urlscan.io logo urlscan.io
SecurityTrails logo

analyze.nw-click.com Open in urlscan Pro
2600:9000:223d:b800:c:d509:13c0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://email.devotionaloftheday.com/c/eJxFkjmO3DAQRU_THQpctJBBBwMbcwLnDe6UxKVJURSl01uT2EBFhfcfUIWvXnAcR4BhT_BTvnqlOXnOLwQQggBOkGCIcA...
Effective URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditio...
Submission: On October 17 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 3 countries across 22 domains to perform 80 HTTP transactions. The main IP is 2600:9000:223d:b800:c:d509:13c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is analyze.nw-click.com. The Cisco Umbrella rank of the primary domain is 675380.
TLS certificate: Issued by Amazon on August 25th 2022. Valid for: a year.
This is the only time analyze.nw-click.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.86.85.56 396982 (GOOGLE-CL...)
1 1 18.214.171.162 14618 (AMAZON-AES)
1 1 34.200.117.186 14618 (AMAZON-AES)
1 1 18.210.69.85 14618 (AMAZON-AES)
1 1 52.210.123.14 16509 (AMAZON-02)
21 2600:9000:223... 16509 (AMAZON-02)
9 172.64.145.193 13335 (CLOUDFLAR...)
8 54.237.159.171 14618 (AMAZON-AES)
1 5 54.167.80.156 14618 (AMAZON-AES)
2 2600:9000:223... 16509 (AMAZON-02)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 52.222.206.49 16509 (AMAZON-02)
1 3.232.143.48 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2600:1f18:24e... 14618 (AMAZON-AES)
4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 18.66.97.37 16509 (AMAZON-02)
3 184.86.103.17 20940 (AKAMAI-ASN1)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 52.222.236.63 16509 (AMAZON-02)
1 18.66.147.29 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 18.66.112.19 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 44.240.84.34 16509 (AMAZON-02)
80 22
1    34.86.85.56 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 56.85.86.34.bc.googleusercontent.com
email.devotionaloftheday.com
1    18.214.171.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-171-162.compute-1.amazonaws.com
track.insight.devotionalcheckin.com
1    34.200.117.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-117-186.compute-1.amazonaws.com
wkwkero.com
1    18.210.69.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-69-85.compute-1.amazonaws.com
speedtrkzone.com
1    52.210.123.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-123-14.eu-west-1.compute.amazonaws.com
tracking.plpro.co
21    2600:9000:223d:b800:c:d509:13c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
analyze.nw-click.com
9    172.64.145.193 (United States)

ASN13335 (CLOUDFLARENET, US)
www.nerdwallet.com
8    54.237.159.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-159-171.compute-1.amazonaws.com
leadid.onthebarrelhead.com
5    54.167.80.156 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-80-156.compute-1.amazonaws.com
api.trustedform.com
2    2600:9000:223d:fc00:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.trustedform.com
4    2606:4700:20::ac43:4aaa (United States)

ASN13335 (CLOUDFLARENET, US)
api.onthebarrelhead.com
1    52.222.206.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-49.fra56.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
1    3.232.143.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-143-48.compute-1.amazonaws.com
deviceid.trueleadid.com
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
4    2600:1f18:24e6:b900:fb83:38c3:54ee:f548 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rum.browser-intake-datadoghq.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net
static.hotjar.com
3    184.86.103.17 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-103-17.deploy.static.akamaitechnologies.com
analytics.tiktok.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net
script.hotjar.com
1    18.66.147.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-29.fra60.r.cloudfront.net
vars.hotjar.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    18.66.112.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-19.fra56.r.cloudfront.net
vc.hotjar.io
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    44.240.84.34 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-84-34.us-west-2.compute.amazonaws.com
api2.amplitude.com
Apex Domain
Subdomains		 Transfer
21 nw-click.com
analyze.nw-click.com — Cisco Umbrella Rank: 675380
1 MB
12 onthebarrelhead.com
leadid.onthebarrelhead.com — Cisco Umbrella Rank: 529254
api.onthebarrelhead.com — Cisco Umbrella Rank: 589263
10 KB
9 nerdwallet.com
www.nerdwallet.com — Cisco Umbrella Rank: 36960
59 KB
7 trustedform.com
api.trustedform.com — Cisco Umbrella Rank: 25908
cdn.trustedform.com — Cisco Umbrella Rank: 29116
41 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 379
12 KB
4 browser-intake-datadoghq.com
rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 2895
4 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 362
184 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
132 KB
3 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 872
98 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 619
script.hotjar.com — Cisco Umbrella Rank: 789
vars.hotjar.com — Cisco Umbrella Rank: 916
69 KB
2 amplitude.com
api2.amplitude.com — Cisco Umbrella Rank: 1497
287 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
222 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
135 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2195
259 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2668
351 B
1 trueleadid.com
deviceid.trueleadid.com — Cisco Umbrella Rank: 15510
2 KB
1 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
2 KB
1 plpro.co
tracking.plpro.co — Cisco Umbrella Rank: 772108
2 KB
1 speedtrkzone.com
speedtrkzone.com — Cisco Umbrella Rank: 766674
873 B
1 wkwkero.com
wkwkero.com
308 B
1 devotionalcheckin.com
track.insight.devotionalcheckin.com — Cisco Umbrella Rank: 701658
467 B
1 devotionaloftheday.com
email.devotionaloftheday.com
721 B
80 22
Domain Requested by
21 analyze.nw-click.com analyze.nw-click.com
cdn.trustedform.com
9 www.nerdwallet.com analyze.nw-click.com
cdn.trustedform.com
8 leadid.onthebarrelhead.com analyze.nw-click.com
deviceid.trueleadid.com
5 api.trustedform.com 1 redirects api.trustedform.com
cdn.trustedform.com
4 bat.bing.com www.googletagmanager.com
bat.bing.com
analyze.nw-click.com
4 rum.browser-intake-datadoghq.com analyze.nw-click.com
4 maps.googleapis.com analyze.nw-click.com
maps.googleapis.com
4 api.onthebarrelhead.com analyze.nw-click.com
3 connect.facebook.net analyze.nw-click.com
connect.facebook.net
3 analytics.tiktok.com analyze.nw-click.com
analytics.tiktok.com
2 api2.amplitude.com analyze.nw-click.com
2 www.facebook.com analyze.nw-click.com
2 www.googletagmanager.com analyze.nw-click.com
www.googletagmanager.com
2 cdn.trustedform.com analyze.nw-click.com
api.trustedform.com
1 vc.hotjar.io analyze.nw-click.com
1 region1.google-analytics.com www.googletagmanager.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.googletagmanager.com
1 deviceid.trueleadid.com d2m2wsoho8qq12.cloudfront.net
1 d2m2wsoho8qq12.cloudfront.net analyze.nw-click.com
1 tracking.plpro.co 1 redirects
1 speedtrkzone.com 1 redirects
1 wkwkero.com 1 redirects
1 track.insight.devotionalcheckin.com 1 redirects
1 email.devotionaloftheday.com 1 redirects
80 26
Subject Issuer Validity Valid
*.analyze.nw-click.com
Amazon		 2022-08-25 -
2023-09-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-08 -
2023-04-07		 a year crt.sh
leadid.onthebarrelhead.com
R3		 2022-09-14 -
2022-12-13		 3 months crt.sh
onthebarrelhead.com
Cloudflare Inc ECC CA-3		 2022-04-30 -
2023-04-30		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
deviceid.trueleadid.com
Amazon		 2022-01-07 -
2023-02-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.browser-intake-datadoghq.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-21 -
2023-07-22		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-27 -
2022-10-25		 3 months crt.sh
*.hotjar.io
Amazon		 2022-07-18 -
2023-08-16		 a year crt.sh
*.trustedform.com
Amazon		 2022-09-11 -
2023-10-09		 a year crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2022-01-28 -
2023-02-28		 a year crt.sh
cdn.trustedform.com
Amazon		 2022-04-14 -
2023-05-13		 a year crt.sh

