216586607&invert_field_sensitivity=false
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan/apply/street-address
Protocol
H2
Server
2600:9000:20eb:e200:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b38ca12e230a61d08701d7fe2da4b7ec41b510d6af7712cc41b34e8b971de8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 10:49:27 GMT
x-amz-version-id
zf4ijuzvSsU0Tal.ZZJLDHqE7VqwjEi9
content-encoding
gzip
last-modified
Mon, 24 Oct 2022 17:48:28 GMT
server
AmazonS3
via
1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
etag
W/"647d5353b63df3b4ed201da87c98cc2d"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
7g0Xh8WgoAjZX1uW3S6pK5ezvtxC_4ySgpf97GXHAKKDGO5m9Y3xEA==

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16673861657000.2621028216586607&invert_field_sensitivity=false
date
Wed, 02 Nov 2022 10:49:25 GMT
server
awselb/2.0
content-length
134
content-type
text/html
analytics.min.js
cdn.segment.com/analytics.js/v1/y9MooXE9G8HKp9OvwOdnfdGG7A2RJ6zX/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/y9MooXE9G8HKp9OvwOdnfdGG7A2RJ6zX/analytics.min.js
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan/apply/street-address
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.79.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-79-112.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c4c1b1d717b95f71df6aee145bd0bcf9d5783c2437af39325ff4e6f8fb817670

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
QcLVjOy6VnK2U8L0J8JDv1Pd8Yl5cWKa
content-encoding
br
via
1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
date
Wed, 02 Nov 2022 10:49:27 GMT
x-amz-cf-pop
FRA2-C2
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 24 Oct 2022 19:49:52 GMT
server
AmazonS3
etag
W/"220f4c88786a54007569c509167e843b"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
PT55rC0GzKHdYsrszAPRCjUHFieHPYlJyL0zpIQVJF4Grl2ayYKmLA==
session
api.onthebarrelhead.com/api/v1/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.onthebarrelhead.com/api/v1/session
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eec9836759ba8110efefaf0aa0fd87f0de75a8d64ea07d8f5404b0d03a22e49

Request headers

Accept
application/json, text/plain, */*
Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 02 Nov 2022 10:49:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
origin,accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xo%2FeKvQA7lc6zLtV1nbKtPObhucF0tGoLAxIMTmGxSjnKgkorzFcHoRknYcW7%2B92WkF03H1hJ6AOgtLOLF09US%2B4zcntuFVMua%2Bz6VXQ3xy4j7TgLe7uEfsFhiFVDm5mXCSai%2FedLcMmwh81AvnozfpHyvEo"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
cf-ray
763c4db38e33994e-FRA
session
api.onthebarrelhead.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.onthebarrelhead.com/api/v1/session
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://analyze.nw-click.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match
access-control-allow-methods
POST
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
763c4db22b35994e-FRA
date
Wed, 02 Nov 2022 10:49:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2Fq%2FMO1Lw9eoWMWEQ5uSk1nnbfCiosa8f4Q4F%2F020Ky%2F2VLFK1WwE%2B1XCNE%2FFuXRbkfQivBKPfb2iIWxkInhtVuXLFpNGlX8gxyCmkXvvNp%2Bn2AZN5RV%2B9g5hfqaJ%2BdRZw7VN22QOkCYoHqAeJdFu5NKmdnh"}],"group":"cf-nel","max_age":604800}
server
cloudflare
015af01d-2a5f-43f1-b755-0cfa2f14b902
https://analyze.nw-click.com/ 		25 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://analyze.nw-click.com/015af01d-2a5f-43f1-b755-0cfa2f14b902
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan/apply/street-address
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48da1f3149b6e00e95d8ef4a57e773ab558a864b77c96f6019e4cfebe19106a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Length
25754
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 33EC 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=CDE3B035-250D-DD14-FC04-11F37DE22714&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.207 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-207.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
47140
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 01 Nov 2022 21:43:46 GMT
ETag
W/"63472048-dbb"
Last-Modified
Wed, 12 Oct 2022 20:15:04 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
CyNeKFpYSmrGDQZ1Ivs4gGPlXNXk62wgfHLbzW7WJn24T0V62AdMSQ==
X-Amz-Cf-Pop
FRA2-C2
X-Cache
Hit from cloudfront
SaveDom
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/SaveDom?msn=2&pid=3495ba54-cdc9-4a3b-8473-4c8de51f0544&token=CDE3B035-250D-DD14-FC04-11F37DE22714&_=538136267
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-227-162.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Wed, 02 Nov 2022 10:49:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
6
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
iframe.html
deviceid.trueleadid.com/ Frame 73FE 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deviceid.trueleadid.com/iframe.html?token=CDE3B035-250D-DD14-FC04-11F37DE22714&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Requested by
Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=CDE3B035-250D-DD14-FC04-11F37DE22714&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.60.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-60-38.compute-1.amazonaws.com
Software
nginx /
Resource Hash
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer
https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=86400 public
content-encoding
gzip
content-type
text/html
date
Wed, 02 Nov 2022 10:49:26 GMT
etag
W/"632c7ff9-1049"
expires
Thu, 03 Nov 2022 10:49:26 GMT
last-modified
Thu, 22 Sep 2022 15:32:09 GMT
p3p
CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server
nginx
Snap
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/Snap?msn=3&pid=3495ba54-cdc9-4a3b-8473-4c8de51f0544&token=CDE3B035-250D-DD14-FC04-11F37DE22714&_=538136268
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-227-162.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Wed, 02 Nov 2022 10:49:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
7
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
gtm.js
www.googletagmanager.com/ 		217 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MNTN8H2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6079ceda051ac6b7bc6e1dd438e09ac4e90dce8b443e81813321fbc7dac09787
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 10:49:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75292
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 02 Nov 2022 10:49:26 GMT
js
maps.googleapis.com/maps/api/ 		168 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyDS-PiX0T0HhN3K_69LEvUOYySpGxNAaGk&libraries=places
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
9f22f55e382685c2b74290a4d490a4203460de32f8ff8bd36bd391fc870b3008
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 10:49:26 GMT
content-encoding
gzip
server
mafe
vary
Accept-Language
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=21
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56305
x-xss-protection
0
expires
Wed, 02 Nov 2022 11:19:26 GMT
abTests
api.onthebarrelhead.com/api/v1/session/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.onthebarrelhead.com/api/v1/session/abTests
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://analyze.nw-click.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match
access-control-allow-methods
POST
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
763c4db5aa7d994e-FRA
date
Wed, 02 Nov 2022 10:49:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2FsHlrPsLnZ6nLpFtf3ecScR%2B0Yz1mVb7ZMui8rlhl67aD7wOwtgl6TyoNs7skexO2MbdJP5WCGg0d%2FNjU9skcVk3btJ4wGfTq4HJqQVgFHJ18U7PLvKjfnP2rq3L6KK3AalnRnSU%2FeBVO1KQ98%2BLaGDUCrC"}],"group":"cf-nel","max_age":604800}
server
cloudflare
abTests
api.onthebarrelhead.com/api/v1/session/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.onthebarrelhead.com/api/v1/session/abTests
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://analyze.nw-click.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match
access-control-allow-methods
POST
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
763c4db5aa7e994e-FRA
date
Wed, 02 Nov 2022 10:49:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpxttkEVet5XawLyEdgdY8jRMa8KuiQ4ZdhhoHDvhOkYH7Mmp8F1seo%2BUBUfgdEFdMthlQ6uIiVgzYcp19pjMsyb6jw5YJtHNYTag1DhkZ2nZZww%2FXC6Fm0SUJ4qFyqGVUdbVJlnG4K0cbdWeqzWCoc9EzCd"}],"group":"cf-nel","max_age":604800}
server
cloudflare
close.5cc5ece4.svg
analyze.nw-click.com/ 		696 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/close.5cc5ece4.svg
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan/apply/personal-loan-purpose
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:e400:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f70ae41aa3a3a678dd95aaacf5f35876158d43ea42b9a0d78507e975f0220fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan/apply/personal-loan-purpose
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 10:49:27 GMT
via
1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
last-modified
Tue, 01 Nov 2022 23:56:54 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
etag
"0ad83d59b25fdaa509c564ccae081c96"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
696
x-amz-cf-id
kGPsbvwZArl_wQ5-iy2S7JH8Y95aZZrpJ8JuOhhAuYeR6vSBr_lL_Q==
abTests
api.onthebarrelhead.com/api/v1/session/ 		41 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.onthebarrelhead.com/api/v1/session/abTests
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65efeea4aecdaf23032a0599c4a54eaa60acf6884e73d8cbbcc0eedf938e909e

