urlscan.io logo urlscan.io
SecurityTrails logo

analyze.nw-click.com Open in urlscan Pro
2600:9000:206f:c00:c:d509:13c0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://email.devotionaloftheday.com/c/eJxFkkmOpDAQRU-TuUQewMOCRalbdYLep4xt8AA2gw02p29q0y3F6uvFVyj0dA8JIQDDluG36ls9DuxtewQQggBSyDBEuI...
Effective URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditio...
Submission: On October 17 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 3 countries across 21 domains to perform 86 HTTP transactions. The main IP is 2600:9000:206f:c00:c:d509:13c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is analyze.nw-click.com. The Cisco Umbrella rank of the primary domain is 675380.
TLS certificate: Issued by Amazon on August 25th 2022. Valid for: a year.
This is the only time analyze.nw-click.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.86.85.56 396982 (GOOGLE-CL...)
1 1 34.195.209.248 14618 (AMAZON-AES)
1 1 34.200.117.186 14618 (AMAZON-AES)
1 1 18.210.69.85 14618 (AMAZON-AES)
1 1 52.210.216.106 16509 (AMAZON-02)
21 2600:9000:206... 16509 (AMAZON-02)
9 172.64.145.193 13335 (CLOUDFLAR...)
10 23.22.5.68 14618 (AMAZON-AES)
1 8 54.167.80.156 14618 (AMAZON-AES)
2 2600:9000:223... 16509 (AMAZON-02)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 52.222.206.97 16509 (AMAZON-02)
1 34.195.85.209 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2600:1f18:24e... 14618 (AMAZON-AES)
4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 13.226.153.18 16509 (AMAZON-02)
3 184.86.103.20 20940 (AKAMAI-ASN1)
3 2a03:2880:f02... 32934 (FACEBOOK)
1 2001:4860:480... 15169 (GOOGLE)
1 52.222.236.43 16509 (AMAZON-02)
1 18.66.147.29 16509 (AMAZON-02)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 34.246.28.68 16509 (AMAZON-02)
1 52.212.218.167 16509 (AMAZON-02)
2 44.237.43.91 16509 (AMAZON-02)
86 23
1    34.86.85.56 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 56.85.86.34.bc.googleusercontent.com
email.devotionaloftheday.com
1    34.195.209.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-209-248.compute-1.amazonaws.com
track.insight.devotionalcheckin.com
1    34.200.117.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-117-186.compute-1.amazonaws.com
wkwkero.com
1    18.210.69.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-69-85.compute-1.amazonaws.com
speedtrkzone.com
1    52.210.216.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-216-106.eu-west-1.compute.amazonaws.com
tracking.plpro.co
21    2600:9000:206f:c00:c:d509:13c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
analyze.nw-click.com
9    172.64.145.193 (United States)

ASN13335 (CLOUDFLARENET, US)
www.nerdwallet.com
10    23.22.5.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-5-68.compute-1.amazonaws.com
leadid.onthebarrelhead.com
8    54.167.80.156 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-80-156.compute-1.amazonaws.com
api.trustedform.com
2    2600:9000:223d:6800:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.trustedform.com
4    2606:4700:20::ac43:4aaa (United States)

ASN13335 (CLOUDFLARENET, US)
api.onthebarrelhead.com
1    52.222.206.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-97.fra56.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
1    34.195.85.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-85-209.compute-1.amazonaws.com
deviceid.trueleadid.com
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
4    2600:1f18:24e6:b901:82bf:7748:2922:b37f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rum.browser-intake-datadoghq.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    13.226.153.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-153-18.dus51.r.cloudfront.net
static.hotjar.com
3    184.86.103.20 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-103-20.deploy.static.akamaitechnologies.com
analytics.tiktok.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    52.222.236.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net
script.hotjar.com
1    18.66.147.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-29.fra60.r.cloudfront.net
vars.hotjar.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    34.246.28.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-28-68.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    52.212.218.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-218-167.eu-west-1.compute.amazonaws.com
ws8.hotjar.com
2    44.237.43.91 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-43-91.us-west-2.compute.amazonaws.com
api2.amplitude.com
Apex Domain
Subdomains		 Transfer
21 nw-click.com
analyze.nw-click.com — Cisco Umbrella Rank: 675380
1 MB
14 onthebarrelhead.com
leadid.onthebarrelhead.com — Cisco Umbrella Rank: 529254
api.onthebarrelhead.com — Cisco Umbrella Rank: 589263
12 KB
10 trustedform.com
api.trustedform.com — Cisco Umbrella Rank: 25908
cdn.trustedform.com — Cisco Umbrella Rank: 29116
42 KB
9 nerdwallet.com
www.nerdwallet.com — Cisco Umbrella Rank: 36960
59 KB
5 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 619
script.hotjar.com — Cisco Umbrella Rank: 789
vars.hotjar.com — Cisco Umbrella Rank: 916
in.hotjar.com — Cisco Umbrella Rank: 1656
ws8.hotjar.com — Cisco Umbrella Rank: 58877
70 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 379
12 KB
4 browser-intake-datadoghq.com
rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 2895
4 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 362
184 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
132 KB
3 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 872
97 KB
2 amplitude.com
api2.amplitude.com — Cisco Umbrella Rank: 1497
286 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
222 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
135 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2668
351 B
1 trueleadid.com
deviceid.trueleadid.com — Cisco Umbrella Rank: 15510
2 KB
1 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
2 KB
1 plpro.co
tracking.plpro.co — Cisco Umbrella Rank: 772108
2 KB
1 speedtrkzone.com
speedtrkzone.com — Cisco Umbrella Rank: 766674
873 B
1 wkwkero.com
wkwkero.com
308 B
1 devotionalcheckin.com
track.insight.devotionalcheckin.com — Cisco Umbrella Rank: 701658
467 B
1 devotionaloftheday.com
email.devotionaloftheday.com
721 B
86 21
Domain Requested by
21 analyze.nw-click.com analyze.nw-click.com
cdn.trustedform.com
10 leadid.onthebarrelhead.com analyze.nw-click.com
deviceid.trueleadid.com
9 www.nerdwallet.com analyze.nw-click.com
cdn.trustedform.com
8 api.trustedform.com 1 redirects api.trustedform.com
cdn.trustedform.com
4 bat.bing.com www.googletagmanager.com
bat.bing.com
analyze.nw-click.com
4 rum.browser-intake-datadoghq.com analyze.nw-click.com
4 maps.googleapis.com analyze.nw-click.com
maps.googleapis.com
4 api.onthebarrelhead.com analyze.nw-click.com
3 connect.facebook.net analyze.nw-click.com
connect.facebook.net
3 analytics.tiktok.com analyze.nw-click.com
analytics.tiktok.com
2 api2.amplitude.com analyze.nw-click.com
2 www.facebook.com analyze.nw-click.com
2 www.googletagmanager.com analyze.nw-click.com
www.googletagmanager.com
2 cdn.trustedform.com analyze.nw-click.com
api.trustedform.com
1 ws8.hotjar.com analyze.nw-click.com
1 in.hotjar.com analyze.nw-click.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 region1.google-analytics.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 deviceid.trueleadid.com d2m2wsoho8qq12.cloudfront.net
1 d2m2wsoho8qq12.cloudfront.net analyze.nw-click.com
1 tracking.plpro.co 1 redirects
1 speedtrkzone.com 1 redirects
1 wkwkero.com 1 redirects
1 track.insight.devotionalcheckin.com 1 redirects
1 email.devotionaloftheday.com 1 redirects
86 27
Subject Issuer Validity Valid
*.analyze.nw-click.com
Amazon		 2022-08-25 -
2023-09-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-08 -
2023-04-07		 a year crt.sh
leadid.onthebarrelhead.com
R3		 2022-09-14 -
2022-12-13		 3 months crt.sh
onthebarrelhead.com
Cloudflare Inc ECC CA-3		 2022-04-30 -
2023-04-30		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
deviceid.trueleadid.com
Amazon		 2022-01-07 -
2023-02-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.browser-intake-datadoghq.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-21 -
2023-07-22		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-27 -
2022-10-25		 3 months crt.sh
*.trustedform.com
Amazon		 2022-09-11 -
2023-10-09		 a year crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2022-01-28 -
2023-02-28		 a year crt.sh
cdn.trustedform.com
Amazon		 2022-04-14 -
2023-05-13		 a year crt.sh

This page contains 6 frames:

Primary Page: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
Frame ID: 37314327834B59DF8A0285E1CD55580C
Requests: 72 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=C1F55716-3085-8FD0-2209-1060E3BBBDDC&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Frame ID: 8632255E5038AB9D6BAD7D9C5B52EB50
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=C1F55716-3085-8FD0-2209-1060E3BBBDDC&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Frame ID: BFFD26CA6F3A15F56B6647B117717829
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 3349B165E49E7A135F7202B3D009BB00
Requests: 1 HTTP requests in this frame

Frame: https://api.trustedform.com/certs
Frame ID: 1F4AC5908128DA8A0EE3CBE735ECE8C6
Requests: 1 HTTP requests in this frame

Frame: https://api.trustedform.com/certs/4a41e99260b465c21959218545f4d2038f15c34c/snapshot
Frame ID: FB5997BA9F35376EDFA4AA81428B4E98
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NerdWallet: Make all the right money movesNerdWalletNerdWallet