This page contains 6 frames:

Primary Page: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
Frame ID: E88AC1025ED56E45C6111AE3A845E4FC
Requests: 69 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=81189091-1874-2770-4DD2-F030576CD53F&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Frame ID: D342298E643FEA345D34D3F6D7A988A4
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=81189091-1874-2770-4DD2-F030576CD53F&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Frame ID: 3F93AE972B124644703DD858D3F8D5F2
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: FF45F7C9A9869AB9FEFEBA7DA65A79AF
Requests: 1 HTTP requests in this frame

Frame: https://api.trustedform.com/certs
Frame ID: 2F8F0885CB483CA5B59D630D78EA83AF
Requests: 1 HTTP requests in this frame

Frame: https://api.trustedform.com/certs/2ec2853c5236095a8ea40ad05bf389ba506cba8a/snapshot
Frame ID: 1276B1CCB4D49EF49CACCDED72F8F0EE
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NerdWallet: Make all the right money movesNerdWalletNerdWallet

Page URL History Show full URLs

  1. http://email.devotionaloftheday.com/c/eJxFkjmO3DAQRU_THQpctJBBBwMbcwLnDe6UxKVJURSl01uT2EBFhfcfUIWvXnAcR4BhT_BTvn... HTTP 302
    http://track.insight.devotionalcheckin.com/?xtl=vfypxfitn30jrncvobezn5npzkbdgao2alz9mqmqenb3urukfzligxntcuoqh9antqrxu7j... HTTP 302
    http://wkwkero.com/?E=QSBALucJonI1vncQhFBWi8Ce%2bTPVyvQIDbfaF54T%2fx8%3d&s1=2ATC&s2=1666031482-... HTTP 302
    https://speedtrkzone.com/?E=QSBALucJonI1vncQhFBWi8Ce%2bTPVyvQIDbfaF54T%2fx8%3d&s1=2ATC&s2=1666031482-... HTTP 302
    http://tracking.plpro.co/aff_c?offer_id=99&aff_id=1006&aff_sub=42575&aff_sub2=2ATC&aff_sub3=383939480... HTTP 302
    https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=Ne... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

80
Requests

98 %
HTTPS

38 %
IPv6

22
Domains

26
Subdomains

22
IPs

3
Countries

1852 kB
Transfer

6607 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://email.devotionaloftheday.com/c/eJxFkjmO3DAQRU_THQpctJBBBwMbcwLnDe6UxKVJURSl01uT2EBFhfcfUIWvXnAcR4BhT_BTvnqlOXnOLwQQggBOkGCIcAc1luMEAZvkiCChjx5IVWOZY2Au6mKVZGcnon_aF2A9FQpwQAFhXE1Each7oqhAHEswPd3LlvJ54K8H-r6nZCbWbg7bbGzp_muFVWKdw4_1B8TfrbgH_l31-Wl6LgGDJQdRI1dXGMLnWrk0LCLmLuqTTypwvOd91ZebTQtF7DFZykJJue3T0hIFhjjN5rQKDFQie-s1TLaKWHiZM65Tj06BVraRQtzEG5MhMhhaOPyirslCXMFJI7F1AZcT0Qz44nAbgK-lJnQSbYxVpj8-DB27GbKKcE0tHU4YvhbmG7UAJeaM8zEfVwLr0OTuBPMVLJaWBd1nNOZ6tEpwyjPh0XsXJJETG21WmB3G45BvsxV9cKdeSWvzTta0-bxt1g4UPNCoZns_DqtlGzQcxXl-PnvfJmQ0ZcSVQsqBLfKLntJNS1bYpspbRKnuGPr68-veRtHeeg_iPWeKPZMKwNbsnCq8mX8VQs_8OliQrKsqy_muSRR2Cyp3MZtnebUuL1VF0KG66A50qXEYh84WWorvJjLuazcoxNnduGX9C6825Yg HTTP 302
    http://track.insight.devotionalcheckin.com/?xtl=vfypxfitn30jrncvobezn5npzkbdgao2alz9mqmqenb3urukfzligxntcuoqh9antqrxu7jxq90g8lfaiqkc30eq8ux4f1qhvcotbtir3v742yc2kas8t8l7bxadnoa1nxnwmjez7h13v0y9o8hvj0zlcog53zb1s50mvtvq2y8fggheg4wpa2wug5reo1kqxqwlcgbktamx9h02qalglmorwzq0k5xdulcamv0jh9tj2mqexal42kd0ydyq36mmlnd8d7a6hre3awgm3nr5rehc4nlyfk8xxiu8kqsmrsshh590&eih=3ejs5f16cyyppu4x72gf9a8ltt8tw3h2mjf7q&dataset_code=2ATC&ocx_func_ir93made01xxhiqv1=1666031482 HTTP 302
    http://wkwkero.com/?E=QSBALucJonI1vncQhFBWi8Ce%2bTPVyvQIDbfaF54T%2fx8%3d&s1=2ATC&s2=1666031482-101722 HTTP 302
    https://speedtrkzone.com/?E=QSBALucJonI1vncQhFBWi8Ce%2bTPVyvQIDbfaF54T%2fx8%3d&s1=2ATC&s2=1666031482-101722&ckmguid=39f24326-7520-4bd5-9e44-ff6680df7c5c HTTP 302
    http://tracking.plpro.co/aff_c?offer_id=99&aff_id=1006&aff_sub=42575&aff_sub2=2ATC&aff_sub3=383939480&aff_sub4=1666031482-101722&aff_sub5= HTTP 302
    https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16660365139160.6642058168704532&invert_field_sensitivity=false HTTP 301
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16660365139160.6642058168704532&invert_field_sensitivity=false