Request headers

Accept
application/json, text/plain, */*
Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
Authorization
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJmYTcxMTg2ODY0YjU0MjIwYTZmNGI2MGU4NzUzMzEyMCIsImlhdCI6MTY2NzM4NjE2NiwiZXhwIjoxNjY3NDcyNTY2LCJ2IjoiMiIsInN1YiI6NzAwMjk4MDh9.zOJqWafb_440N270avZA3DYmyfa5-Dx6tor77lMcaAI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 02 Nov 2022 10:49:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b31g4p0LL4cEZ1ItryPJJpaa4RBZ92ygz6Xxc01ZVGlCgs7t2HqJNMMdfslunuLo1HONyeTQOJhiz1%2FAdN64RQQLLW3jCPx2oI4ax%2Fr87zK437vCEArHlAZHuWzDsOkbKD4VXCGF3H5M8v2rUT0Rr6lwFmV3"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
cf-ray
763c4db66ca6994e-FRA
abTests
api.onthebarrelhead.com/api/v1/session/ 		70 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.onthebarrelhead.com/api/v1/session/abTests
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e11e77e27dc3aa0f88cfd097cf531143fdbade81bd2d4c0175c05c9b5d156dfe

Request headers

Accept
application/json, text/plain, */*
Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
Authorization
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJmYTcxMTg2ODY0YjU0MjIwYTZmNGI2MGU4NzUzMzEyMCIsImlhdCI6MTY2NzM4NjE2NiwiZXhwIjoxNjY3NDcyNTY2LCJ2IjoiMiIsInN1YiI6NzAwMjk4MDh9.zOJqWafb_440N270avZA3DYmyfa5-Dx6tor77lMcaAI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 02 Nov 2022 10:49:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vcU1PrVW9DW%2F3NhSmuXfLYzan1q8X390c64%2FOGkKrPScVvi2hJ1iJu1j89AoJKoRJSA6xDkhDrs4t0K5gyO6LIpjfCW43TJ7n1Dyj4dAVjZo8GIpVPD0D9i3mqJ%2F4PQJgxFFaphWzDf5PiyW1UBcafl2F%2BKx"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
cf-ray
763c4db70e12994e-FRA
supergraph
www.nerdwallet.com/api/ 		90 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/api/supergraph
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.42.63 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a709f64c0ad4ed779c79dc322da24427b9f84153535d642b027395b01be8c7a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept
*/*
Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
x-caller-client-id
analyze
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
x-client-platform
web
content-type
application/json

Response headers

date
Wed, 02 Nov 2022 10:49:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-security-policy
frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
content-security-policy-report-only
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval';
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
server
cloudflare
etag
W/"5a-HjoFZyoNa7LnW/3egUQEkuk7BQs"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
763c4db70f93915c-FRA
x-nerd
Edge
events
api.onthebarrelhead.com/api/v1/session/ 		171 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.onthebarrelhead.com/api/v1/session/events
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f867b075c857ced38cd2083228f4d8e0dbe97f3bdea5582c1dd31d7c4cc69fea