Page URL History Show full URLs

  1. http://email.devotionaloftheday.com/c/eJxFkkmOpDAQRU-TuUQewMOCRalbdYLep4xt8AA2gw02p29q0y3F6uvFVyj0dA8JIQDDluG36l... HTTP 302
    http://track.insight.devotionalcheckin.com/?xtl=vfypxfitn30jrncvobezn5npzkbdgao1c7uq3m3q4xh6jrwot81avqkdrgj4xmnzaazbbw1... HTTP 302
    http://wkwkero.com/?E=QSBALucJonI1vncQhFBWi8Ce%2bTPVyvQIDbfaF54T%2fx8%3d&s1=2ATC&s2=1666031482-... HTTP 302
    https://speedtrkzone.com/?E=QSBALucJonI1vncQhFBWi8Ce%2bTPVyvQIDbfaF54T%2fx8%3d&s1=2ATC&s2=1666031482-... HTTP 302
    http://tracking.plpro.co/aff_c?offer_id=99&aff_id=1006&aff_sub=42575&aff_sub2=2ATC&aff_sub3=383939475... HTTP 302
    https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=Ne... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

86
Requests

98 %
HTTPS

37 %
IPv6

21
Domains

27
Subdomains

23
IPs

3
Countries

1855 kB
Transfer

6607 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://email.devotionaloftheday.com/c/eJxFkkmOpDAQRU-TuUQewMOCRalbdYLep4xt8AA2gw02p29q0y3F6uvFVyj0dA8JIQDDluG36ls9DuxtewQQggBSyDBEuIEjVoRCIKgiCDL-aoHSZ0w2BjHHMRmtRG1kXN6mR5SDFkiIB0FFN8iWIK6EeFIOMAPyPfcmpfWFv17o-5m0C-kbGw47mdT8r5VGS2_DT-sPiL9Lml_49znWtYw2BQzcHuQZB32HLqy3H9QkIpQ0b3jBW1sMcfsVE4Pi3LzaJ9eWJdxC3MNwwWs7Ee0WbW0FutAhhpkLWE4rtlxKytzlY7-RGJG67Rp9l1q4ravA9MITCaevZT8JG3zSlzezcNVUKYrK44K83iaY50z9urEOEDdzV-VzJ52wW9eaOb_QgoODJBDmFd4mdGSWbJnLvE55jLG25rg3FEW7wKLWi5ubOx2XOraxZoPKObhDdTWvxEhCQyj-DjgsxuDh4Noz1hXU6hOKFyLamudxWLujGyGRta5rbgtF08gFm1Ni6cIGLW6k20MrkcSh00dGpZ819PXn15NGWT5jDvJjd44XoTSApRi7nfBh_imE3nt_iaBEc-pd2UeTKM0R9N7EfXqnvjS7O3UEDTrd2IBmKwOMXWMST2lpKCPZN51Gg3iMc_4vMwzkKg HTTP 302
    http://track.insight.devotionalcheckin.com/?xtl=vfypxfitn30jrncvobezn5npzkbdgao1c7uq3m3q4xh6jrwot81avqkdrgj4xmnzaazbbw1wqv275meiiy0ex7bonl9a1xviaquxxtu9jusrz2af2dzipok5t41qppa37w3g6nvkyxrv68bktewkhlajyhycaxdufm2keqg1ulu7kpq8506jl9jycbez7g3jppyu99w2m3nj16n68kd3qg2su8tixlxlpgufooy4hszq2oa4m1xdpw9hz9jeomyf4oyuh2xvbjsd5yup6hc67nnxkzn3nmhh3bs9ek885x24ev1a&eih=3ejs5f16cyyppu4x72gf9a8ltt8tw3h2mjf7q&dataset_code=2ATC&ocx_func_ir93made01xxhiqv1=1666031482 HTTP 302
    http://wkwkero.com/?E=QSBALucJonI1vncQhFBWi8Ce%2bTPVyvQIDbfaF54T%2fx8%3d&s1=2ATC&s2=1666031482-101722 HTTP 302
    https://speedtrkzone.com/?E=QSBALucJonI1vncQhFBWi8Ce%2bTPVyvQIDbfaF54T%2fx8%3d&s1=2ATC&s2=1666031482-101722&ckmguid=5717e01f-2ee6-4927-aa01-150689a37e9d HTTP 302
    http://tracking.plpro.co/aff_c?offer_id=99&aff_id=1006&aff_sub=42575&aff_sub2=2ATC&aff_sub3=383939475&aff_sub4=1666031482-101722&aff_sub5= HTTP 302
    https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16660365125110.33837973047415115&invert_field_sensitivity=false HTTP 301
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16660365125110.33837973047415115&invert_field_sensitivity=false

86 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request personal-loan
analyze.nw-click.com/
Redirect Chain
  • http://email.devotionaloftheday.com/c/eJxFkkmOpDAQRU-TuUQewMOCRalbdYLep4xt8AA2gw02p29q0y3F6uvFVyj0dA8JIQDDluG36ls9DuxtewQQggBSyDBEuIEjVoRCIKgiCDL-aoHSZ0w2BjHHMRmtRG1kXN6mR5SDFkiIB0FFN8iWIK6EeFIOMAP...
  • http://track.insight.devotionalcheckin.com/?xtl=vfypxfitn30jrncvobezn5npzkbdgao1c7uq3m3q4xh6jrwot81avqkdrgj4xmnzaazbbw1wqv275meiiy0ex7bonl9a1xviaquxxtu9jusrz2af2dzipok5t41qppa37w3g6nvkyxrv68bktewkh...
  • http://wkwkero.com/?E=QSBALucJonI1vncQhFBWi8Ce%2bTPVyvQIDbfaF54T%2fx8%3d&s1=2ATC&s2=1666031482-101722
  • https://speedtrkzone.com/?E=QSBALucJonI1vncQhFBWi8Ce%2bTPVyvQIDbfaF54T%2fx8%3d&s1=2ATC&s2=1666031482-101722&ckmguid=5717e01f-2ee6-4927-aa01-150689a37e9d
  • http://tracking.plpro.co/aff_c?offer_id=99&aff_id=1006&aff_sub=42575&aff_sub2=2ATC&aff_sub3=383939475&aff_sub4=1666031482-101722&aff_sub5=
  • https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId...
1 KB
977 B 		Document
General
Check archive.org
Download Go to
Full URL
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38a90e4f4ecd3208b29b98998e078ab123edd00110f374519fcaac46e912ef77

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=0, s-maxage=2
content-encoding
gzip
content-type
text/html
date
Mon, 17 Oct 2022 19:55:12 GMT
etag
W/"1f90c52f97fe3d7ac015d760ff2f25c5"
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-amz-cf-id
O2XUuq8QBw8qXaoMQmsNkmf9dQH-Jpxg0kYIRXYfDeq_yOcqbzVw3A==
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront

Redirect headers

Access-Control-Allow-Headers
Tune-SDK-Version
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
588
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 17 Oct 2022 19:55:11 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx
Tracking_id
10263400073caedc675e8c4b2b825b
X-Request-Id
6dc8e282377ec961290ac72722c92d90
X-Robots-Tag
noindex, nofollow
Gotham-Medium--critical.ee5c613487.woff2
www.nerdwallet.com/cdn/fonts/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/cdn/fonts/Gotham-Medium--critical.ee5c613487.woff2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.145.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18157870a65e487555dce9077bd3351b73a34fbdb844c4619b6fb5c530d58273

Request headers

Referer
https://analyze.nw-click.com/
Origin
https://analyze.nw-click.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:12 GMT
x-amz-version-id
WGxNQy8mBtoftWr2HdFv7vIcvFCp7NaI
cf-cache-status
HIT
x-amz-request-id
ZMCFBE5MB9WD6AS5
age
1712575
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9436
x-amz-id-2
3xdltfOirxY6BkZEgAEedITY0922ufDjFF2zdguhBq0iGHxBHO4SVLetlYHbGUoJyXRFEM94SN4=
last-modified
Mon, 22 Mar 2021 20:57:27 GMT
server
cloudflare
etag
"ee5c6134876f0895658e48bb0bda8971"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
75bb972949399be6-FRA
x-nerd
Edge
Gotham-Book--critical.fdbad282be.woff2
www.nerdwallet.com/cdn/fonts/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/cdn/fonts/Gotham-Book--critical.fdbad282be.woff2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.145.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba8be65746ca30fadff7deb639117ec587a44e0428f89218d70bc5e4888ac308

Request headers

Referer
https://analyze.nw-click.com/
Origin
https://analyze.nw-click.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:12 GMT
x-amz-version-id
YqixNq.3i6.6M4vrHwt_2_NRU9maJc4k
cf-cache-status
HIT
x-amz-request-id
WGG5AVWY4N80AE9Q
age
425156
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9492
x-amz-id-2
WrkzF2jliGwmfipKMvswbaFkoLwB7IPPmucwLw1xH9v+nfo33HKC0Rc87pG6RKK8HueEWSBSeMQ=
last-modified
Mon, 22 Mar 2021 20:57:29 GMT
server
cloudflare
etag
"fdbad282bee3da1c38146487b9c2f412"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
75bb9729493c9be6-FRA
x-nerd
Edge
Gotham-Bold--critical.dcf83fb890.woff2
www.nerdwallet.com/cdn/fonts/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/cdn/fonts/Gotham-Bold--critical.dcf83fb890.woff2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.145.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ae4bbc3bbd5733dcaf9302940b4115e5871733f71ab3f3e7250e693b4d05f6d