80 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request personal-loan
analyze.nw-click.com/
Redirect Chain
  • http://email.devotionaloftheday.com/c/eJxFkjmO3DAQRU_THQpctJBBBwMbcwLnDe6UxKVJURSl01uT2EBFhfcfUIWvXnAcR4BhT_BTvnqlOXnOLwQQggBOkGCIcAc1luMEAZvkiCChjx5IVWOZY2Au6mKVZGcnon_aF2A9FQpwQAFhXE1Each7oqhAHEs...
  • http://track.insight.devotionalcheckin.com/?xtl=vfypxfitn30jrncvobezn5npzkbdgao2alz9mqmqenb3urukfzligxntcuoqh9antqrxu7jxq90g8lfaiqkc30eq8ux4f1qhvcotbtir3v742yc2kas8t8l7bxadnoa1nxnwmjez7h13v0y9o8hvj...
  • http://wkwkero.com/?E=QSBALucJonI1vncQhFBWi8Ce%2bTPVyvQIDbfaF54T%2fx8%3d&s1=2ATC&s2=1666031482-101722
  • https://speedtrkzone.com/?E=QSBALucJonI1vncQhFBWi8Ce%2bTPVyvQIDbfaF54T%2fx8%3d&s1=2ATC&s2=1666031482-101722&ckmguid=39f24326-7520-4bd5-9e44-ff6680df7c5c
  • http://tracking.plpro.co/aff_c?offer_id=99&aff_id=1006&aff_sub=42575&aff_sub2=2ATC&aff_sub3=383939480&aff_sub4=1666031482-101722&aff_sub5=
  • https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId...
1 KB
972 B 		Document
General
Check archive.org
Download Go to
Full URL
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b800:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38a90e4f4ecd3208b29b98998e078ab123edd00110f374519fcaac46e912ef77

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=0, s-maxage=2
content-encoding
gzip
content-type
text/html
date
Mon, 17 Oct 2022 19:55:14 GMT
etag
W/"1f90c52f97fe3d7ac015d760ff2f25c5"
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
x-amz-cf-id
YalKQLtJ_DUxWHtTPytWfOCpvJuft5acGViRVlKj8lbVNYp4Z7j80g==
x-amz-cf-pop
FRA56-P3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront

Redirect headers

Access-Control-Allow-Headers
Tune-SDK-Version
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
588
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 17 Oct 2022 19:55:13 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx
Tracking_id
102e6081e25a6bae13d89961056130
X-Request-Id
be85df25ba448bdec5b94b0845a1109f
X-Robots-Tag
noindex, nofollow
Gotham-Medium--critical.ee5c613487.woff2
www.nerdwallet.com/cdn/fonts/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/cdn/fonts/Gotham-Medium--critical.ee5c613487.woff2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.145.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18157870a65e487555dce9077bd3351b73a34fbdb844c4619b6fb5c530d58273

Request headers

Referer
https://analyze.nw-click.com/
Origin
https://analyze.nw-click.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
x-amz-version-id
WGxNQy8mBtoftWr2HdFv7vIcvFCp7NaI
cf-cache-status
HIT
x-amz-request-id
MSNVCBFQ14QKGNWA
age
2254073
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=ddTKAZTBb72eYqGalCHrDhsLkc0fPKqGwZI4cQcRbJw-1666036513-0-AQbV_h94ctzV3ejYt5DB0APuO5FJ9VqFLz7GmQNB2MbVRbkO1TNf-Wiw68akpXimjvR-9YiCEXyvp2IFMO96zRHCH2kxmawqGk30YLuhIOFu; report-to cf-csp-endpoint
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9436
x-amz-id-2
s2VRBYBvdf/KUOb2nJuu2AvYf5j9IQy/whpvXElVAi/rSNzRG1ZewIEhsnX05/rUGc243x5rG4k=
last-modified
Mon, 22 Mar 2021 20:57:27 GMT
server
cloudflare
etag
"ee5c6134876f0895658e48bb0bda8971"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=ddTKAZTBb72eYqGalCHrDhsLkc0fPKqGwZI4cQcRbJw-1666036513-0-AQbV_h94ctzV3ejYt5DB0APuO5FJ9VqFLz7GmQNB2MbVRbkO1TNf-Wiw68akpXimjvR-9YiCEXyvp2IFMO96zRHCH2kxmawqGk30YLuhIOFu"}],"group":"cf-csp-endpoint","max_age":86400}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
75bb9732df04995a-FRA
x-nerd
Edge
Gotham-Book--critical.fdbad282be.woff2
www.nerdwallet.com/cdn/fonts/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/cdn/fonts/Gotham-Book--critical.fdbad282be.woff2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.145.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba8be65746ca30fadff7deb639117ec587a44e0428f89218d70bc5e4888ac308

Request headers

Referer
https://analyze.nw-click.com/
Origin
https://analyze.nw-click.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
x-amz-version-id
YqixNq.3i6.6M4vrHwt_2_NRU9maJc4k
cf-cache-status
HIT
x-amz-request-id
MSNNRN9Z8H9PA9J3
age
2254073
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9492
x-amz-id-2
GmTBbnxS3ppjOwrPS9fgEn3HIlsU7X4tgpVRz++jUfkdqAGGHfcmTZTc3DApmChvHU5/vl75bY8=
last-modified
Mon, 22 Mar 2021 20:57:29 GMT
server
cloudflare
etag
"fdbad282bee3da1c38146487b9c2f412"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
75bb9732df0d995a-FRA
x-nerd
Edge
Gotham-Bold--critical.dcf83fb890.woff2
www.nerdwallet.com/cdn/fonts/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/cdn/fonts/Gotham-Bold--critical.dcf83fb890.woff2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.145.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ae4bbc3bbd5733dcaf9302940b4115e5871733f71ab3f3e7250e693b4d05f6d

Request headers

Referer
https://analyze.nw-click.com/
Origin
https://analyze.nw-click.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
x-amz-version-id
csXDMdMerAERSVKnyZV8Lz_tNycn6X8X
cf-cache-status
HIT
x-amz-request-id
J465QEEV8K25AVM5
age
2416913
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9112
x-amz-id-2
WtehQ5Tv2DKQLxjdYy/1EwOygQk9vqLGbkrjVJI/FxLkvF8TxFevvXFemr/+VfocqG9FHpeO5AM=
last-modified
Mon, 22 Mar 2021 20:57:29 GMT
server
cloudflare
etag
"dcf83fb8902adcc5fd75fdf6da548573"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
75bb9732df0a995a-FRA
x-nerd
Edge
ChronicleDisplay-Semibold--critical.2c31edcaf3.woff2
www.nerdwallet.com/cdn/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/cdn/fonts/ChronicleDisplay-Semibold--critical.2c31edcaf3.woff2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.145.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c45992da4f0169a7651346ef0a4cb27efe93b28a3b80d230a6f428a0e242db65

Request headers

Referer
https://analyze.nw-click.com/
Origin
https://analyze.nw-click.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
x-amz-version-id
hxLS9BBjDUYsoPEtm4oIowkdM_ODkcgf
cf-cache-status
HIT
x-amz-request-id
2QXA88JK4GHYSCX0
age
7246969
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11012
x-amz-id-2
ojIbqiwc6jJymQqBIukQPVDfk+deNQzpNT5zcJfzaEUYUVLyBGsTxr/hSB7LybswWdTX5GvT18Y=
last-modified
Mon, 22 Mar 2021 20:57:29 GMT
server
cloudflare
etag
"2c31edcaf37bc7ca0ca1103d29b5f5f1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
75bb9732df07995a-FRA
x-nerd
Edge
ChronicleDisplay-Roman--critical.835fdb1566.woff2
www.nerdwallet.com/cdn/fonts/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/cdn/fonts/ChronicleDisplay-Roman--critical.835fdb1566.woff2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.145.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
159c6b1e9f2d3b4d2fc9530c5da40152f37a34551bd0a7fb528f7ff6e3d9d83a