Request headers

Accept
application/json, text/plain, */*
Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
Authorization
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJmYTcxMTg2ODY0YjU0MjIwYTZmNGI2MGU4NzUzMzEyMCIsImlhdCI6MTY2NzM4NjE2NiwiZXhwIjoxNjY3NDcyNTY2LCJ2IjoiMiIsInN1YiI6NzAwMjk4MDh9.zOJqWafb_440N270avZA3DYmyfa5-Dx6tor77lMcaAI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 02 Nov 2022 10:49:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s8Ng7HEWBTV1T%2Fbz7PWJ9uSvprxIaKyjhf6BA87FfU3ujvd5VrtBH2MczyBYFMlNojFvBpRnm3iA49xaFMMO5VW3Rxk55OU0ZqKniZTjzkrWi59cD0eZvIECfOu2%2BP19KssSVbhw4STvZBsulRs0l1lpznQp"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
cf-ray
763c4db73e7a994e-FRA
content-length
171
supergraph
www.nerdwallet.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/api/supergraph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.42.63 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-caller-client-id,x-client-platform
Access-Control-Request-Method
POST
Origin
https://analyze.nw-click.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-caller-client-id,x-client-platform
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
763c4db5be4a6957-FRA
content-security-policy
frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
content-security-policy-report-only
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=VQm2Nc6glrcYbI3e1MMeadkarQdCMKqzmkOLkZEw6Vs-1667386166-0-AUwWIRHuGcpVmRsifpz-p6cc2iqZUdT-QZJXTarKr7czx-SW5dpwCJtV5KY99aGiVVNz8m01USTbqKVLufWAZEt_KwTMkk1t1W8fQg5AEBgw; report-to cf-csp-endpoint
date
Wed, 02 Nov 2022 10:49:26 GMT
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=VQm2Nc6glrcYbI3e1MMeadkarQdCMKqzmkOLkZEw6Vs-1667386166-0-AUwWIRHuGcpVmRsifpz-p6cc2iqZUdT-QZJXTarKr7czx-SW5dpwCJtV5KY99aGiVVNz8m01USTbqKVLufWAZEt_KwTMkk1t1W8fQg5AEBgw"}],"group":"cf-csp-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Access-Control-Request-Headers, Origin, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-nerd
Edge
x-xss-protection
1; mode=block;
events
api.onthebarrelhead.com/api/v1/session/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.onthebarrelhead.com/api/v1/session/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://analyze.nw-click.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match
access-control-allow-methods
POST
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
763c4db5bab0994e-FRA
date
Wed, 02 Nov 2022 10:49:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ba3kyBs9l7KjldB8JMfbtdLIcsH%2FKidQwJB%2BKb7lbnNKJlgZUL9fCqkx8wQHHIPxGBblbpbhPx9nbaOZElQk3uV0ZLaOCywkjgUIUruwSexNkYP6fdylK4GkPBOS7uF%2FvLBhjjeBTAuFIh%2FYl0ZA%2BZqp%2BQh"}],"group":"cf-nel","max_age":604800}
server
cloudflare
replay
session-replay.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.17.1%2Cservice%3Aanalyze-front-end&dd-api-key=puba17748089e0d77f22b4c6dfedca76a53&dd-evp-origin-version=4.17.1&dd-evp-origin=browser&dd-request-id=9a0a77fc-617c-4189-9b75-7579d9ac7358
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:dc17:b01c:c3d9:f3be Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryUQXaWI1HMBfWegAn

Response headers
supergraph
www.nerdwallet.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/api/supergraph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.42.63 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-caller-client-id,x-client-platform
Access-Control-Request-Method
POST
Origin
https://analyze.nw-click.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-caller-client-id,x-client-platform
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
763c4db5be596957-FRA
content-security-policy
frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
content-security-policy-report-only
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval';
date
Wed, 02 Nov 2022 10:49:26 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Access-Control-Request-Headers, Origin, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-nerd
Edge
x-xss-protection
1; mode=block;
events
api.onthebarrelhead.com/api/v1/session/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.onthebarrelhead.com/api/v1/session/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://analyze.nw-click.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match
access-control-allow-methods
POST
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
763c4db5bac6994e-FRA
date
Wed, 02 Nov 2022 10:49:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3HjkrrqvtHw2KX%2FIgI1kx6nFu3ouj4LD%2BxuLHfHeHnNjhFaATr9S%2B8uJ928YhPWx5MJD5zU4UGk3V%2FZRpqsLSZ7RWZQFShTJdsuaYMku6cvQBuAL8x4%2FqIa6HEZlPjVwAA9XYZIqv9VjyuFQZWJiu%2FC648uR"}],"group":"cf-nel","max_age":604800}
server
cloudflare
supergraph
www.nerdwallet.com/api/ 		90 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/api/supergraph
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.42.63 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a709f64c0ad4ed779c79dc322da24427b9f84153535d642b027395b01be8c7a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept
*/*
Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
x-caller-client-id
analyze
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
x-client-platform
web
content-type
application/json

Response headers

date
Wed, 02 Nov 2022 10:49:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-security-policy
frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
content-security-policy-report-only
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval';, script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=StZ8bhzLlgJ93E6MLmDXraRK8e_PPkrKbUJD2J7MtiQ-1667386167-0-AclvCdk5zJvtFdQ7J3KHujWIZ4dw4c6XcK94x1Mx8z0F-fsQcHMsNCCHdbFUhVP6_laVVgt9RmCLij-uIj5CRD8R6kSZX6ImIGPNm2h-HqKM; report-to cf-csp-endpoint
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
server
cloudflare
etag
W/"5a-HjoFZyoNa7LnW/3egUQEkuk7BQs"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=StZ8bhzLlgJ93E6MLmDXraRK8e_PPkrKbUJD2J7MtiQ-1667386167-0-AclvCdk5zJvtFdQ7J3KHujWIZ4dw4c6XcK94x1Mx8z0F-fsQcHMsNCCHdbFUhVP6_laVVgt9RmCLij-uIj5CRD8R6kSZX6ImIGPNm2h-HqKM"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
cf-ray
763c4db70f82915c-FRA
x-nerd
Edge
events
api.onthebarrelhead.com/api/v1/session/ 		178 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.onthebarrelhead.com/api/v1/session/events
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beace6af9719e224bc2cc92a9af7c4609b003962cd0c9e27a66bc8a11c6cd031