Request headers

Referer
https://analyze.nw-click.com/
Origin
https://analyze.nw-click.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:12 GMT
x-amz-version-id
csXDMdMerAERSVKnyZV8Lz_tNycn6X8X
cf-cache-status
HIT
x-amz-request-id
BYJGDJ4YQAFYCD8H
age
4954047
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9112
x-amz-id-2
QWfrWSnRgGiSW2XJWr0C2LszlNuVZg8YsTyD6+e1HF+2WRNyiNPEPU642A2rNavubjOqjwg6zos=
last-modified
Mon, 22 Mar 2021 20:57:29 GMT
server
cloudflare
etag
"dcf83fb8902adcc5fd75fdf6da548573"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
75bb972949439be6-FRA
x-nerd
Edge
ChronicleDisplay-Semibold--critical.2c31edcaf3.woff2
www.nerdwallet.com/cdn/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/cdn/fonts/ChronicleDisplay-Semibold--critical.2c31edcaf3.woff2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.145.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c45992da4f0169a7651346ef0a4cb27efe93b28a3b80d230a6f428a0e242db65

Request headers

Referer
https://analyze.nw-click.com/
Origin
https://analyze.nw-click.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:12 GMT
x-amz-version-id
hxLS9BBjDUYsoPEtm4oIowkdM_ODkcgf
cf-cache-status
HIT
x-amz-request-id
V3PWYSSFJY67C47J
age
2055652
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11012
x-amz-id-2
D0CSj5jV0wGn+3LHhZZMMRE3Lfs6UHYRL9dCR6ddEcOZAqSUYdb+73LbeGF1Dwd5sTHt8yDVt3g=
last-modified
Mon, 22 Mar 2021 20:57:29 GMT
server
cloudflare
etag
"2c31edcaf37bc7ca0ca1103d29b5f5f1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
75bb972949459be6-FRA
x-nerd
Edge
ChronicleDisplay-Roman--critical.835fdb1566.woff2
www.nerdwallet.com/cdn/fonts/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/cdn/fonts/ChronicleDisplay-Roman--critical.835fdb1566.woff2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.145.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
159c6b1e9f2d3b4d2fc9530c5da40152f37a34551bd0a7fb528f7ff6e3d9d83a

Request headers

Referer
https://analyze.nw-click.com/
Origin
https://analyze.nw-click.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:12 GMT
x-amz-version-id
TByrbO0kqrqPKmq32uLn3LcxEk8692TL
cf-cache-status
HIT
x-amz-request-id
ZMC6SEJ6ASAZD742
age
1712575
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=NnOyAh3OcpM9HVpkwEBHUU0d.XBhwQJzI8TNMNVSAOQ-1666036512-0-AVlQGESaLc2Fu7HPeEBPfqpZpcL8YeUNfOpLRTXQycjscz2KuRCusNVvkP4BYTEz5IOL5EfAX-owQUHiJFZKtEqfCmiSTMea5qB6Wn0Q0DCH; report-to cf-csp-endpoint
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10240
x-amz-id-2
vZxak62lP2Em7QUyuxVaPXGD21cFcNkHL+D4SSnFFMdpeKCD5ojYw2LITIDAD/BW5wb/N9YLfoc=
last-modified
Mon, 22 Mar 2021 20:57:28 GMT
server
cloudflare
etag
"835fdb1566f032e3c41742af1a1ebc3c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=NnOyAh3OcpM9HVpkwEBHUU0d.XBhwQJzI8TNMNVSAOQ-1666036512-0-AVlQGESaLc2Fu7HPeEBPfqpZpcL8YeUNfOpLRTXQycjscz2KuRCusNVvkP4BYTEz5IOL5EfAX-owQUHiJFZKtEqfCmiSTMea5qB6Wn0Q0DCH"}],"group":"cf-csp-endpoint","max_age":86400}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
75bb972949409be6-FRA
x-nerd
Edge
nerdwallet.fddd0e9f.css
analyze.nw-click.com/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analyze.nw-click.com/nerdwallet.fddd0e9f.css
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5421dc0e3f4bff0e2f63bd5b0ef1de5eeefbca93253cebacca55a7847f95823f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
content-encoding
gzip
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
etag
W/"d698d768548a88516a778635bae28b7d"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
9un1-AJKJCn24nG5FsvYrHw9KQoKITEHpDcJuxvjt6AJTYzWqLpOzQ==
nw-pixel-v1.gif
www.nerdwallet.com/blog/wp-content/themes/nerdwallet/assets/tracking/ 		42 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nerdwallet.com/blog/wp-content/themes/nerdwallet/assets/tracking/nw-pixel-v1.gif
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.145.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:12 GMT
content-security-policy
frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42
x-xss-protection
1; mode=block;
last-modified
Mon, 10 Oct 2022 14:42:35 GMT
server
cloudflare
etag
"63442f5b-2a"
x-frame-options
SAMEORIGIN
vary
Origin, Origin
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
75bb972b4be59113-FRA
x-nerd
Edge
expires
Thu, 31 Dec 2037 23:55:55 GMT
nerdwallet.b70d6938.js
analyze.nw-click.com/ 		4 MB
965 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analyze.nw-click.com/nerdwallet.b70d6938.js
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b5c1ca37e9516661f3389aa8e7a0605d17c9102482a75398864017093ccf107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
content-encoding
gzip
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
etag
W/"d30970fb844b55ae95cf3bae9ea5081b"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
xYNazYhFIRZLCO7vn6i-XnAxYkZkyHAfBNDh9fnjf1GJFTE5GJYsEQ==
GenerateToken
leadid.onthebarrelhead.com/2.11.9/ 		36 B
992 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/GenerateToken?msn=1&pid=ea931bd2-b42e-4c63-a53b-c903d47af70a&_=920729620
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.22.5.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-5-68.compute-1.amazonaws.com
Software
envoy /
Resource Hash
cf5559cc6769cc8d807eeda95b071ef56cea8f3b3ba8cc66d219abd2ad2a931f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 17 Oct 2022 19:55:12 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
56
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bootstrap.js
cdn.trustedform.com/
Redirect Chain
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16660365125110.33837973047415115&invert_field_sensitivity=false
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16660365125110.33837973047415115&invert_field_sensitivity=false
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16660365125110.33837973047415115&invert_field_sensitivity=false
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
Protocol
H2
Server
2600:9000:223d:6800:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d80f782c175ee34155d9df75ffb2ebeff7e968fa049ed143ccf65e517a5c1b9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
x-amz-version-id
to7EtxbNw4wTQ51GTUC55F9UIeZCxiGL
content-encoding
gzip
last-modified
Mon, 03 Oct 2022 18:12:40 GMT
server
AmazonS3
via
1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
etag
W/"ba4b583161aee0d60d41a21495f9f7f2"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
PcoyVc_U7PoFIujJk3822tbtRYHkvCwO0nZWDbiDyl_NgC4hMrD01g==

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16660365125110.33837973047415115&invert_field_sensitivity=false
date
Mon, 17 Oct 2022 19:55:12 GMT
server
awselb/2.0
content-length
134
content-type
text/html
session
api.onthebarrelhead.com/api/v1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.onthebarrelhead.com/api/v1/session
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de10f106076d34e121db9d4b9f2b2d667f3fb6e8a68b4c6d197c96186c710e5b