Request headers

Referer
https://analyze.nw-click.com/
Origin
https://analyze.nw-click.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
x-amz-version-id
TByrbO0kqrqPKmq32uLn3LcxEk8692TL
cf-cache-status
HIT
x-amz-request-id
BE8CXGTBW8T2KBE1
age
4964965
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=PoSBX17m5xqZZavi61odR_EOVNwhQ8E8uJV8NDpMunw-1666036513-0-AXmFZXoTbTHou1Zgng7XeYIBB-_pZypwVMw5h58u1D86jB1bDRc2ff4R35LFeqauCY2hh7aet11_3TN-WipaaxqPyUJTcNZjHChOcjr7NQnB; report-to cf-csp-endpoint
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10240
x-amz-id-2
/CE67kgQVfrMXHnJLaxq3edYH/LjwVmBlpfWNh7dYNzFMFNhvUnYngbIiLHvbrMqT85Lqt7bGLo=
last-modified
Mon, 22 Mar 2021 20:57:28 GMT
server
cloudflare
etag
"835fdb1566f032e3c41742af1a1ebc3c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=PoSBX17m5xqZZavi61odR_EOVNwhQ8E8uJV8NDpMunw-1666036513-0-AXmFZXoTbTHou1Zgng7XeYIBB-_pZypwVMw5h58u1D86jB1bDRc2ff4R35LFeqauCY2hh7aet11_3TN-WipaaxqPyUJTcNZjHChOcjr7NQnB"}],"group":"cf-csp-endpoint","max_age":86400}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
75bb9732df08995a-FRA
x-nerd
Edge
nerdwallet.fddd0e9f.css
analyze.nw-click.com/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analyze.nw-click.com/nerdwallet.fddd0e9f.css
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b800:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5421dc0e3f4bff0e2f63bd5b0ef1de5eeefbca93253cebacca55a7847f95823f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
1
x-amz-server-side-encryption
AES256
etag
W/"d698d768548a88516a778635bae28b7d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
T-Xy2XFgFAi6kVxtjmG6OJRA1Gl7fTDu7cae3xTVtD-B1TnbqZbm7w==
nw-pixel-v1.gif
www.nerdwallet.com/blog/wp-content/themes/nerdwallet/assets/tracking/ 		42 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nerdwallet.com/blog/wp-content/themes/nerdwallet/assets/tracking/nw-pixel-v1.gif
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.145.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
content-security-policy
frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42
x-xss-protection
1; mode=block;
last-modified
Mon, 10 Oct 2022 14:42:35 GMT
server
cloudflare
etag
"63442f5b-2a"
x-frame-options
SAMEORIGIN
vary
Origin, Origin
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
75bb9732d9279a11-FRA
x-nerd
Edge
expires
Thu, 31 Dec 2037 23:55:55 GMT
nerdwallet.b70d6938.js
analyze.nw-click.com/ 		4 MB
965 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analyze.nw-click.com/nerdwallet.b70d6938.js
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b800:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b5c1ca37e9516661f3389aa8e7a0605d17c9102482a75398864017093ccf107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
1
x-amz-server-side-encryption
AES256
etag
W/"d30970fb844b55ae95cf3bae9ea5081b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
G-WloSWa7BE5B77vMHAa2UpbW3pkEMx5GeCUHRU9Rh94Es17u8vzuw==
GenerateToken
leadid.onthebarrelhead.com/2.11.9/ 		36 B
992 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/GenerateToken?msn=1&pid=ba26668a-b481-4c80-8974-590e66b3f83d&_=816090226
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.237.159.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-159-171.compute-1.amazonaws.com
Software
envoy /
Resource Hash
46394703743ad9e36a77e1ec2f28f78d09723e0f79710ceaffdbfb6a56cc18a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 17 Oct 2022 19:55:14 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
61
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bootstrap.js
cdn.trustedform.com/
Redirect Chain
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16660365139160.6642058168704532&invert_field_sensitivity=false
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16660365139160.6642058168704532&invert_field_sensitivity=false
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16660365139160.6642058168704532&invert_field_sensitivity=false
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
Protocol
H2
Server
2600:9000:223d:fc00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d80f782c175ee34155d9df75ffb2ebeff7e968fa049ed143ccf65e517a5c1b9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
x-amz-version-id
to7EtxbNw4wTQ51GTUC55F9UIeZCxiGL
content-encoding
gzip
last-modified
Mon, 03 Oct 2022 18:12:40 GMT
server
AmazonS3
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
etag
W/"ba4b583161aee0d60d41a21495f9f7f2"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
ozg7D-BVuxsfQJmW1RTHy_CjlubK1UUI_BhCs3pmjcHNu2G0NZozqw==

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16660365139160.6642058168704532&invert_field_sensitivity=false
date
Mon, 17 Oct 2022 19:55:14 GMT
server
awselb/2.0
content-length
134
content-type
text/html
session
api.onthebarrelhead.com/api/v1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.onthebarrelhead.com/api/v1/session
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28b643dcf5072485f64c50e00b37045c8a7f0455e249fed27b9742fb345d0640