Request headers

Accept
application/json, text/plain, */*
Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
Authorization
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJmYTcxMTg2ODY0YjU0MjIwYTZmNGI2MGU4NzUzMzEyMCIsImlhdCI6MTY2NzM4NjE2NiwiZXhwIjoxNjY3NDcyNTY2LCJ2IjoiMiIsInN1YiI6NzAwMjk4MDh9.zOJqWafb_440N270avZA3DYmyfa5-Dx6tor77lMcaAI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 02 Nov 2022 10:49:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1AuinAGGIqvsX0H3aneGhwG236X0M%2BwG7d8VmzrmUH1HWck2hqTqiK5crmiMGyMkkVWwhEaDo8ys6atin9%2B%2BM%2FJovEabYUivo7LFzNg7zvWenHgwdAelkqSE4btd%2F0GUuDaaznHkmlpJo7xSC2KDRNzf0%2FlM"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
cf-ray
763c4db72e52994e-FRA
content-length
178
settings
cdn.segment.com/v1/projects/y9MooXE9G8HKp9OvwOdnfdGG7A2RJ6zX/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/y9MooXE9G8HKp9OvwOdnfdGG7A2RJ6zX/settings
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.79.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-79-112.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ac5c8700425310ef8e5dd04cc42515831c0893f0137255bdf49c4f29782ab8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
quEYcqPjz5HZqgT5dGoscvRxRKMvGSqg
content-encoding
br
via
1.1 03d509e8374e9f42668961b5e0201348.cloudfront.net (CloudFront)
date
Wed, 02 Nov 2022 10:49:26 GMT
x-amz-cf-pop
FRA2-C2
age
5513
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 31 Oct 2022 17:39:29 GMT
server
AmazonS3
etag
W/"9a905a3d64738bd0c4b6f88f651f4fbb"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
z1weaayCljp4LrM2UnTRMTgIJFQ3KTPW45nd4FsPdJ0gdRO7DHGDlA==
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 10:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23
x-xss-protection
0
SaveDeviceId.js
leadid.onthebarrelhead.com/2.11.9/ Frame 73FE 		0
960 B 		Script
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/SaveDeviceId.js?lac=22813350-8774-3000-19AC-FC31C47988BB&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&methods=48&token=CDE3B035-250D-DD14-FC04-11F37DE22714&uuid=71de95d2739f43b1a47d6bd083aa954b
Requested by
Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=CDE3B035-250D-DD14-FC04-11F37DE22714&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-227-162.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deviceid.trueleadid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Wed, 02 Nov 2022 10:49:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
6
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNTN8H2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 02 Nov 2022 10:49:26 GMT
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F45C51640D324733B32C86FDC2625194 Ref B: FRA31EDGE0113 Ref C: 2022-11-02T10:49:26Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11376
hotjar-542041.js
static.hotjar.com/c/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-542041.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNTN8H2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-39.dus51.r.cloudfront.net
Software
/
Resource Hash
9b2a68da166d5625e2219efa60ef2420d9b34dfc2d5dcaa35493d1e3e5cc65ce
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 10:49:26 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 3395b043e03ecb4acfd925a6e5a26e92.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
etag
W/be18f41bfeb3f18fa469a97c1ae35d59
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
ms1JpyjFVnITFIN97INLxfC7WfaxuTl-a-MEDcRNf3_eKm9qxLexnQ==
events.js
analytics.tiktok.com/i18n/pixel/ 		136 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9682D3C77U9N0P9530G&lib=ttq
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan/apply/street-address
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-103-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c775dcb815c4a9b8ab62ff7f78697ee4dcbc5da721cc2df20f67bd578b55ef21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Nov 2022 10:49:26 GMT
content-encoding
gzip
x-akamai-request-id
91460167
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
202211021049267142E3DD824D0BEBE126
vary
Accept-Encoding
x-cache
TCP_MISS from a184-86-102-210.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
95,184.86.102.210
x-tt-trace-host
01e659fa391cca2bb20b63ebffcf3d39726c5793542dacac2129abbbbb61584c9226499b71b7108cacc5f7930caa939c2815e44f1d30cb51e26a58711665763ca4df48b9725909dda3ce55d66698401efd
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=94
expires
Wed, 02 Nov 2022 10:49:26 GMT
js
www.googletagmanager.com/gtag/ 		185 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X4363VV9ZN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNTN8H2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bf066f33245856a1bab0cd619969641a5340f55bc9b8528f7ecbb584852ed95f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 10:49:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
69016
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 02 Nov 2022 10:49:26 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan/apply/street-address
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 02 Nov 2022 10:49:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27337
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
jaeKWejdAlLY6G1s9ASmPVFms111kKpCubG01gRRL+kHcuUjb5piksuvkLlfzKqzbOE7QonvGC4RG7s+tUPRxw==
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
ajs-destination.bundle.69f445038fee7a77bb89.js
cdn.segment.com/analytics-next/bundles/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.69f445038fee7a77bb89.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/y9MooXE9G8HKp9OvwOdnfdGG7A2RJ6zX/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.79.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-79-112.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a856c49200096e83ed1a3612d4b4fcb1961a1f66f1a5f78c19bb71e31b98d221