Request headers

Accept
application/json, text/plain, */*
Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
origin,accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPpfF3F1HYoYCbQsElrGu%2F0l%2FAxJVKijXrFLyyGB50qDfwBIsnyFF2W0SbZGcjGPe6KOHIjKTFNxvrf9LiQv21I53Wm1D27oiN5d%2FGlTUSskY0n4%2FjHr%2BenASTSPWBFO7IHGnmyG2NiDJbB0dYF7%2BbiJAwz5"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
cf-ray
75bb972f4821996c-FRA
session
api.onthebarrelhead.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.onthebarrelhead.com/api/v1/session
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://analyze.nw-click.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match
access-control-allow-methods
POST
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75bb972ddcb5996c-FRA
date
Mon, 17 Oct 2022 19:55:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHUiSqBe%2FHMr%2Bx%2FSF4mn9xd%2FU61RL01leDZjzdK4wtM3pvWhHMY1%2Fl0zFrXeTLz7pYv5L9Dzr9m0%2F8RqawSB2NTteGAdtc6izyU1%2FdWBNe1w%2FA33JaduWK8YXHxWvrb3xXSbGakRhBnqtlrNqdoy3r3ILiLI"}],"group":"cf-nel","max_age":604800}
server
cloudflare
1f2572bb-e649-49f1-bac0-be647e0671f4
https://analyze.nw-click.com/ 		25 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://analyze.nw-click.com/1f2572bb-e649-49f1-bac0-be647e0671f4
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48da1f3149b6e00e95d8ef4a57e773ab558a864b77c96f6019e4cfebe19106a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
25754
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 8632 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=C1F55716-3085-8FD0-2209-1060E3BBBDDC&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-97.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
62050
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 17 Oct 2022 02:41:03 GMT
ETag
W/"63472048-dbb"
Last-Modified
Wed, 12 Oct 2022 20:15:04 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
X-Amz-Cf-Id
BsXNIG_UmeU9XRpzxZVJRPE9GOqBanBqRVkH9AiuY8rOMkKztPfWIA==
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Hit from cloudfront
SaveDom
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/SaveDom?msn=2&pid=ea931bd2-b42e-4c63-a53b-c903d47af70a&token=C1F55716-3085-8FD0-2209-1060E3BBBDDC&_=920729621
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.22.5.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-5-68.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 17 Oct 2022 19:55:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
5
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
iframe.html
deviceid.trueleadid.com/ Frame BFFD 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deviceid.trueleadid.com/iframe.html?token=C1F55716-3085-8FD0-2209-1060E3BBBDDC&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Requested by
Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=C1F55716-3085-8FD0-2209-1060E3BBBDDC&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.85.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-85-209.compute-1.amazonaws.com
Software
nginx /
Resource Hash
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer
https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=86400 public
content-encoding
gzip
content-type
text/html
date
Mon, 17 Oct 2022 19:55:13 GMT
etag
W/"632c7ff9-1049"
expires
Tue, 18 Oct 2022 19:55:13 GMT
last-modified
Thu, 22 Sep 2022 15:32:09 GMT
p3p
CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server
nginx
Snap
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/Snap?msn=3&pid=ea931bd2-b42e-4c63-a53b-c903d47af70a&token=C1F55716-3085-8FD0-2209-1060E3BBBDDC&_=920729622
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.22.5.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-5-68.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 17 Oct 2022 19:55:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
8
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
gtm.js
www.googletagmanager.com/ 		198 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MNTN8H2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
10c441f77f0e082ecc45675ee120f3ec2075e5399d276ef9791e733374b8e30d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69279
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Oct 2022 19:55:13 GMT
js
maps.googleapis.com/maps/api/ 		169 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyDS-PiX0T0HhN3K_69LEvUOYySpGxNAaGk&libraries=places
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
deaf4755d9da347b937b7b0ca90f0c5b811f380f4f9386b3ba081f73e5dec1e5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
content-encoding
gzip
server
mafe
vary
Accept-Language
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=22
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56573
x-xss-protection
0
expires
Mon, 17 Oct 2022 20:25:13 GMT
upgrade.28544a93.png
analyze.nw-click.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/upgrade.28544a93.png
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
37473b44ff83bdebfe4656b14121fcf6213f1ab9c96be74e0b060f3cd9c11c11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:14 GMT
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"b422751a04be77117bf763c033cc4353"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
2903
x-amz-cf-id
Lm58qz-5rRpdecdIgsTOrahkPahJHTuGacJvYWWY5s9jIZtZmSXqUg==
sofi.1a9e3ad8.png
analyze.nw-click.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/sofi.1a9e3ad8.png
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
209bbba6f7163b259848583858ea8e1cb5761089ad194de95a97e9601f9d7ccc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:14 GMT
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"c4ce1ffe77ee99b77622a8ce267fd01e"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
1598
x-amz-cf-id
ddaqUBQImmuqrNUiLo2Pn-YUFxazMiVfVQw3UIIC-Rc4Z76--MKQOA==
lendingclub.9d282818.png
analyze.nw-click.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/lendingclub.9d282818.png
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d793e9fc718ea6e7c8e81ddf7cdef6cc4bf5817c4869171b56fddbdee811269

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:14 GMT
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"bbfb5d51d9a49005840cfba234bf3724"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
5732
x-amz-cf-id
V_tyQBHkURXj56NIKfy-_sabzfdmHV3Bahm2anDZBi2fMyuv0dIbWQ==
bestegg.48958c73.png
analyze.nw-click.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/bestegg.48958c73.png
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae68e771989d53e83a9887becea1cf92f05bb050409188d4476e8fe12834eaa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:14 GMT
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"cabb4579944c8b296d788a5ed918857f"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
3870
x-amz-cf-id
RXgjvvV1nyRfB-rtvE-jzBH7ejjBMOwaSSGFHMMpPaQ63hx38ErLdA==
prosper.b70e666b.png
analyze.nw-click.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/prosper.b70e666b.png
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c53686b7318dc68f809d337ab0a9ec82db4d9d77e4f8c2d882151aef6cca082

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:14 GMT
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"d732796ac77a22219c2f0e4c9c661590"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
4042
x-amz-cf-id
29_KpQIZ9MG7_tjNQbTkouZwvVztEafQtJgl0bIqMpIEZTfxyXOwDA==
graphic.5182f59d.svg
analyze.nw-click.com/ 		56 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/graphic.5182f59d.svg
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d37da68533f0bec1e870616609117f51870aa044e96f81c85bfb24a32e3253e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:14 GMT
content-encoding
gzip
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"ac26fc1d0e12f359d738a22e75ea1be3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
mTDdK9RcQ1UNe_ezkJPq03WrdgCeE_43wxdejAvieti6qAx4MTjK_w==
step1.4798433f.svg
analyze.nw-click.com/ 		28 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/step1.4798433f.svg
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df7d904b769cd337e322637742dc8a004200cc4142d7b4fb40f1b3c222191774

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:14 GMT
content-encoding
gzip
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"b1ff304176046161d4322acb12f5a3ea"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
X06xRZp0UPsKVipFpd1CbJBL1JCbwcg8c2FpJhOFASIGCvJv6shtng==
step2.951bb7f4.svg
analyze.nw-click.com/ 		13 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/step2.951bb7f4.svg
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b71779fb6bf169b8f365ad4ed7bb2559e122941f613cc69e6cd2004635f92fc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:14 GMT
content-encoding
gzip
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"b0de2862c933fecd011c45411876b971"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
zSSioCkH8tLTjvn_w5jzOoJQq--j9i-_YbfC5eeg_i0czxyn6Neu3Q==
step3.837fc13e.svg
analyze.nw-click.com/ 		40 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/step3.837fc13e.svg
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d925fff8efab019e1af1ff0f17536c75c75a98d4a3a4e2a0da301bb7e43488fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:14 GMT
content-encoding
gzip
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"a798479fcc047df801b207b7f84457a5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
un8uHq4JoECX2N3wE7MNuHT9Byo84L0DQ521IE7iWm7NEe-Y5pwl1g==
events
api.onthebarrelhead.com/api/v1/session/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.onthebarrelhead.com/api/v1/session/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://analyze.nw-click.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match
access-control-allow-methods
POST
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75bb97319ce8996c-FRA
date
Mon, 17 Oct 2022 19:55:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0%2FesxOSNF35eHXLNNL%2BE7BQF%2Fs5bqJHSNp3DfbPMGVNUo8tIKlYwFRb4QBmH4bUHzKt8i%2F0232lk3EtcfRWkY71%2F0da8vkq3g5CySRI6udTMetRV%2F65Mv6aG89%2Ffl4WxHwch8kezlTYV7n1EkFAapKLXLsc"}],"group":"cf-nel","max_age":604800}
server
cloudflare
events
api.onthebarrelhead.com/api/v1/session/ 		150 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.onthebarrelhead.com/api/v1/session/events
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
558cd598045dc045b0b77d8d36dae3cc0cbc236f61b4f34bc1df1cfe07725552