Request headers

Accept
application/json, text/plain, */*
Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 17 Oct 2022 19:55:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
origin,accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKUQvR8mcG9bYHz6P%2FeCTlOzDRf16p7AKy90NoM3ZIGObMTmGr0IPLoan1WKwsx5WRC2mZLK%2ByH%2F0GFSUBbFUDU%2BqIdyP61TH%2BduUrF%2B%2FSPmKzD%2BHKZjHq27Wdi1UnU%2FvEcRhhlY3s4kdFddb8eFiMv7Sad0"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
cf-ray
75bb97386d658fe3-FRA
session
api.onthebarrelhead.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.onthebarrelhead.com/api/v1/session
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://analyze.nw-click.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match
access-control-allow-methods
POST
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75bb973689ec8fe3-FRA
date
Mon, 17 Oct 2022 19:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LGNiGuGyAnYgwqRMaomSBVBnkvLwXXT5Q%2FIM6t39rTTIIeIv0WMmAzyd%2FSBwN0ZNENqPHSPH0AxQUXdNQHcEJFCbaXcf9LcdB0E1Sc66kbWUaMC8FW8SM5ERQxqMrLLWRfQ4KGVJaGgZXhlLNQfOqDjwX9F%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
9d603cbd-16ea-478c-b5ba-bb3f37b70dcc
https://analyze.nw-click.com/ 		25 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://analyze.nw-click.com/9d603cbd-16ea-478c-b5ba-bb3f37b70dcc
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48da1f3149b6e00e95d8ef4a57e773ab558a864b77c96f6019e4cfebe19106a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
25754
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame D342 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=81189091-1874-2770-4DD2-F030576CD53F&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-49.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
62051
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 17 Oct 2022 02:41:03 GMT
ETag
W/"63472048-dbb"
Last-Modified
Wed, 12 Oct 2022 20:15:04 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
X-Amz-Cf-Id
9uWrRtoL8MO5vLaaLrYRTN9aokThY59OX-QemJTdTg9aHJq15KoppQ==
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Hit from cloudfront
SaveDom
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/SaveDom?msn=2&pid=ba26668a-b481-4c80-8974-590e66b3f83d&token=81189091-1874-2770-4DD2-F030576CD53F&_=816090227
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.237.159.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-159-171.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 17 Oct 2022 19:55:14 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
6
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Snap
leadid.onthebarrelhead.com/2.11.9/ 		0
956 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/Snap?msn=3&pid=ba26668a-b481-4c80-8974-590e66b3f83d&token=81189091-1874-2770-4DD2-F030576CD53F&_=816090228
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.237.159.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-159-171.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 17 Oct 2022 19:55:14 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
15
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
iframe.html
deviceid.trueleadid.com/ Frame 3F93 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deviceid.trueleadid.com/iframe.html?token=81189091-1874-2770-4DD2-F030576CD53F&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Requested by
Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=81189091-1874-2770-4DD2-F030576CD53F&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.143.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-143-48.compute-1.amazonaws.com
Software
nginx /
Resource Hash
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer
https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=86400 public
content-encoding
gzip
content-type
text/html
date
Mon, 17 Oct 2022 19:55:15 GMT
etag
W/"632c7ff9-1049"
expires
Tue, 18 Oct 2022 19:55:15 GMT
last-modified
Thu, 22 Sep 2022 15:32:09 GMT
p3p
CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server
nginx
gtm.js
www.googletagmanager.com/ 		198 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MNTN8H2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c734bdbf3126abd312825cc131e855c2a47b97f237c04b430e7473877f678e90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69275
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Oct 2022 19:55:14 GMT
js
maps.googleapis.com/maps/api/ 		169 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyDS-PiX0T0HhN3K_69LEvUOYySpGxNAaGk&libraries=places
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
deaf4755d9da347b937b7b0ca90f0c5b811f380f4f9386b3ba081f73e5dec1e5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:14 GMT
content-encoding
gzip
server
mafe
vary
Accept-Language
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=24
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56573
x-xss-protection
0
expires
Mon, 17 Oct 2022 20:25:14 GMT
upgrade.28544a93.png
analyze.nw-click.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/upgrade.28544a93.png
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b800:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
37473b44ff83bdebfe4656b14121fcf6213f1ab9c96be74e0b060f3cd9c11c11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:16 GMT
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
"b422751a04be77117bf763c033cc4353"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
2903
x-amz-cf-id
BRtN_oPdDm10r4sz3sLo_B0YkwVNQO9CpZzPgCRjwUvelYOmwRuoZQ==
sofi.1a9e3ad8.png
analyze.nw-click.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/sofi.1a9e3ad8.png
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b800:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
209bbba6f7163b259848583858ea8e1cb5761089ad194de95a97e9601f9d7ccc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:16 GMT
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
"c4ce1ffe77ee99b77622a8ce267fd01e"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
1598
x-amz-cf-id
M2j_JDNuZ7yisS2Tb2egCzH01X8ut1eas6MOXc7DBZCiGdsdsfZjHg==
lendingclub.9d282818.png
analyze.nw-click.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/lendingclub.9d282818.png
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b800:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d793e9fc718ea6e7c8e81ddf7cdef6cc4bf5817c4869171b56fddbdee811269

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:16 GMT
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
"bbfb5d51d9a49005840cfba234bf3724"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
5732
x-amz-cf-id
GanvO74Qsq-0U_F1KIVRVteDJ1BKcB51JPh6DvM3jOSBgofgzE7tkg==
bestegg.48958c73.png
analyze.nw-click.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/bestegg.48958c73.png
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b800:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae68e771989d53e83a9887becea1cf92f05bb050409188d4476e8fe12834eaa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:16 GMT
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
"cabb4579944c8b296d788a5ed918857f"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
3870
x-amz-cf-id
TpIITLZ_cWfNvFCNJuoCVolWcTMtLtpEAPTLhkg_GLEMDtOXV7M8YA==
prosper.b70e666b.png
analyze.nw-click.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/prosper.b70e666b.png
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b800:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c53686b7318dc68f809d337ab0a9ec82db4d9d77e4f8c2d882151aef6cca082

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:16 GMT
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
"d732796ac77a22219c2f0e4c9c661590"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
4042
x-amz-cf-id
ZWdCPwiXu1jhghR2EKrs8NUFo911kFHyTksUKbQSGR_n9cLuKENJkQ==
graphic.5182f59d.svg
analyze.nw-click.com/ 		56 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/graphic.5182f59d.svg
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b800:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d37da68533f0bec1e870616609117f51870aa044e96f81c85bfb24a32e3253e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:16 GMT
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
W/"ac26fc1d0e12f359d738a22e75ea1be3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
1lR0pPl5OcB3Y2_RO07fDr6e02wQ8uTQZdbktylX7ZoCwjrzdDWpRg==
step1.4798433f.svg
analyze.nw-click.com/ 		28 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/step1.4798433f.svg
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b800:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df7d904b769cd337e322637742dc8a004200cc4142d7b4fb40f1b3c222191774

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:16 GMT
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
W/"b1ff304176046161d4322acb12f5a3ea"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
iDan3ZuDyvQowNNCqm4Cl79waMm2cMtueNPf9wf2ahDgWOUIzIeK0w==
step2.951bb7f4.svg
analyze.nw-click.com/ 		13 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/step2.951bb7f4.svg
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b800:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b71779fb6bf169b8f365ad4ed7bb2559e122941f613cc69e6cd2004635f92fc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:16 GMT
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
W/"b0de2862c933fecd011c45411876b971"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
h-u0ANxlLLhlO7RC2UKrYYuNnTojVkNu7Wrk77KbaV7uMJPnshIWZw==
step3.837fc13e.svg
analyze.nw-click.com/ 		40 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/step3.837fc13e.svg
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b800:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d925fff8efab019e1af1ff0f17536c75c75a98d4a3a4e2a0da301bb7e43488fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:16 GMT
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
W/"a798479fcc047df801b207b7f84457a5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
Tb9uymUW53Qy2sngwtik3XAnji2JZpJlIQVPb8ektp8tp9Ue3LG8Rw==
events
api.onthebarrelhead.com/api/v1/session/ 		150 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.onthebarrelhead.com/api/v1/session/events
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5d51a485171dedb3566f661b32d8ab439d6c46c50547dce47f516dd9c5451a2