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 18:56:55 GMT
x-amz-version-id
R9iis8zxPUzbYG2v9lARGoizVOYozofb
content-encoding
br
via
1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
1698752
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 13 Oct 2022 18:09:00 GMT
server
AmazonS3
etag
W/"a92b4438941110932485ba4d769e9fcf"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
GrXUu4vPFOnmENDzTm9uOoOiJmtqapb_JCMuA7wQy8swaoBHPdqetw==
rum
rum.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.17.1%2Cservice%3Aanalyze-front-end&dd-api-key=puba17748089e0d77f22b4c6dfedca76a53&dd-evp-origin-version=4.17.1&dd-evp-origin=browser&dd-request-id=c7de65ee-8302-41b9-b5e8-8baa8d522c2e&batch_time=1667386166767
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:6ab1:aefc:4ed:7c71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
schemaFilter.bundle.debb169c1abb431faaa6.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/y9MooXE9G8HKp9OvwOdnfdGG7A2RJ6zX/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.79.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-79-112.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 05:01:05 GMT
x-amz-version-id
Av4L57knpBWVXQ2LY3wI0QazLgotJtGS
content-encoding
gzip
via
1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
3736102
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 04:11:19 GMT
server
AmazonS3
etag
W/"3e448afdfea355c0f19700d04431ce7d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
UE75ItuQf_XFtsOSXPBEh62Z0J_6Ed6CwGXXRd6hz_w9wm3TtiYPLQ==
ed984d68b220640a83ac.js
cdn.segment.com/next-integrations/actions/amplitude-plugins/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/actions/amplitude-plugins/ed984d68b220640a83ac.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/y9MooXE9G8HKp9OvwOdnfdGG7A2RJ6zX/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.79.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-79-112.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64445cdba1784cfe6dc6664a9d3ecde1d38565d04e349c6880db5f906bbd3aca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
ezoM5m0K7bvFDT3vhFqu5Oz2y3a.hU7Y
content-encoding
gzip
via
1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
date
Wed, 02 Nov 2022 01:27:39 GMT
x-amz-cf-pop
FRA2-C2
age
33739
x-cache
Hit from cloudfront
last-modified
Thu, 27 Oct 2022 22:49:52 GMT
server
AmazonS3
etag
W/"93735322fe38b377fdda31af7a1e04d0"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
5yBYdxRnsTsg2qJXLJqxwCJwwHfY6k8OE0Er9Kx-fniEUAbHHl6wfQ==
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.89
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 02 Nov 2022 10:49:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20715
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
wli1MSpfmEjLjFQ+sBJ+SleHWXDqkVk/b18ImEbnnwQukkhp8QlPxq3k8JiWlzSTzPSfD1IjpC7+/YVf74/Mbw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
145605262667436
connect.facebook.net/signals/config/ 		297 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/145605262667436?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
91958cefff55066c68c82e9a183cf104b79698bda9f2575e754559a04632fb99
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 02 Nov 2022 10:49:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Cck4UIDUQfHCGtJ0/s+zK2sz8J2Z6fr+ledU8/3RWQ2dnJAEgOFHDo/GQhWCfj86SOKmT6fEx4ctiwPLwr9jtQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
688.js
cdn.segment.com/next-integrations/actions/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/actions/688.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/amplitude-plugins/ed984d68b220640a83ac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.79.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-79-112.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1f63019de0e822b458883425231102caffd2264c09769a6e84e7a5264b41163a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
C1PVSL7XhnBKu.dHuu6nhSVC0dY1.k1s
content-encoding
gzip
via
1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
date
Wed, 02 Nov 2022 05:16:40 GMT
x-amz-cf-pop
FRA2-C2
age
67533
x-cache
Hit from cloudfront
last-modified
Thu, 27 Oct 2022 22:49:51 GMT
server
AmazonS3
etag
W/"76e7b0ae7fedc42778084c894ea9d0dc"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
Vjp6q419mQJHq72im0Q93fxAjgMxzeldu6aFWpK4BlZwIVC0-I71iw==
collect
region1.google-analytics.com/g/ 		0
351 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-X4363VV9ZN&gtm=2oeav0&_p=766333397&cid=2051988616.1667386167&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667386166&sct=1&seg=0&dl=https%3A%2F%2Fanalyze.nw-click.com%2Fpersonal-loan%2Fapply%2Fpersonal-loan-purpose&dt=NerdWallet%3A%20Make%20all%20the%20right%20money%20moves&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X4363VV9ZN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Nov 2022 10:49:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://analyze.nw-click.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5715165.js
bat.bing.com/p/action/ 		0
120 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5715165.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Wed, 02 Nov 2022 10:49:26 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7FDB1B85ECCC4AF492473B6A5974AB85 Ref B: FRA31EDGE0113 Ref C: 2022-11-02T10:49:26Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5715165&tm=gtm002&Ver=2&mid=a232cd35-7f08-4b61-a82c-e685913f174b&sid=054c19805a9c11ed9569e9c99421ce3c&vid=054c34e05a9c11ed881a4735403b8f00&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=NerdWallet%3A%20Make%20all%20the%20right%20money%20moves&p=https%3A%2F%2Fanalyze.nw-click.com%2Fpersonal-loan%2Fapply%2Fpersonal-loan-purpose&r=&lt=1048&evt=pageLoad&sv=1&rn=221970
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan/apply/personal-loan-purpose
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 02 Nov 2022 10:49:26 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9B2858366F3A43C688BBD04BC435912E Ref B: FRA31EDGE0113 Ref C: 2022-11-02T10:49:26Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
api.segment.io/v1/ 		21 B
177 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/i
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.48.34 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-48-34.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://analyze.nw-click.com
date
Wed, 02 Nov 2022 10:49:27 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
t
api.segment.io/v1/ 		21 B
177 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/t
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.48.34 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-48-34.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://analyze.nw-click.com
date
Wed, 02 Nov 2022 10:49:27 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
p
api.segment.io/v1/ 		21 B
178 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.48.34 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-48-34.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://analyze.nw-click.com
date
Wed, 02 Nov 2022 10:49:27 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
p
api.segment.io/v1/ 		21 B
177 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.48.34 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-48-34.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://analyze.nw-click.com
date
Wed, 02 Nov 2022 10:49:27 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
Snap
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/Snap?msn=4&pid=3495ba54-cdc9-4a3b-8473-4c8de51f0544&token=CDE3B035-250D-DD14-FC04-11F37DE22714&_=538136269
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-227-162.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Wed, 02 Nov 2022 10:49:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
6
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
modules.08d6096bb89b8adf5885.js
script.hotjar.com/ 		254 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.08d6096bb89b8adf5885.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-542041.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-86.dus51.r.cloudfront.net
Software
/
Resource Hash
2cbacba1769bfeef8121a884ec72f759b864ae6d8358f9562a7f39ddf5df02c8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 09:24:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
age
5120
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
66129
last-modified
Wed, 02 Nov 2022 09:23:34 GMT
etag
"7adf461173eec55d2fe9e251b1e92fb5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
NneezPFl29Lf0Npho9Mf2eZ9w06LbD1NOw5H9WZFpBbwvy5BC5hYxA==
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=145605262667436&ev=PageView&dl=https%3A%2F%2Fanalyze.nw-click.com%2Fpersonal-loan%2Fapply%2Fpersonal-loan-purpose&rl=&if=false&ts=1667386166917&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667386166916.216740755&it=1667386166795&coo=false&rqm=GET
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan/apply/personal-loan-purpose
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 02 Nov 2022 10:49:26 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
box-c1417f7b48595d0dbca01c86f95d6dbb.html
vars.hotjar.com/ Frame 84C7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-542041.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-53.dus51.r.cloudfront.net
Software
/
Resource Hash
c0a4830af55fb7faabcbe34e804d186959aac83e6832495817e0e62122d2748f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://analyze.nw-click.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1301840
cache-control
max-age=31536000
content-encoding
br
content-length
1035
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 18 Oct 2022 09:12:06 GMT
etag
"d2c298a660a1ee92f094a3d504e3e2e6"
last-modified
Tue, 18 Oct 2022 09:11:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
x-amz-cf-id
CL84y-duJM3CjYVJOvs1x8u_ajPRApH6LRTMfQOEGsaUcPyhcYzmtQ==
x-amz-cf-pop
DUS51-P2
x-cache
Hit from cloudfront
x-robots-tag
none
visit-data
in.hotjar.com/api/v2/client/sites/542041/ 		147 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/542041/visit-data?sv=7
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.44.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-44-244.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
23084b00ffe368652957dcb8afc244c1c432069472e90048b07634fccd27440b

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Wed, 02 Nov 2022 10:49:27 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9682D3C77U9N0P9530G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-103-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
83cf8149ef742c4af7261b8fb4029470a341d867454da9f8fc145042cc1e5c52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Nov 2022 10:49:27 GMT
content-encoding
gzip
x-akamai-request-id
91460327
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
202211021049279CB7FFABFC9ECB36927B
vary
Accept-Encoding
x-cache
TCP_MISS from a184-86-102-210.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
98,184.86.102.210
x-tt-trace-host
01e659fa391cca2bb20b63ebffcf3d39726c5793542dacac2129abbbbb61584c9225d9136a1616dbc23aeca640361a793b74c35fbdc19a94ecfdc03c913ae8eab9f35b0c050a7c0925a7dd94d3f46fdec3
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=98
expires
Wed, 02 Nov 2022 10:49:27 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		860 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C9682D3C77U9N0P9530G&hostname=analyze.nw-click.com
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9682D3C77U9N0P9530G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-103-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e6f74b7febfa0a8adebc228bae002098d43710d7203f00ca9bcd13f04b589816