Request headers

Accept
application/json, text/plain, */*
Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
Authorization
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI0YzdhMjY2MzRiYzY0YWM4ODljMDEyNzE4NGI3MDQ1YSIsImlhdCI6MTY2NjAzNjUxMywiZXhwIjoxNjY2MTIyOTEzLCJ2IjoiMiIsInN1YiI6Njg5MTkzMjZ9.JYesbkAHAotI_aJAmYJcZb9FDY00gsVEi3Gt696MIok
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DdL7BuCkMu27CX3nOgNUPWlTl2LYkn0GSRDzDv7ccP%2BrKKs9SDhoDw92WfBHPsn0xJCr3JKV9wAX2kQr8PiOJotLkVJeZT%2BNzOBnvXsZXXo4nzJXTbiaD0u%2FK%2FxvY0im%2F6xWljFZvYYh%2FMpUqoK%2BU1c0NtyP"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
cf-ray
75bb9732cfc3996c-FRA
content-length
150
query0
www.nerdwallet.com/api/ 		51 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/api/query0
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.145.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb9e9fef68b5e9d72ae30f7a82d7d8aba8034672cd49059ffd4d9ed64dcc24ae
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/json, text/plain, */*
Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
X-Caller-Client-ID
analyze
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
X-Client-Platform
web
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 17 Oct 2022 19:55:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-security-policy
frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=UCE2s0047xRE2M.0zAq1QQZZB5IOh_kzb5t1Cs7zVMk-1666036514-0-AcJeKoXkkg8RV1KDJZA3zGB103y3ojh_mteMIsdKTX67asEA2Fre771SIz6XE5kZzvmzsHf0r4-Pe9nVBwo6gS0RE02DZ02p-pPjIpCpkNlK; report-to cf-csp-endpoint
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
server
cloudflare
etag
W/"33-s5cngptRtWdwa40P6GTKLptVFug"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=UCE2s0047xRE2M.0zAq1QQZZB5IOh_kzb5t1Cs7zVMk-1666036514-0-AcJeKoXkkg8RV1KDJZA3zGB103y3ojh_mteMIsdKTX67asEA2Fre771SIz6XE5kZzvmzsHf0r4-Pe9nVBwo6gS0RE02DZ02p-pPjIpCpkNlK"}],"group":"cf-csp-endpoint","max_age":86400}
cf-ray
75bb97334fa69211-FRA
x-nerd
Edge
query0
www.nerdwallet.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/api/query0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.145.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-caller-client-id,x-client-platform
Access-Control-Request-Method
POST
Origin
https://analyze.nw-click.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-caller-client-id,x-client-platform
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75bb97319ec59be6-FRA
content-security-policy
frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=WSomSWxAtMxbVEjOsalg5sg.5YXU7IMSy0Rpy0ZxVEw-1666036513-0-AWm5uPFGia3cCBJnNP1CgdON4ge_bWFFEAE3dQk3fxC15gYq7BvWipjk3YKx-xgDNX8abiDNgm4zPIx55UL2i5YHauibhtnGM0vzXQ09a4EU; report-to cf-csp-endpoint
date
Mon, 17 Oct 2022 19:55:13 GMT
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=WSomSWxAtMxbVEjOsalg5sg.5YXU7IMSy0Rpy0ZxVEw-1666036513-0-AWm5uPFGia3cCBJnNP1CgdON4ge_bWFFEAE3dQk3fxC15gYq7BvWipjk3YKx-xgDNX8abiDNgm4zPIx55UL2i5YHauibhtnGM0vzXQ09a4EU"}],"group":"cf-csp-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Access-Control-Request-Headers, Origin, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-nerd
Edge
x-xss-protection
1; mode=block;
rum
rum.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.17.1%2Cservice%3Aanalyze-front-end&dd-api-key=puba17748089e0d77f22b4c6dfedca76a53&dd-evp-origin-version=4.17.1&dd-evp-origin=browser&dd-request-id=7120afa9-22a9-46bc-bdec-8c39c902532a&batch_time=1666036513588
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:82bf:7748:2922:b37f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23
x-xss-protection
0
SaveDeviceId.js
leadid.onthebarrelhead.com/2.11.9/ Frame BFFD 		0
960 B 		Script
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/SaveDeviceId.js?lac=22813350-8774-3000-19AC-FC31C47988BB&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&methods=48&token=C1F55716-3085-8FD0-2209-1060E3BBBDDC&uuid=36d0d7a41a7a4fbabc67b632614d8c18
Requested by
Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=C1F55716-3085-8FD0-2209-1060E3BBBDDC&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.22.5.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-5-68.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deviceid.trueleadid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 19:55:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
5
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNTN8H2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 17 Oct 2022 19:55:13 GMT
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: ECDFD13F8A50467C8E13E1C661D51C36 Ref B: FRAEDGE1421 Ref C: 2022-10-17T19:55:13Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11367
hotjar-542041.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-542041.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNTN8H2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-18.dus51.r.cloudfront.net
Software
/
Resource Hash
7e6c865ab64d2cd8c6bc7faf32005647387728a6510bd27d097131aa3beae88a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 20f674d6a4a322fa027d3644cb825864.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
etag
W/528a80df8aad59bf3701a7574102ead2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
LiyYlRKy0_6Y4zlmiC6TFha8DB96R9PmniZyjIvb3D3Cioi2XeTyJg==
events.js
analytics.tiktok.com/i18n/pixel/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9682D3C77U9N0P9530G&lib=ttq
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-103-20.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ce6bc560b05dfbd3518479bfe62f74f38a38939bc9bac10033160a3b589a86ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-akamai-request-id
2bdb1c93
date
Mon, 17 Oct 2022 19:55:13 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a184-86-102-20.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=15, origin; dur=100
content-length
990
pragma
no-cache
server
nginx
x-tt-logid
20221017195513304D96B9096C7D400282
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
100,184.86.102.20
x-tt-trace-host
015542167bf09f2a0166cb5a722c5818445ba43d86e883a8bcd18c302fea4480f72977cac8a91fc258a12a5de90412e59071bb0fecab0eec4f236f7ed14be6402b6c579757cf3e1ebdaf9dd4bd4e7700e5
expires
Mon, 17 Oct 2022 19:55:13 GMT
js
www.googletagmanager.com/gtag/ 		183 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X4363VV9ZN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNTN8H2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f532f9adcd2ea8f21a7ea3e6a7bd46f4f5839a1aec93a35ea93bd7e17201a441
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
67982
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 17 Oct 2022 19:55:13 GMT
fbevents.js
connect.facebook.net/en_US/ 		102 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
df95c359e3559c219087fcb7d390b577cbd6577c0338d18644bd275149c62a86
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 17 Oct 2022 19:55:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
27029
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
eHY4/ZnKkD1q5LVnB5TKZa4meI1W4OeJMIii+WlRtr62CE8qWWwNfuE7g59eD/9eu9OoBGYtv1n31W88yD9zAw==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.85
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 17 Oct 2022 19:55:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
20715
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
YIbcBNgvSyP4WrC+ySG6pjc5JHEP7Yp+R6/NntWsdzntT+O13VL59VJInYFNwrkpJT8v4CRFCOi0jMHzPv4T6w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
145605262667436
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/145605262667436?v=2.9.85&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5f2918a3837e166689fe62eae82565780f8e4e447790a9cf643e36f3817cf3d1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 17 Oct 2022 19:55:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
46Jft7YJqqSPxO/TCIHBjsrKVfufLgiVf42dybv/nqM+2fAufkQRtac5r4qpY/FF7KA3tbFWD9m3go3sZLRIYw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
351 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-X4363VV9ZN&gtm=2oeaa0&_p=934327443&cid=1468283434.1666036514&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666036513&sct=1&seg=0&dl=https%3A%2F%2Fanalyze.nw-click.com%2Fpersonal-loan%3Futm_source%3DDA%26utm_medium%3Daffiliate%26utm_campaign%3D42575%26offer%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26affiliateId%3D1006%26affiliateName%3DDA%26subId1%3D42575%26subId2%3D2ATC%26subId3%3D383939475%26subId4%3D1666031482-101722%26subId5%3D%26subId6%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26hoTid%3D10263400073caedc675e8c4b2b825b%26hoOfferId%3D99&dt=NerdWallet%3A%20Make%20all%20the%20right%20money%20moves&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X4363VV9ZN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 19:55:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://analyze.nw-click.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.db0fd5db80f832174879.js
script.hotjar.com/ 		254 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.db0fd5db80f832174879.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-542041.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-43.fra56.r.cloudfront.net
Software
/
Resource Hash
10e59eebc56bdd8afae70a6ed3187b25317a7a8993374b539fa45b8277443274
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 08:42:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 34fdfb7c7c11559df7e622af2b62f5ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
40387
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
66081
last-modified
Mon, 17 Oct 2022 08:41:52 GMT
etag
"5278d8852118d6fae8702063aa272573"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
f9fYuSIHx8WPddmPROXBTrFnGIbFCu1bz7-jHpDpz2qJ8i0uQCwrxA==
InitFormData
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/InitFormData?msn=4&pid=ea931bd2-b42e-4c63-a53b-c903d47af70a&token=C1F55716-3085-8FD0-2209-1060E3BBBDDC&_=920729623
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.22.5.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-5-68.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 17 Oct 2022 19:55:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
6
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
box-69edcc3187336f9b0a3fbb4c73be9fe6.html
vars.hotjar.com/ Frame 3349 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-542041.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-29.fra60.r.cloudfront.net
Software
/
Resource Hash
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://analyze.nw-click.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1160826
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 09:28:08 GMT
etag
"f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified
Tue, 04 Oct 2022 07:09:34 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
x-amz-cf-id
xMnFBkwI-13ZrXOyKYuYEI3jLeLspNkD3ZP7WfZuDwQAhGYC0cbIhw==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
none
rum
rum.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.17.1%2Cservice%3Aanalyze-front-end&dd-api-key=puba17748089e0d77f22b4c6dfedca76a53&dd-evp-origin-version=4.17.1&dd-evp-origin=browser&dd-request-id=12892204-aa8b-48c2-88e6-df4c03e8afaa&batch_time=1666036513947
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:82bf:7748:2922:b37f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
main.Mi4wLjAuNTZfMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		336 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNTZfMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9682D3C77U9N0P9530G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-103-20.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e9bd9db83268ae9694965b94341b1ac5c2da802cfb7d87ed5b1b2727d8ea5ed2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-akamai-request-id
2bdb22c0
date
Mon, 17 Oct 2022 19:55:14 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202210111320017856E2A8DA4E6B2158AF
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a184-86-102-20.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01c92c41b98df5c6d4b2df48227384b0ce747217b81816add7bebee464d71630c6ffbf8d7a694154114a7f6e7961b0e26a864e4f440f3bd01105d5524e80e3a9effa9511dc3fa3707e8b4493bf637a4f6b
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length
96859
5715165.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5715165.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Mon, 17 Oct 2022 19:55:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D12D10E155424AABA7A3403642E04629 Ref B: FRAEDGE1421 Ref C: 2022-10-17T19:55:14Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5715165&tm=gtm002&Ver=2&mid=f0df2b57-38cd-4ef7-a7d9-ebbd90ae4efe&sid=9d8eb6304e5511ed99c6bfb06361af53&vid=9d8eb8b04e5511ed9595a3fe4d4dfa90&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=NerdWallet%3A%20Make%20all%20the%20right%20money%20moves&p=https%3A%2F%2Fanalyze.nw-click.com%2Fpersonal-loan%3Futm_source%3DDA%26utm_medium%3Daffiliate%26utm_campaign%3D42575%26offer%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26affiliateId%3D1006%26affiliateName%3DDA%26subId1%3D42575%26subId2%3D2ATC%26subId3%3D383939475%26subId4%3D1666031482-101722%26subId5%3D%26subId6%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26hoTid%3D10263400073caedc675e8c4b2b825b%26hoOfferId%3D99&r=&lt=2734&evt=pageLoad&sv=1&rn=428961
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 17 Oct 2022 19:55:13 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 90F95BA83AD747E3B40B06FF6E808D6B Ref B: FRAEDGE1421 Ref C: 2022-10-17T19:55:14Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=145605262667436&ev=PageView&dl=https%3A%2F%2Fanalyze.nw-click.com%2Fpersonal-loan%3Futm_source%3DDA%26utm_medium%3Daffiliate%26utm_campaign%3D42575%26offer%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26affiliateId%3D1006%26affiliateName%3DDA%26subId1%3D42575%26subId2%3D2ATC%26subId3%3D383939475%26subId4%3D1666031482-101722%26subId5%3D%26subId6%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26hoTid%3D10263400073caedc675e8c4b2b825b%26hoOfferId%3D99&rl=&if=false&ts=1666036514106&sw=1600&sh=1200&v=2.9.85&r=stable&ec=0&o=30&fbp=fb.1.1666036514105.903051829&it=1666036513790&coo=false&rqm=GET
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 17 Oct 2022 19:55:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
visit-data
in.hotjar.com/api/v2/client/sites/542041/ 		148 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/542041/visit-data?sv=7
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.28.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-28-68.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a9106f8201be70decee33d6db0ed15214e640fb5760a3ee0492dcfb6ca7b8ad0