Request headers

Accept
application/json, text/plain, */*
Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
Authorization
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIzM2Y5ZDEyYjNhZWM0NjgxOWY5MzM2NGJhNmMwMDNjZSIsImlhdCI6MTY2NjAzNjUxNCwiZXhwIjoxNjY2MTIyOTE0LCJ2IjoiMiIsInN1YiI6Njg5MTkzMzF9.65r96QlxL5dYlYb3rXaTLjjC0WTrch3GiJGY2XYjgFg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTy8yKCAcxacPu9YQFf0yZtXEE9we1GKCtIDs2UStwT0wYsCnXK8O%2BQa%2BlSJxT4HZyG%2FZx%2BtNH5umrv9MtvNC%2Fwx%2BcVGt6Lr7kOx9Eq%2FqQRSQPbBR0Y6D8%2F2w0lBJeuGDUxxHHRhG3JPJXrMl41qqpCieUiQ"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
cf-ray
75bb973b6b938fe3-FRA
content-length
150
query0
www.nerdwallet.com/api/ 		51 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/api/query0
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.145.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb9e9fef68b5e9d72ae30f7a82d7d8aba8034672cd49059ffd4d9ed64dcc24ae
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/json, text/plain, */*
Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
X-Caller-Client-ID
analyze
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
X-Client-Platform
web
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-security-policy
frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
server
cloudflare
etag
W/"33-s5cngptRtWdwa40P6GTKLptVFug"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
75bb973cbf405b86-FRA
x-nerd
Edge
events
api.onthebarrelhead.com/api/v1/session/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.onthebarrelhead.com/api/v1/session/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://analyze.nw-click.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match
access-control-allow-methods
POST
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75bb973a79d48fe3-FRA
date
Mon, 17 Oct 2022 19:55:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbvf0N1JVf91knWo3x9%2BJvypP8lcMMI0LIImBtoRk1lc5zQ5UhzWECPMNvJIXvMLASdSzQrRkRZypo08dnMNigEjq53nyQjhHR7dMObtQE86%2ByvGtWcqlRXRwocnTBVsMHucYzZmbt3KqG8UH5OmUNsmsgHm"}],"group":"cf-nel","max_age":604800}
server
cloudflare
query0
www.nerdwallet.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/api/query0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.145.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-caller-client-id,x-client-platform
Access-Control-Request-Method
POST
Origin
https://analyze.nw-click.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-caller-client-id,x-client-platform
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75bb973a7808995a-FRA
content-security-policy
frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
date
Mon, 17 Oct 2022 19:55:15 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Access-Control-Request-Headers, Origin, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-nerd
Edge
x-xss-protection
1; mode=block;
rum
rum.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.17.1%2Cservice%3Aanalyze-front-end&dd-api-key=puba17748089e0d77f22b4c6dfedca76a53&dd-evp-origin-version=4.17.1&dd-evp-origin=browser&dd-request-id=9ef8f209-158e-4ed4-9cb1-96099f2e9672&batch_time=1666036515073
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:fb83:38c3:54ee:f548 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNTN8H2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 17 Oct 2022 19:55:14 GMT
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A53A0BEB1FCB4542B16858054D6D6A82 Ref B: FRA31EDGE0715 Ref C: 2022-10-17T19:55:15Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11367
hotjar-542041.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-542041.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNTN8H2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-37.fra56.r.cloudfront.net
Software
/
Resource Hash
7e6c865ab64d2cd8c6bc7faf32005647387728a6510bd27d097131aa3beae88a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/528a80df8aad59bf3701a7574102ead2
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
x-amz-cf-id
Hyeqymo2NHQFX0BdvGAQR9sA7CPonxiTJ2W8pGnMpC89DsnRqIyEQA==
events.js
analytics.tiktok.com/i18n/pixel/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9682D3C77U9N0P9530G&lib=ttq
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-103-17.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ce6bc560b05dfbd3518479bfe62f74f38a38939bc9bac10033160a3b589a86ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-akamai-request-id
4f0f0458
date
Mon, 17 Oct 2022 19:55:15 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a184-86-102-17.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=97
content-length
990
pragma
no-cache
server
nginx
x-tt-logid
20221017195515386C619FAF79F46CB58B
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
97,184.86.102.17
x-tt-trace-host
01a18ba5dc8f88a1a3e821b675833cebdd743f285416567c856040141e3698155f29b6e70b0edc55b1bbfd84cb927fda56c66b728daf4569d56f33d4657e78363fc0f5089fb3aab0827faf71a96daaf03a
expires
Mon, 17 Oct 2022 19:55:15 GMT
js
www.googletagmanager.com/gtag/ 		183 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X4363VV9ZN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNTN8H2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
44959f51a1fbe850b7fc994b3057394b062cdd1f7ff6d5ed3ef9b6c56904af83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
67942
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 17 Oct 2022 19:55:15 GMT
fbevents.js
connect.facebook.net/en_US/ 		102 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
df95c359e3559c219087fcb7d390b577cbd6577c0338d18644bd275149c62a86
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 17 Oct 2022 19:55:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
27029
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
kWdLqoIZrU/3rGC3z8q3tKRN8ackXB1xOmRYjwXF+qaQmDDhRwYY+vHxYIp1YdMJknzOSQu5q2X6eTcdGyDW9A==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23
x-xss-protection
0
SaveDeviceId.js
leadid.onthebarrelhead.com/2.11.9/ Frame 3F93 		0
960 B 		Script
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/SaveDeviceId.js?lac=22813350-8774-3000-19AC-FC31C47988BB&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&methods=48&token=81189091-1874-2770-4DD2-F030576CD53F&uuid=d378dfc4e8d14f83a824e8d230f51248
Requested by
Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=81189091-1874-2770-4DD2-F030576CD53F&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.237.159.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-159-171.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deviceid.trueleadid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 19:55:15 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
6
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
modules.db0fd5db80f832174879.js
script.hotjar.com/ 		254 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.db0fd5db80f832174879.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-542041.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-63.fra56.r.cloudfront.net
Software
/
Resource Hash
10e59eebc56bdd8afae70a6ed3187b25317a7a8993374b539fa45b8277443274
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 08:42:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
40389
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
66081
last-modified
Mon, 17 Oct 2022 08:41:52 GMT
etag
"5278d8852118d6fae8702063aa272573"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
1W84-M_LCsVE45IkLfdgQNmbz67TwhepfLzWhHagsn27wT63cB3btw==
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.85
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 17 Oct 2022 19:55:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
20715
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Lx59KhfPtm7Up9BNAbEz9qV1XEvqsDe7HkrvGP5fYvDWCW5GwA7SfTaOtOru4ckQYXvRmA4/MYEY+bbC3q2XfA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
145605262667436
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/145605262667436?v=2.9.85&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5f2918a3837e166689fe62eae82565780f8e4e447790a9cf643e36f3817cf3d1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 17 Oct 2022 19:55:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
zauusJrD82k6wYYqb3UolZ8XjRsjWCiEIGxe2Q0xgDRyWpsErcvGfaDrhINE43OkKfzUgLN7VMZa8t39w5f1UQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
5715165.js
bat.bing.com/p/action/ 		0
119 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5715165.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Mon, 17 Oct 2022 19:55:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BC6E5B5B01444C78B456C214D403A914 Ref B: FRA31EDGE0715 Ref C: 2022-10-17T19:55:15Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5715165&tm=gtm002&Ver=2&mid=e750c8d3-8130-4dc8-98da-0e7cc4d50b79&sid=9e3ee4104e5511ed897d0d427c9bb4d4&vid=9e3f04404e5511edb4ceb92c40559c4f&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=NerdWallet%3A%20Make%20all%20the%20right%20money%20moves&p=https%3A%2F%2Fanalyze.nw-click.com%2Fpersonal-loan%3Futm_source%3DDA%26utm_medium%3Daffiliate%26utm_campaign%3D42575%26offer%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26affiliateId%3D1006%26affiliateName%3DDA%26subId1%3D42575%26subId2%3D2ATC%26subId3%3D383939480%26subId4%3D1666031482-101722%26subId5%3D%26subId6%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26hoTid%3D102e6081e25a6bae13d89961056130%26hoOfferId%3D99&r=&lt=2862&evt=pageLoad&sv=1&rn=59409
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 17 Oct 2022 19:55:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 46C8352FF4CB44DD9D4D1D5758C93928 Ref B: FRA31EDGE0715 Ref C: 2022-10-17T19:55:15Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-69edcc3187336f9b0a3fbb4c73be9fe6.html
vars.hotjar.com/ Frame FF45 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-542041.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-29.fra60.r.cloudfront.net
Software
/
Resource Hash
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://analyze.nw-click.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1160827
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 09:28:08 GMT
etag
"f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified
Tue, 04 Oct 2022 07:09:34 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
x-amz-cf-id
uDiY-JQN53E73noZzGVMfEs5XizD7uzGL2YoRv6AgUVYigZnTUPahg==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
none
collect
region1.google-analytics.com/g/ 		0
351 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-X4363VV9ZN&gtm=2oeaa0&_p=1568666888&cid=1128694494.1666036515&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666036515&sct=1&seg=0&dl=https%3A%2F%2Fanalyze.nw-click.com%2Fpersonal-loan%3Futm_source%3DDA%26utm_medium%3Daffiliate%26utm_campaign%3D42575%26offer%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26affiliateId%3D1006%26affiliateName%3DDA%26subId1%3D42575%26subId2%3D2ATC%26subId3%3D383939480%26subId4%3D1666031482-101722%26subId5%3D%26subId6%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26hoTid%3D102e6081e25a6bae13d89961056130%26hoOfferId%3D99&dt=NerdWallet%3A%20Make%20all%20the%20right%20money%20moves&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X4363VV9ZN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 19:55:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://analyze.nw-click.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
rum.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.17.1%2Cservice%3Aanalyze-front-end&dd-api-key=puba17748089e0d77f22b4c6dfedca76a53&dd-evp-origin-version=4.17.1&dd-evp-origin=browser&dd-request-id=e06147bd-14e9-4300-8595-b1ff85bce3a8&batch_time=1666036515311
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:fb83:38c3:54ee:f548 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
main.Mi4wLjAuNTZfMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		336 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNTZfMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9682D3C77U9N0P9530G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-103-17.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e9bd9db83268ae9694965b94341b1ac5c2da802cfb7d87ed5b1b2727d8ea5ed2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-akamai-request-id
4f0f06f6
date
Mon, 17 Oct 2022 19:55:15 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202210111320017856E2A8DA4E6B2158AF
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a184-86-102-17.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01c92c41b98df5c6d4b2df48227384b0ce747217b81816add7bebee464d71630c6ffbf8d7a694154114a7f6e7961b0e26a864e4f440f3bd01105d5524e80e3a9effa9511dc3fa3707e8b4493bf637a4f6b
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length
96859
542041
vc.hotjar.io/sessions/ 		0
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/542041?s=0.25&r=0.18034976068633246
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-19.fra56.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
via
1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
2cIWwm3gZ2CVjMB-d3BM8hJ3vKsNZFNogOpSGh8SxUrqtFvS1gPIvw==
InitFormData
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/InitFormData?msn=4&pid=ba26668a-b481-4c80-8974-590e66b3f83d&token=81189091-1874-2770-4DD2-F030576CD53F&_=816090229
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.237.159.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-159-171.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 17 Oct 2022 19:55:15 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
6
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
692 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNTZfMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-103-17.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
7bc72096.4f0f09d6
date
Mon, 17 Oct 2022 19:55:15 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a184-86-102-17.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-parent-response-time
112,184.86.102.17
server-timing
cdn-cache; desc=MISS, edge; dur=100, origin; dur=16, inner; dur=15
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20221017195515C5F8DC89F5EA2D6E3F9F
x-cache-remote
TCP_MISS from a23-218-223-23.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
16,23.218.223.23
x-tt-trace-host
01a18ba5dc8f88a1a3e821b675833cebdd7d0a569f6ae116ee849cbb7569321d0643c535a7626a8e309d9c7db8192935aa9d97b43f2112cef4221672220dabfd8001567a95c2172a9b275a04de58693e7a1e98dec5a476d7553543e865a6dd5442
expires
Mon, 17 Oct 2022 19:55:15 GMT
/
www.facebook.com/tr/ 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=145605262667436&ev=PageView&dl=https%3A%2F%2Fanalyze.nw-click.com%2Fpersonal-loan%3Futm_source%3DDA%26utm_medium%3Daffiliate%26utm_campaign%3D42575%26offer%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26affiliateId%3D1006%26affiliateName%3DDA%26subId1%3D42575%26subId2%3D2ATC%26subId3%3D383939480%26subId4%3D1666031482-101722%26subId5%3D%26subId6%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26hoTid%3D102e6081e25a6bae13d89961056130%26hoOfferId%3D99&rl=&if=false&ts=1666036515737&sw=1600&sh=1200&v=2.9.85&r=stable&ec=0&o=30&fbp=fb.1.1666036515736.1343735140&it=1666036515238&coo=false&rqm=GET
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 17 Oct 2022 19:55:15 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
rum
rum.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.17.1%2Cservice%3Aanalyze-front-end&dd-api-key=puba17748089e0d77f22b4c6dfedca76a53&dd-evp-origin-version=4.17.1&dd-evp-origin=browser&dd-request-id=4c3eed81-ca5c-460e-b997-fc5fc5e8389b&batch_time=1666036515865
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:fb83:38c3:54ee:f548 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
certs
api.trustedform.com/ Frame 2F8F 		475 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16660365139160.6642058168704532&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.80.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-80-156.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
623f0bd0fa958088299554af62219394b9d0ebf20064784fd75f9b2544b0ae62