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-akamai-request-id
6f115b2.9146036e
date
Wed, 02 Nov 2022 10:49:27 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a184-86-102-210.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-parent-response-time
94,184.86.102.210
server-timing
cdn-cache; desc=MISS, edge; dur=90, origin; dur=7, inner; dur=3
content-length
343
pragma
no-cache
server
nginx
x-tt-logid
20221102104927AE3CFB369B13D239A856
x-cache-remote
TCP_MISS from a23-218-223-15.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
7,23.218.223.15
x-tt-trace-host
01e659fa391cca2bb20b63ebffcf3d3972028b34133228010e6f1336dd1c87a0a85b72edfe80182c5d9746ea63e2574d2edca52c67b0bb1d350ff0432b55db29e27e29b402e737d17fcd9584d93fd299a350daa52c264cfa1b5002021559b4477d
expires
Wed, 02 Nov 2022 10:49:27 GMT
rum
rum.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.17.1%2Cservice%3Aanalyze-front-end&dd-api-key=puba17748089e0d77f22b4c6dfedca76a53&dd-evp-origin-version=4.17.1&dd-evp-origin=browser&dd-request-id=5407faa2-bad4-4075-a027-0d4c3ee13b9c&batch_time=1667386167102
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:6ab1:aefc:4ed:7c71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
content
ws17.hotjar.com/api/v2/sites/542041/recordings/ 		66 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws17.hotjar.com/api/v2/sites/542041/recordings/content
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.89.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-89-118.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cdcbdeb846fc52c0a783abd5b99bb08184a1aaec3148d7e4e6605195987a9d85

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Wed, 02 Nov 2022 10:49:27 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
InitFormData
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/InitFormData?msn=5&pid=3495ba54-cdc9-4a3b-8473-4c8de51f0544&token=CDE3B035-250D-DD14-FC04-11F37DE22714&_=538136270
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-227-162.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Wed, 02 Nov 2022 10:49:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
6
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
692 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9682D3C77U9N0P9530G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-103-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
19b1156c.9146044e
date
Wed, 02 Nov 2022 10:49:27 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a184-86-102-210.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-parent-response-time
104,184.86.102.210
server-timing
cdn-cache; desc=MISS, edge; dur=90, origin; dur=17, inner; dur=14
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20221102104927534C1E6474DB5D325838
x-cache-remote
TCP_MISS from a23-218-223-22.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
17,23.218.223.22
x-tt-trace-host
01e659fa391cca2bb20b63ebffcf3d3972028b34133228010e6f1336dd1c87a0a8fc757c9f5fc484cae63da358390f193080f2edfd5659f2962dffb248cd64b4e820af8b0e12756b1d015287c126d2d7e88d6a8b3962be5e97153233ccdc39a992
expires
Wed, 02 Nov 2022 10:49:27 GMT
certs
api.trustedform.com/ Frame 5D00 		475 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16673861657000.2621028216586607&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.64.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-64-108.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
4edd67998bca05b0decc68a8d0f12a618f0abf5c3a6815a64a503ba7c1b83c72

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Nov 2022 10:49:27 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
475
trustedform-1.8.30.js
cdn.trustedform.com/ 		99 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/trustedform-1.8.30.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16673861657000.2621028216586607&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:e200:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6cdacbf051630f7d0e1f669c81e43a897165a3f7909adb2ec5b73ab0d8fa8863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
C4KqA2Ml8NtIH1tcFWoBNv3GWDN3hi8K
content-encoding
gzip
via
1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
date
Wed, 02 Nov 2022 10:49:27 GMT
last-modified
Mon, 24 Oct 2022 17:48:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
17
etag
W/"a5b5dad6197e972a745a719bfccfb334"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
J6ApGgG8x4MxwGIjRY3b99TP4I_hiHOU0znUUGFas7KJxdlzcag6Bw==
snapshot
api.trustedform.com/certs/0d6b25f48e5fe590c2540dcecce80dbc3d8fb5a8/ Frame 5C96 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/0d6b25f48e5fe590c2540dcecce80dbc3d8fb5a8/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.30.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.64.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-64-108.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 02 Nov 2022 10:49:27 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
close.5cc5ece4.svg
analyze.nw-click.com/ 		696 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/close.5cc5ece4.svg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.30.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:e400:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f70ae41aa3a3a678dd95aaacf5f35876158d43ea42b9a0d78507e975f0220fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan/apply/personal-loan-purpose
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 10:49:28 GMT
via
1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
last-modified
Tue, 01 Nov 2022 23:56:54 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
etag
"0ad83d59b25fdaa509c564ccae081c96"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
696
x-amz-cf-id
VzfVAZlPNLOz4vkPQ0t7C413G2uqRSd6AVUk9yOjDfqSY2Tow7H0_g==
nw-pixel-v1.gif
www.nerdwallet.com/blog/wp-content/themes/nerdwallet/assets/tracking/ 		42 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nerdwallet.com/blog/wp-content/themes/nerdwallet/assets/tracking/nw-pixel-v1.gif
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.30.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.42.63 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 10:49:27 GMT
content-security-policy
frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
x-cache-status
HIT
content-security-policy-report-only
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval';
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42
x-xss-protection
1; mode=block;
last-modified
Tue, 01 Nov 2022 23:17:39 GMT
server
cloudflare
etag
"6361a913-2a"
x-frame-options
SAMEORIGIN
vary
Origin, Origin
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
763c4dbbefa4696f-FRA
x-nerd
Edge
expires
Thu, 31 Dec 2037 23:55:55 GMT
fingerprints
api.trustedform.com/certs/0d6b25f48e5fe590c2540dcecce80dbc3d8fb5a8/ Frame 5C96 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/0d6b25f48e5fe590c2540dcecce80dbc3d8fb5a8/fingerprints
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.30.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.64.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-64-108.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 02 Nov 2022 10:49:27 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
0
bat.bing.com/action/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5715165&tm=gtm002&Ver=2&mid=a232cd35-7f08-4b61-a82c-e685913f174b&sid=054c19805a9c11ed9569e9c99421ce3c&vid=054c34e05a9c11ed881a4735403b8f00&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=NerdWallet%3A%20Make%20all%20the%20right%20money%20moves&p=https%3A%2F%2Fanalyze.nw-click.com%2Fpersonal-loan%2Fapply%2Fpersonal-loan-purpose&r=&lt=1048&evt=pageLoad&sv=1&rn=221970
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 02 Nov 2022 10:49:26 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3BAD55F0CF08409AAA53D280CAC0B263 Ref B: FRA31EDGE0113 Ref C: 2022-11-02T10:49:27Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		10 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
text/javascript
Snap
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/Snap?msn=6&pid=3495ba54-cdc9-4a3b-8473-4c8de51f0544&token=CDE3B035-250D-DD14-FC04-11F37DE22714&_=538136271
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-227-162.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Wed, 02 Nov 2022 10:49:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
9
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
InitFormData
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/InitFormData?msn=7&pid=3495ba54-cdc9-4a3b-8473-4c8de51f0544&token=CDE3B035-250D-DD14-FC04-11F37DE22714&_=538136272
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-227-162.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Wed, 02 Nov 2022 10:49:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
7
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
events
api.trustedform.com/certs/0d6b25f48e5fe590c2540dcecce80dbc3d8fb5a8/ Frame 5C96 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/0d6b25f48e5fe590c2540dcecce80dbc3d8fb5a8/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.30.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.64.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-64-108.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 02 Nov 2022 10:49:28 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=145605262667436&ev=Microdata&dl=https%3A%2F%2Fanalyze.nw-click.com%2Fpersonal-loan%2Fapply%2Fpersonal-loan-purpose&rl=&if=false&ts=1667386168433&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22NerdWallet%3A%20Make%20all%20the%20right%20money%20moves%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1667386166916.216740755&it=1667386166795&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 02 Nov 2022 10:49:28 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
rum
rum.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.17.1%2Cservice%3Aanalyze-front-end&dd-api-key=puba17748089e0d77f22b4c6dfedca76a53&dd-evp-origin-version=4.17.1&dd-evp-origin=browser&dd-request-id=48135f91-f71b-43a8-aade-54f53a483d29&batch_time=1667386168455
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:6ab1:aefc:4ed:7c71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
Snap
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/Snap?msn=8&pid=3495ba54-cdc9-4a3b-8473-4c8de51f0544&token=CDE3B035-250D-DD14-FC04-11F37DE22714&_=538136273
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.84131b91.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-227-162.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Wed, 02 Nov 2022 10:49:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
6
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
events
api.trustedform.com/certs/0d6b25f48e5fe590c2540dcecce80dbc3d8fb5a8/ Frame 5C96 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/0d6b25f48e5fe590c2540dcecce80dbc3d8fb5a8/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.30.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.64.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-64-108.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 02 Nov 2022 10:49:29 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
common.js
maps.googleapis.com/maps-api-v3/api/js/50/11/intl/de_ALL/ 		248 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/50/11/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDS-PiX0T0HhN3K_69LEvUOYySpGxNAaGk&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bddfaaad79beedbe9f0177b5b33b096506cb6542fc0315e2ddbffe030b4b999
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 20:52:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
568609
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69703
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 20:31:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Oct 2023 20:52:42 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/50/11/intl/de_ALL/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/50/11/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDS-PiX0T0HhN3K_69LEvUOYySpGxNAaGk&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd2587512bbcd4f45c767726b700aa3b416456aeab1ddf241c5f50618692c34c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 20:52:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
568609
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61976
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 20:31:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Oct 2023 20:52:42 GMT