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 17 Oct 2022 19:55:14 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
pixel
analytics.tiktok.com/api/v2/ 		0
547 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNTZfMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-103-20.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 19:55:14 GMT
x-akamai-request-id
2bdb27ec
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
20221017195514192086A1AB62C540C4CD
x-cache
TCP_MISS from a184-86-102-20.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
100,184.86.102.20
x-tt-trace-host
015542167bf09f2a0166cb5a722c5818445ba43d86e883a8bcd18c302fea4480f758aa87b3ddf8c57888ff94d2cff2aa50994afb39ff4b2b13332b64788a228465b1a00532dda256e0262be65e7e05799e
server-timing
inner; dur=12, cdn-cache; desc=MISS, edge; dur=6, origin; dur=99
content-length
0
expires
Mon, 17 Oct 2022 19:55:14 GMT
certs
api.trustedform.com/ Frame 1F4A 		475 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16660365125110.33837973047415115&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.80.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-80-156.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
270bbfb18c2b0cb47b591af167e5d5e38596785ae091ad8a596dc4a7d21c1432

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 17 Oct 2022 19:55:14 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
475
content
ws8.hotjar.com/api/v2/sites/542041/recordings/ 		66 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws8.hotjar.com/api/v2/sites/542041/recordings/content
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.218.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-218-167.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0a958d7fcd7d95f4d0357c023623f3f3b5a789a9f7bcaa9ee55a90ac9bf52732

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 17 Oct 2022 19:55:14 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
httpapi
api2.amplitude.com/2/ 		94 B
286 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.43.91 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-43-91.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
300e390ceb53bef2b5375957c35f14dcff4326fab210a594fcf48ffabae5fe2a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 17 Oct 2022 19:55:15 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-634db323-21b1517138e60e1641846722
content-length
94
access-control-allow-methods
GET, POST
content-type
application/json
httpapi
api2.amplitude.com/2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.43.91 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-43-91.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://analyze.nw-click.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-length
0
date
Mon, 17 Oct 2022 19:55:15 GMT
strict-transport-security
max-age=15768000
trustedform-1.8.29.js
cdn.trustedform.com/ 		99 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/trustedform-1.8.29.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16660365125110.33837973047415115&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:6800:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de10e6e1737b7031c84053fb8500a554901034dac8169e816b2a9d19dea8e27c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
oPelQ0fGWdbo7iDIXPghW4XZAnyuy5Ov
content-encoding
gzip
via
1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
date
Mon, 17 Oct 2022 19:54:51 GMT
last-modified
Mon, 03 Oct 2022 18:12:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
24
etag
W/"05c5bc479b5cc70fc03787ab4e8d8dec"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
6QLvByK9LhJaDOFMhbgF6SGC6WKYHtjoHfPUvz2kG3BQzi4Ay1EVsg==
rum
rum.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.17.1%2Cservice%3Aanalyze-front-end&dd-api-key=puba17748089e0d77f22b4c6dfedca76a53&dd-evp-origin-version=4.17.1&dd-evp-origin=browser&dd-request-id=dc5912bd-4641-48f0-b5ce-2c6cfbe1aa5c&batch_time=1666036514735
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:82bf:7748:2922:b37f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
snapshot
api.trustedform.com/certs/4a41e99260b465c21959218545f4d2038f15c34c/ Frame FB59 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/4a41e99260b465c21959218545f4d2038f15c34c/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.80.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-80-156.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 17 Oct 2022 19:55:14 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
upgrade.28544a93.png
analyze.nw-click.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/upgrade.28544a93.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
37473b44ff83bdebfe4656b14121fcf6213f1ab9c96be74e0b060f3cd9c11c11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"b422751a04be77117bf763c033cc4353"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
2903
x-amz-cf-id
fZhesQTXMjK0AiOTqWm3Rwkwrij9B_yiYyO2bnhC0uYxo_BybUhHLw==
sofi.1a9e3ad8.png
analyze.nw-click.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/sofi.1a9e3ad8.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
209bbba6f7163b259848583858ea8e1cb5761089ad194de95a97e9601f9d7ccc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"c4ce1ffe77ee99b77622a8ce267fd01e"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
1598
x-amz-cf-id
f-tCUZXZubUh94Jp-f4fN_5QwXm5bfxYjLlT-BmRpba57zKKiQvLlA==
lendingclub.9d282818.png
analyze.nw-click.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/lendingclub.9d282818.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d793e9fc718ea6e7c8e81ddf7cdef6cc4bf5817c4869171b56fddbdee811269

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"bbfb5d51d9a49005840cfba234bf3724"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
5732
x-amz-cf-id
dfoKD6WvJSb_yvELehAYI7eV9N-Jx50-gagvlJbT8foW8tuvoY1VAg==
bestegg.48958c73.png
analyze.nw-click.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/bestegg.48958c73.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae68e771989d53e83a9887becea1cf92f05bb050409188d4476e8fe12834eaa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"cabb4579944c8b296d788a5ed918857f"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
3870
x-amz-cf-id
lmlREvNLG1otRGBepkRkEZ6p8rN6x_qITLlbL8CnBDT4q1UeGBsWKw==
prosper.b70e666b.png
analyze.nw-click.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/prosper.b70e666b.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c53686b7318dc68f809d337ab0a9ec82db4d9d77e4f8c2d882151aef6cca082

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"d732796ac77a22219c2f0e4c9c661590"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
4042
x-amz-cf-id
Fh4paMyAhTA6-VIyLVCqSgti6P72KFP48iJHNeNg9Fl1Y0lluTKujg==
graphic.5182f59d.svg
analyze.nw-click.com/ 		56 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/graphic.5182f59d.svg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d37da68533f0bec1e870616609117f51870aa044e96f81c85bfb24a32e3253e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
content-encoding
gzip
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"ac26fc1d0e12f359d738a22e75ea1be3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
g9cOKdBE7ZquUfIk90RQ6eTkwrcJD6Bnslu1n6lCq0vExmhdOwkgZw==
step1.4798433f.svg
analyze.nw-click.com/ 		28 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/step1.4798433f.svg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df7d904b769cd337e322637742dc8a004200cc4142d7b4fb40f1b3c222191774