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 17 Oct 2022 19:55:16 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
475
httpapi
api2.amplitude.com/2/ 		94 B
287 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.84.34 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-84-34.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
adf5bb45f442a6ff286794f7c6fbeaad016f80c73ac6e1a098ad5a5e6b6c48d3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 17 Oct 2022 19:55:16 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-634db324-3ec061b2463badf8450db9b6
content-length
94
access-control-allow-methods
GET, POST
content-type
application/json
httpapi
api2.amplitude.com/2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.84.34 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-84-34.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://analyze.nw-click.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-length
0
date
Mon, 17 Oct 2022 19:55:16 GMT
strict-transport-security
max-age=15768000
trustedform-1.8.29.js
cdn.trustedform.com/ 		99 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/trustedform-1.8.29.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16660365139160.6642058168704532&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:fc00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de10e6e1737b7031c84053fb8500a554901034dac8169e816b2a9d19dea8e27c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
oPelQ0fGWdbo7iDIXPghW4XZAnyuy5Ov
content-encoding
gzip
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
date
Mon, 17 Oct 2022 19:54:51 GMT
last-modified
Mon, 03 Oct 2022 18:12:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
26
etag
W/"05c5bc479b5cc70fc03787ab4e8d8dec"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
FMsIB7jA9JSspKWZU0t2ao1m-TzpJ2ag5cbcI8XEuifFBhUSAlXfEw==
snapshot
api.trustedform.com/certs/2ec2853c5236095a8ea40ad05bf389ba506cba8a/ Frame 1276 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/2ec2853c5236095a8ea40ad05bf389ba506cba8a/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.80.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-80-156.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 17 Oct 2022 19:55:16 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
upgrade.28544a93.png
analyze.nw-click.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/upgrade.28544a93.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b800:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
37473b44ff83bdebfe4656b14121fcf6213f1ab9c96be74e0b060f3cd9c11c11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:17 GMT
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
"b422751a04be77117bf763c033cc4353"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
2903
x-amz-cf-id
bFxnGHqUlqJGq57Bc6TdwhF_StLsAXSBCSS3KOkCYZ-3umHggBOaKA==
sofi.1a9e3ad8.png
analyze.nw-click.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/sofi.1a9e3ad8.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b800:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
209bbba6f7163b259848583858ea8e1cb5761089ad194de95a97e9601f9d7ccc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:17 GMT
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
"c4ce1ffe77ee99b77622a8ce267fd01e"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
1598
x-amz-cf-id
7L1yJF9aqDcMIXif939j1DZKkzSgepFojtwfmtwJQK2HGmem_CZWdw==
lendingclub.9d282818.png
analyze.nw-click.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/lendingclub.9d282818.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b800:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d793e9fc718ea6e7c8e81ddf7cdef6cc4bf5817c4869171b56fddbdee811269