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| regeneratorRuntime object| LeadiDconfig object| LeadiD object| DD_RUM object| analytics function| parcelRequire object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording object| defaultStyleFrame object| dataLayer object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| google object| module$contents$mapsapi$overlay$overlayView_OverlayView object| google_tag_manager object| google_tag_data function| hj object| _hjSettings string| TiktokAnalyticsObject object| ttq function| fbq function| _fbq object| webpackChunk_name_Destination function| amplitude-pluginsDestination object| gaGlobal function| UET function| UET_init function| UET_push object| ueto_09ebe515ce object| uetq object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge string| label string| id boolean| sensitiveData

22 Cookies

Domain/Path Name / Value
.www.nerdwallet.com/ Name: __cf_bm
Value: 8DbwEaZ5wC.h7Uzn_wr6ORm..kOoyoWeotzk_zZkos0-1667386165-0-AYqUeobvvoS3TQAs0Gy/v5XCGrfs4SiMV69ziIDXgIUVcwgEnByPAn/HdBXPCFmOsPLgjiqOJj0Kd0KusDfL7lDFfFot9OSkwMyZh+bbvjPW
.www.nerdwallet.com/ Name: __cfruid
Value: b9cbceb7f3423d165c7cb8723fe07714ea3c4b7a-1667386165
analyze.nw-click.com/ Name: leadid_token-22813350-8774-3000-19AC-FC31C47988BB-6A646C57-A079-2DAF-11AA-FA12E35CE4D2
Value: CDE3B035-250D-DD14-FC04-11F37DE22714
.deviceid.trueleadid.com/ Name: uuid
Value: 71de95d2739f43b1a47d6bd083aa954b
.nw-click.com/ Name: _gcl_au
Value: 1.1.1735676449.1667386167
.bing.com/ Name: MUID
Value: 116AC5B6BA8F6FA833A3D7E6BB236EF9
.nw-click.com/ Name: _ga_X4363VV9ZN
Value: GS1.1.1667386166.1.0.1667386166.0.0.0
.nw-click.com/ Name: _ga
Value: GA1.1.2051988616.1667386167
.nw-click.com/ Name: ajs_anonymous_id
Value: 413f8ed6-af03-4f06-9fe9-749806a27afc
.nw-click.com/ Name: _uetsid
Value: 054c19805a9c11ed9569e9c99421ce3c
.nw-click.com/ Name: _uetvid
Value: 054c34e05a9c11ed881a4735403b8f00
.nw-click.com/ Name: _fbp
Value: fb.1.1667386166916.216740755
.nw-click.com/ Name: _hjSessionUser_542041
Value: eyJpZCI6ImEyNmRmM2U4LTJkZGQtNWQyNC05Y2EzLTY3ZTE1NDgzZWIxYyIsImNyZWF0ZWQiOjE2NjczODYxNjY5NzAsImV4aXN0aW5nIjpmYWxzZX0=
.nw-click.com/ Name: _hjFirstSeen
Value: 1
analyze.nw-click.com/ Name: _hjIncludedInSessionSample
Value: 1
.nw-click.com/ Name: _hjSession_542041
Value: eyJpZCI6ImIxNjg0ZjY5LWUzNjMtNDA5MC04ZTRjLTRlMzhhMGZjN2MzMyIsImNyZWF0ZWQiOjE2NjczODYxNjcwMTEsImluU2FtcGxlIjp0cnVlfQ==
.nw-click.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.tiktok.com/ Name: _ttp
Value: 2GzKr51pOujK9k4euQ2zMVcFiy5
.nw-click.com/ Name: _tt_enable_cookie
Value: 1
.nw-click.com/ Name: _ttp
Value: a101116e-1b95-48f5-9f61-d245d9f78ff0
www.nerdwallet.com/ Name: AWSALBTGCORS
Value: fOrPH6TJAv4C6TKrIwK76pz/HzgI+qz27YCCwo5GUnrX+NCUN2DF/r9/IWCaP6N8LfAGbAbDuhEkNZguLF1IRRi5xPDPaVe9BnUnZCDUsoTG+NO+0ZkXHVYXE0sdAbz++u3Qpe3fN6+5uqsQt+I/a1WaNn3WI35Swbe0bQx7GR8O
analyze.nw-click.com/ Name: _dd_s
Value: rum=1&id=2cc9bd8e-1314-468a-90a9-9956ec3fa62f&created=1667386165965&expire=1667387065965