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
content-encoding
gzip
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"b1ff304176046161d4322acb12f5a3ea"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
mLveShlKiWEVZzhOw22Aboajd2JYCy_N6IGruWc4magxMFO6QCERxA==
step2.951bb7f4.svg
analyze.nw-click.com/ 		13 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/step2.951bb7f4.svg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b71779fb6bf169b8f365ad4ed7bb2559e122941f613cc69e6cd2004635f92fc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
content-encoding
gzip
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"b0de2862c933fecd011c45411876b971"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
6nGI7If6S8cy-BfOoXhDpOxU1HD4Wzqcnh9Y6IlS3uPLCd-M0LDyrw==
step3.837fc13e.svg
analyze.nw-click.com/ 		40 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/step3.837fc13e.svg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d925fff8efab019e1af1ff0f17536c75c75a98d4a3a4e2a0da301bb7e43488fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939475&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=10263400073caedc675e8c4b2b825b&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
content-encoding
gzip
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"a798479fcc047df801b207b7f84457a5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
8kxil5UcSU4npYscb9Ru20VGkfi5vHazycH7dZKnrf2kxHt-Qyclmw==
nw-pixel-v1.gif
www.nerdwallet.com/blog/wp-content/themes/nerdwallet/assets/tracking/ 		42 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nerdwallet.com/blog/wp-content/themes/nerdwallet/assets/tracking/nw-pixel-v1.gif
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.145.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
content-security-policy
frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42
x-xss-protection
1; mode=block;
last-modified
Mon, 10 Oct 2022 14:42:35 GMT
server
cloudflare
etag
"63442f5b-2a"
x-frame-options
SAMEORIGIN
vary
Origin, Origin
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
75bb9739cc0a9956-FRA
x-nerd
Edge
expires
Thu, 31 Dec 2037 23:55:55 GMT
fingerprints
api.trustedform.com/certs/4a41e99260b465c21959218545f4d2038f15c34c/ Frame FB59 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/4a41e99260b465c21959218545f4d2038f15c34c/fingerprints
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.80.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-80-156.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 17 Oct 2022 19:55:14 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
0
bat.bing.com/action/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5715165&tm=gtm002&Ver=2&mid=f0df2b57-38cd-4ef7-a7d9-ebbd90ae4efe&sid=9d8eb6304e5511ed99c6bfb06361af53&vid=9d8eb8b04e5511ed9595a3fe4d4dfa90&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=NerdWallet%3A%20Make%20all%20the%20right%20money%20moves&p=https%3A%2F%2Fanalyze.nw-click.com%2Fpersonal-loan%3Futm_source%3DDA%26utm_medium%3Daffiliate%26utm_campaign%3D42575%26offer%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26affiliateId%3D1006%26affiliateName%3DDA%26subId1%3D42575%26subId2%3D2ATC%26subId3%3D383939475%26subId4%3D1666031482-101722%26subId5%3D%26subId6%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26hoTid%3D10263400073caedc675e8c4b2b825b%26hoOfferId%3D99&r=&lt=2734&evt=pageLoad&sv=1&rn=428961
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 17 Oct 2022 19:55:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 27B64F507A62456C861CFF40192AB688 Ref B: FRAEDGE1421 Ref C: 2022-10-17T19:55:14Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		10 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
text/javascript
InitFormData
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/InitFormData?msn=5&pid=ea931bd2-b42e-4c63-a53b-c903d47af70a&token=C1F55716-3085-8FD0-2209-1060E3BBBDDC&_=920729624
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.22.5.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-5-68.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 17 Oct 2022 19:55:15 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
5
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=145605262667436&ev=Microdata&dl=https%3A%2F%2Fanalyze.nw-click.com%2Fpersonal-loan%3Futm_source%3DDA%26utm_medium%3Daffiliate%26utm_campaign%3D42575%26offer%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26affiliateId%3D1006%26affiliateName%3DDA%26subId1%3D42575%26subId2%3D2ATC%26subId3%3D383939475%26subId4%3D1666031482-101722%26subId5%3D%26subId6%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26hoTid%3D10263400073caedc675e8c4b2b825b%26hoOfferId%3D99&rl=&if=false&ts=1666036515609&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22NerdWallet%3A%20Make%20all%20the%20right%20money%20moves%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.85&r=stable&ec=1&o=30&fbp=fb.1.1666036514105.903051829&it=1666036513790&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 17 Oct 2022 19:55:15 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
rum
rum.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.17.1%2Cservice%3Aanalyze-front-end&dd-api-key=puba17748089e0d77f22b4c6dfedca76a53&dd-evp-origin-version=4.17.1&dd-evp-origin=browser&dd-request-id=c0bb8923-a5ff-46b7-9501-597bf09c3134&batch_time=1666036515664
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:82bf:7748:2922:b37f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
events
api.trustedform.com/certs/4a41e99260b465c21959218545f4d2038f15c34c/ Frame FB59 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/4a41e99260b465c21959218545f4d2038f15c34c/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.80.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-80-156.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 17 Oct 2022 19:55:15 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
events
api.trustedform.com/certs/4a41e99260b465c21959218545f4d2038f15c34c/ Frame FB59 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/4a41e99260b465c21959218545f4d2038f15c34c/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.80.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-80-156.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 17 Oct 2022 19:55:16 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
events
api.trustedform.com/certs/4a41e99260b465c21959218545f4d2038f15c34c/ Frame FB59 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/4a41e99260b465c21959218545f4d2038f15c34c/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.80.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-80-156.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 17 Oct 2022 19:55:17 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
Snap
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/Snap?msn=6&pid=ea931bd2-b42e-4c63-a53b-c903d47af70a&token=C1F55716-3085-8FD0-2209-1060E3BBBDDC&_=920729625
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.22.5.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-5-68.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 17 Oct 2022 19:55:18 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
8
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Snap
leadid.onthebarrelhead.com/2.11.9/ 		0
956 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/Snap?msn=7&pid=ea931bd2-b42e-4c63-a53b-c903d47af70a&token=C1F55716-3085-8FD0-2209-1060E3BBBDDC&_=920729626
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.22.5.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-5-68.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 17 Oct 2022 19:55:18 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
14
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Snap
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/Snap?msn=8&pid=ea931bd2-b42e-4c63-a53b-c903d47af70a&token=C1F55716-3085-8FD0-2209-1060E3BBBDDC&_=920729627
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.22.5.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-5-68.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 17 Oct 2022 19:55:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
6
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Snap
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/Snap?msn=9&pid=ea931bd2-b42e-4c63-a53b-c903d47af70a&token=C1F55716-3085-8FD0-2209-1060E3BBBDDC&_=920729628
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.22.5.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-5-68.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 17 Oct 2022 19:55:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
9
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
events
api.trustedform.com/certs/4a41e99260b465c21959218545f4d2038f15c34c/ Frame FB59 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/4a41e99260b465c21959218545f4d2038f15c34c/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.80.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-80-156.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 17 Oct 2022 19:55:18 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
common.js
maps.googleapis.com/maps-api-v3/api/js/50/9/intl/de_ALL/ 		248 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/50/9/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDS-PiX0T0HhN3K_69LEvUOYySpGxNAaGk&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b02e2d78209325f7d74120d554a8c9e8350e508d99f5053e85daccd792f28acd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:38:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433007
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69614
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 19:01:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 19:38:31 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/50/9/intl/de_ALL/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/50/9/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDS-PiX0T0HhN3K_69LEvUOYySpGxNAaGk&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2984c3ba392dc9504b5ffb2c6626852dea7a71c5e1196bcbec4127ca1978d7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:38:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433007
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61951
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 19:01:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 19:38:31 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| regeneratorRuntime object| LeadiDconfig object| LeadiD object| DD_RUM function| parcelRequire object| defaultStyleFrame object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording object| analyticsConnectorInstances object| dataLayer object| google_tag_manager object| google_tag_data object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView function| hj object| _hjSettings string| TiktokAnalyticsObject object| ttq function| fbq function| _fbq object| gaGlobal object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules string| label string| id boolean| sensitiveData function| UET function| UET_init function| UET_push object| ueto_db880bf11f object| uetq object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks

26 Cookies

Domain/Path Name / Value
.speedtrkzone.com/ Name: st
Value: bGnjmtLqfmHJpvZZuN4y6RoWnya5eWLf/qX/07kw0mmZeWBNEkNmZA==
.speedtrkzone.com/ Name: tib
Value: kR2gFptLk/7E1cpez61MfxoWnya5eWLf/qX/07kw0mmZeWBNEkNmZA==
.speedtrkzone.com/ Name: c31497
Value: bGnjmtLqfmEKJnXvJMhTrXpdMsTIew4Qdp203kgjPkcTH8HpcHUPmQ==
.www.nerdwallet.com/ Name: __cf_bm
Value: ncJR1Xajbtj0U6lbT52pXqHHeR_k8ZqgQfrZC3CAxXo-1666036512-0-AUNlWxXKhyLT5iAQYAW71NV6C+KNCwZnObytkgoPFdfw+EByI0lxchAAZdB0FPaubGVEt30xeyoMIHy6EBFYTFBC73b3sRwY5YTpCmp6pxy/
.www.nerdwallet.com/ Name: __cfruid
Value: 1a910c0fe47d3c7815d2fbb724008dd746a3fc25-1666036512
analyze.nw-click.com/ Name: leadid_token-22813350-8774-3000-19AC-FC31C47988BB-6A646C57-A079-2DAF-11AA-FA12E35CE4D2
Value: C1F55716-3085-8FD0-2209-1060E3BBBDDC
.nw-click.com/ Name: AMP_38544bdf07
Value: JTdCJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJkZXZpY2VJZCUyMiUzQSUyMjQyZGM4YjY0LTE2NzAtNDg2NC1iYmU0LTA5MzJjNGExNDBiYyUyMiUyQyUyMmxhc3RFdmVudFRpbWUlMjIlM0ExNjY2MDM2NTEzNTIxJTJDJTIyc2Vzc2lvbklkJTIyJTNBMTY2NjAzNjUxMzM3OCUyQyUyMnVzZXJJZCUyMiUzQSUyMmQ3NjkyMzgwMDViNzRiMTE5OTE0Yjg2NTY4ODBhMDQzJTIyJTdE
.deviceid.trueleadid.com/ Name: uuid
Value: 36d0d7a41a7a4fbabc67b632614d8c18
.nw-click.com/ Name: _gcl_au
Value: 1.1.1155083393.1666036514
.nw-click.com/ Name: _ga_X4363VV9ZN
Value: GS1.1.1666036513.1.0.1666036513.0.0.0
.nw-click.com/ Name: _ga
Value: GA1.1.1468283434.1666036514
.bing.com/ Name: MUID
Value: 07E66C0E7620622A0A237E4E774B6330
.nw-click.com/ Name: _uetsid
Value: 9d8eb6304e5511ed99c6bfb06361af53
.nw-click.com/ Name: _uetvid
Value: 9d8eb8b04e5511ed9595a3fe4d4dfa90
.nw-click.com/ Name: _fbp
Value: fb.1.1666036514105.903051829
.nw-click.com/ Name: _hjSessionUser_542041
Value: eyJpZCI6Ijc2YzQzOWU0LTFlMTItNTNiMi1iYjllLTZkZTA1Njg4NzliYiIsImNyZWF0ZWQiOjE2NjYwMzY1MTQwNzUsImV4aXN0aW5nIjpmYWxzZX0=
.nw-click.com/ Name: _hjFirstSeen
Value: 1
analyze.nw-click.com/ Name: _hjIncludedInSessionSample
Value: 1
.nw-click.com/ Name: _hjSession_542041
Value: eyJpZCI6ImRhNWNiYzViLTQyZTUtNGVhOS05YjUyLTgxZDVhMjEwM2FmZiIsImNyZWF0ZWQiOjE2NjYwMzY1MTQxMjYsImluU2FtcGxlIjp0cnVlfQ==
.nw-click.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.nw-click.com/ Name: _tt_enable_cookie
Value: 1
.nw-click.com/ Name: _ttp
Value: a8a2c1cc-5d6d-4d41-828a-5f16d8314a9d
www.nerdwallet.com/ Name: AWSALBTGCORS
Value: tWE6DlhGgLTfMuD4PVGHleaf7KlJ9g0vWiR8c5iU22LMNQpYfxl8emgwfyUSOA5WaajvLuBGISvj4g2d5HF+lWb4hnwKnv1j9gyvDxaPYDc3n7qlIoto/cBLEU0ovCYeOl0wMIrlzJSdN0GWcqVadkqW5fLp3VSnpYmC4aTGaoZF
www.nerdwallet.com/ Name: AWSALBCORS
Value: JFAc7EZ7NO2mX9InVRlYe2mPJoucZLkt4HdjRKZFqWoOuhW5pLkearNa4Q0ReAxjStj3zv2sKPilGJOrhPwkCOuX8IYaDwlw0AcsodEq/nBOzYvUb68g8ZshNMlu
.nw-click.com/ Name: AMP_MKTG_38544bdf07
Value: JTdCJTIydXRtX3NvdXJjZSUyMiUzQSUyMkRBJTIyJTJDJTIydXRtX21lZGl1bSUyMiUzQSUyMmFmZmlsaWF0ZSUyMiUyQyUyMnV0bV9jYW1wYWlnbiUyMiUzQSUyMjQyNTc1JTIyJTdE
analyze.nw-click.com/ Name: _dd_s
Value: rum=1&id=7da51a02-ea02-47fe-9f59-614598aa0fe2&created=1666036512816&expire=1666037412816

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
analyze.nw-click.com
api.onthebarrelhead.com
api.trustedform.com
api2.amplitude.com
bat.bing.com
cdn.trustedform.com
connect.facebook.net
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
email.devotionaloftheday.com
in.hotjar.com
leadid.onthebarrelhead.com
maps.googleapis.com
region1.google-analytics.com
rum.browser-intake-datadoghq.com
script.hotjar.com
speedtrkzone.com
static.hotjar.com
track.insight.devotionalcheckin.com
tracking.plpro.co
vars.hotjar.com
wkwkero.com
ws8.hotjar.com
www.facebook.com
www.googletagmanager.com
www.nerdwallet.com
13.226.153.18
172.64.145.193
18.210.69.85
18.66.147.29
184.86.103.20
2001:4860:4802:34::36
23.22.5.68
2600:1f18:24e6:b901:82bf:7748:2922:b37f
2600:9000:206f:c00:c:d509:13c0:93a1
2600:9000:223d:6800:1c:7f1a:6680:93a1
2606:4700:20::ac43:4aaa
2620:1ec:c11::200
2a00:1450:4001:80e::200a
2a00:1450:4001:82b::2008
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.195.209.248
34.195.85.209
34.200.117.186
34.246.28.68
34.86.85.56
44.237.43.91
52.210.216.106
52.212.218.167
52.222.206.97
52.222.236.43
54.167.80.156
0a958d7fcd7d95f4d0357c023623f3f3b5a789a9f7bcaa9ee55a90ac9bf52732
10c441f77f0e082ecc45675ee120f3ec2075e5399d276ef9791e733374b8e30d
10e59eebc56bdd8afae70a6ed3187b25317a7a8993374b539fa45b8277443274
159c6b1e9f2d3b4d2fc9530c5da40152f37a34551bd0a7fb528f7ff6e3d9d83a
18157870a65e487555dce9077bd3351b73a34fbdb844c4619b6fb5c530d58273
1d37da68533f0bec1e870616609117f51870aa044e96f81c85bfb24a32e3253e
209bbba6f7163b259848583858ea8e1cb5761089ad194de95a97e9601f9d7ccc
270bbfb18c2b0cb47b591af167e5d5e38596785ae091ad8a596dc4a7d21c1432
2984c3ba392dc9504b5ffb2c6626852dea7a71c5e1196bcbec4127ca1978d7e5
2d793e9fc718ea6e7c8e81ddf7cdef6cc4bf5817c4869171b56fddbdee811269
300e390ceb53bef2b5375957c35f14dcff4326fab210a594fcf48ffabae5fe2a
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
37473b44ff83bdebfe4656b14121fcf6213f1ab9c96be74e0b060f3cd9c11c11
38a90e4f4ecd3208b29b98998e078ab123edd00110f374519fcaac46e912ef77
48da1f3149b6e00e95d8ef4a57e773ab558a864b77c96f6019e4cfebe19106a6
4ae4bbc3bbd5733dcaf9302940b4115e5871733f71ab3f3e7250e693b4d05f6d
4c53686b7318dc68f809d337ab0a9ec82db4d9d77e4f8c2d882151aef6cca082
5421dc0e3f4bff0e2f63bd5b0ef1de5eeefbca93253cebacca55a7847f95823f
558cd598045dc045b0b77d8d36dae3cc0cbc236f61b4f34bc1df1cfe07725552
5f2918a3837e166689fe62eae82565780f8e4e447790a9cf643e36f3817cf3d1
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
7e6c865ab64d2cd8c6bc7faf32005647387728a6510bd27d097131aa3beae88a
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
9b5c1ca37e9516661f3389aa8e7a0605d17c9102482a75398864017093ccf107
a9106f8201be70decee33d6db0ed15214e640fb5760a3ee0492dcfb6ca7b8ad0
ae68e771989d53e83a9887becea1cf92f05bb050409188d4476e8fe12834eaa4
b02e2d78209325f7d74120d554a8c9e8350e508d99f5053e85daccd792f28acd
b71779fb6bf169b8f365ad4ed7bb2559e122941f613cc69e6cd2004635f92fc0
ba8be65746ca30fadff7deb639117ec587a44e0428f89218d70bc5e4888ac308
c45992da4f0169a7651346ef0a4cb27efe93b28a3b80d230a6f428a0e242db65
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb9e9fef68b5e9d72ae30f7a82d7d8aba8034672cd49059ffd4d9ed64dcc24ae
ce6bc560b05dfbd3518479bfe62f74f38a38939bc9bac10033160a3b589a86ce
cf5559cc6769cc8d807eeda95b071ef56cea8f3b3ba8cc66d219abd2ad2a931f
d80f782c175ee34155d9df75ffb2ebeff7e968fa049ed143ccf65e517a5c1b9e
d925fff8efab019e1af1ff0f17536c75c75a98d4a3a4e2a0da301bb7e43488fc
de10e6e1737b7031c84053fb8500a554901034dac8169e816b2a9d19dea8e27c
de10f106076d34e121db9d4b9f2b2d667f3fb6e8a68b4c6d197c96186c710e5b
deaf4755d9da347b937b7b0ca90f0c5b811f380f4f9386b3ba081f73e5dec1e5
df7d904b769cd337e322637742dc8a004200cc4142d7b4fb40f1b3c222191774
df95c359e3559c219087fcb7d390b577cbd6577c0338d18644bd275149c62a86
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047
e9bd9db83268ae9694965b94341b1ac5c2da802cfb7d87ed5b1b2727d8ea5ed2
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f532f9adcd2ea8f21a7ea3e6a7bd46f4f5839a1aec93a35ea93bd7e17201a441