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
analyze.nw-click.com
api.onthebarrelhead.com
api.segment.io
api.trustedform.com
bat.bing.com
cdn.segment.com
cdn.trustedform.com
connect.facebook.net
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
in.hotjar.com
leadid.onthebarrelhead.com
maps.googleapis.com
region1.google-analytics.com
rum.browser-intake-datadoghq.com
script.hotjar.com
session-replay.browser-intake-datadoghq.com
static.hotjar.com
vars.hotjar.com
ws17.hotjar.com
www.facebook.com
www.googletagmanager.com
www.nerdwallet.com
104.18.42.63
108.157.4.53
108.157.4.86
13.225.79.112
13.225.84.207
13.226.153.39
184.86.103.210
2001:4860:4802:34::36
2600:1f18:24e6:b901:6ab1:aefc:4ed:7c71
2600:1f18:24e6:b902:dc17:b01c:c3d9:f3be
2600:9000:20eb:e200:1c:7f1a:6680:93a1
2600:9000:224a:e400:c:d509:13c0:93a1
2606:4700:20::681a:21
2620:1ec:c11::200
2a00:1450:4001:800::2008
2a00:1450:4001:809::200a
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.236.64.108
52.21.227.162
52.211.89.118
52.30.44.244
52.36.48.34
52.5.60.38
00b38ca12e230a61d08701d7fe2da4b7ec41b510d6af7712cc41b34e8b971de8
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
159c6b1e9f2d3b4d2fc9530c5da40152f37a34551bd0a7fb528f7ff6e3d9d83a
18157870a65e487555dce9077bd3351b73a34fbdb844c4619b6fb5c530d58273
1bddfaaad79beedbe9f0177b5b33b096506cb6542fc0315e2ddbffe030b4b999
1f63019de0e822b458883425231102caffd2264c09769a6e84e7a5264b41163a
23084b00ffe368652957dcb8afc244c1c432069472e90048b07634fccd27440b
2532c98639ec6d1bff263f34bac8780c82e35be28df1fa6c2364771f071217dc
2cbacba1769bfeef8121a884ec72f759b864ae6d8358f9562a7f39ddf5df02c8
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
48da1f3149b6e00e95d8ef4a57e773ab558a864b77c96f6019e4cfebe19106a6
4ae4bbc3bbd5733dcaf9302940b4115e5871733f71ab3f3e7250e693b4d05f6d
4edd67998bca05b0decc68a8d0f12a618f0abf5c3a6815a64a503ba7c1b83c72
4eec9836759ba8110efefaf0aa0fd87f0de75a8d64ea07d8f5404b0d03a22e49
4f70ae41aa3a3a678dd95aaacf5f35876158d43ea42b9a0d78507e975f0220fb
5a709f64c0ad4ed779c79dc322da24427b9f84153535d642b027395b01be8c7a
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
6079ceda051ac6b7bc6e1dd438e09ac4e90dce8b443e81813321fbc7dac09787
64445cdba1784cfe6dc6664a9d3ecde1d38565d04e349c6880db5f906bbd3aca
65efeea4aecdaf23032a0599c4a54eaa60acf6884e73d8cbbcc0eedf938e909e
6cdacbf051630f7d0e1f669c81e43a897165a3f7909adb2ec5b73ab0d8fa8863
83cf8149ef742c4af7261b8fb4029470a341d867454da9f8fc145042cc1e5c52
8ac5c8700425310ef8e5dd04cc42515831c0893f0137255bdf49c4f29782ab8f
91958cefff55066c68c82e9a183cf104b79698bda9f2575e754559a04632fb99
9a9673a133346936a8b633f44be08517d374094ef9316eafc2b7367ea7d8c51b
9b2a68da166d5625e2219efa60ef2420d9b34dfc2d5dcaa35493d1e3e5cc65ce
9f22f55e382685c2b74290a4d490a4203460de32f8ff8bd36bd391fc870b3008
a856c49200096e83ed1a3612d4b4fcb1961a1f66f1a5f78c19bb71e31b98d221
ba8be65746ca30fadff7deb639117ec587a44e0428f89218d70bc5e4888ac308
beace6af9719e224bc2cc92a9af7c4609b003962cd0c9e27a66bc8a11c6cd031
bf066f33245856a1bab0cd619969641a5340f55bc9b8528f7ecbb584852ed95f
c0a4830af55fb7faabcbe34e804d186959aac83e6832495817e0e62122d2748f
c45992da4f0169a7651346ef0a4cb27efe93b28a3b80d230a6f428a0e242db65
c4c1b1d717b95f71df6aee145bd0bcf9d5783c2437af39325ff4e6f8fb817670
c775dcb815c4a9b8ab62ff7f78697ee4dcbc5da721cc2df20f67bd578b55ef21
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd2587512bbcd4f45c767726b700aa3b416456aeab1ddf241c5f50618692c34c
cdcbdeb846fc52c0a783abd5b99bb08184a1aaec3148d7e4e6605195987a9d85
e11e77e27dc3aa0f88cfd097cf531143fdbade81bd2d4c0175c05c9b5d156dfe
e14ff545bd087c36a18801d36ca836821a4d5becdb633d8457d6a7df548c0125
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047
e6f74b7febfa0a8adebc228bae002098d43710d7203f00ca9bcd13f04b589816
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05373bb1fad67127a2552f6b357589b473890beaa567f053103a2e35b5820a8
f867b075c857ced38cd2083228f4d8e0dbe97f3bdea5582c1dd31d7c4cc69fea
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143