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:17 GMT
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
"bbfb5d51d9a49005840cfba234bf3724"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
5732
x-amz-cf-id
1xWR6JDynpX3jS_dmVlHwnio8qMgevshy8MIAuK3YpycESMEaEv7XA==
bestegg.48958c73.png
analyze.nw-click.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/bestegg.48958c73.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b800:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae68e771989d53e83a9887becea1cf92f05bb050409188d4476e8fe12834eaa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:17 GMT
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
"cabb4579944c8b296d788a5ed918857f"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
3870
x-amz-cf-id
VU3iev58LS75b8Z3TwO2EpC5LC8exeoR1idrEfGohmpjy371iVKMtw==
prosper.b70e666b.png
analyze.nw-click.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/prosper.b70e666b.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b800:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c53686b7318dc68f809d337ab0a9ec82db4d9d77e4f8c2d882151aef6cca082

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:17 GMT
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
"d732796ac77a22219c2f0e4c9c661590"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
4042
x-amz-cf-id
41G8gmq8l31Z74bEintsuvznb77FztNUGQEXMwk-q2ya92VQaLvT8Q==
graphic.5182f59d.svg
analyze.nw-click.com/ 		56 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/graphic.5182f59d.svg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b800:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d37da68533f0bec1e870616609117f51870aa044e96f81c85bfb24a32e3253e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:17 GMT
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
W/"ac26fc1d0e12f359d738a22e75ea1be3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
mgTsOgX97bRLjtvoByo6YN8e2EMqanywOhG1b8isRbfh9-KPzQs7Yw==
step1.4798433f.svg
analyze.nw-click.com/ 		28 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/step1.4798433f.svg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b800:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df7d904b769cd337e322637742dc8a004200cc4142d7b4fb40f1b3c222191774

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:17 GMT
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
W/"b1ff304176046161d4322acb12f5a3ea"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
xNVbZfEGqoJqGtBZQktd6zJMsa5DPgcuvdiAuy6XxCfLil0BxNVlOQ==
step2.951bb7f4.svg
analyze.nw-click.com/ 		13 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/step2.951bb7f4.svg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b800:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b71779fb6bf169b8f365ad4ed7bb2559e122941f613cc69e6cd2004635f92fc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:17 GMT
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
W/"b0de2862c933fecd011c45411876b971"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
bcZGbBGmFkSL7ALzI65oG6aeOoklcHjU_mr9Hd1R4XlUZSw6mlYugQ==
step3.837fc13e.svg
analyze.nw-click.com/ 		40 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/step3.837fc13e.svg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b800:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d925fff8efab019e1af1ff0f17536c75c75a98d4a3a4e2a0da301bb7e43488fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939480&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102e6081e25a6bae13d89961056130&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:17 GMT
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
W/"a798479fcc047df801b207b7f84457a5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
tqQcn6h9VnsNrad0vNlVgWBlDQcHwMhMF8chAX9o_DOJNFcX05GnJQ==
nw-pixel-v1.gif
www.nerdwallet.com/blog/wp-content/themes/nerdwallet/assets/tracking/ 		42 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nerdwallet.com/blog/wp-content/themes/nerdwallet/assets/tracking/nw-pixel-v1.gif
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.145.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:16 GMT
content-security-policy
frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42
x-xss-protection
1; mode=block;
last-modified
Mon, 10 Oct 2022 14:42:35 GMT
server
cloudflare
etag
"63442f5b-2a"
x-frame-options
SAMEORIGIN
vary
Origin, Origin
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
75bb97446a259247-FRA
x-nerd
Edge
expires
Thu, 31 Dec 2037 23:55:55 GMT
fingerprints
api.trustedform.com/certs/2ec2853c5236095a8ea40ad05bf389ba506cba8a/ Frame 1276 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/2ec2853c5236095a8ea40ad05bf389ba506cba8a/fingerprints
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.80.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-80-156.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 17 Oct 2022 19:55:16 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
0
bat.bing.com/action/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5715165&tm=gtm002&Ver=2&mid=e750c8d3-8130-4dc8-98da-0e7cc4d50b79&sid=9e3ee4104e5511ed897d0d427c9bb4d4&vid=9e3f04404e5511edb4ceb92c40559c4f&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=NerdWallet%3A%20Make%20all%20the%20right%20money%20moves&p=https%3A%2F%2Fanalyze.nw-click.com%2Fpersonal-loan%3Futm_source%3DDA%26utm_medium%3Daffiliate%26utm_campaign%3D42575%26offer%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26affiliateId%3D1006%26affiliateName%3DDA%26subId1%3D42575%26subId2%3D2ATC%26subId3%3D383939480%26subId4%3D1666031482-101722%26subId5%3D%26subId6%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26hoTid%3D102e6081e25a6bae13d89961056130%26hoOfferId%3D99&r=&lt=2862&evt=pageLoad&sv=1&rn=59409
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 17 Oct 2022 19:55:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2042301EFF59413E8356B843926E4FD4 Ref B: FRA31EDGE0715 Ref C: 2022-10-17T19:55:16Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		10 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
text/javascript
Snap
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/Snap?msn=5&pid=ba26668a-b481-4c80-8974-590e66b3f83d&token=81189091-1874-2770-4DD2-F030576CD53F&_=816090230
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.237.159.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-159-171.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 17 Oct 2022 19:55:17 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
7
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
InitFormData
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/InitFormData?msn=6&pid=ba26668a-b481-4c80-8974-590e66b3f83d&token=81189091-1874-2770-4DD2-F030576CD53F&_=816090231
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.237.159.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-159-171.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 17 Oct 2022 19:55:16 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
7
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
rum
rum.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.17.1%2Cservice%3Aanalyze-front-end&dd-api-key=puba17748089e0d77f22b4c6dfedca76a53&dd-evp-origin-version=4.17.1&dd-evp-origin=browser&dd-request-id=44fdde4f-4b6f-4116-991d-ec6b685f02e5&batch_time=1666036517067
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:fb83:38c3:54ee:f548 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=145605262667436&ev=Microdata&dl=https%3A%2F%2Fanalyze.nw-click.com%2Fpersonal-loan%3Futm_source%3DDA%26utm_medium%3Daffiliate%26utm_campaign%3D42575%26offer%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26affiliateId%3D1006%26affiliateName%3DDA%26subId1%3D42575%26subId2%3D2ATC%26subId3%3D383939480%26subId4%3D1666031482-101722%26subId5%3D%26subId6%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26hoTid%3D102e6081e25a6bae13d89961056130%26hoOfferId%3D99&rl=&if=false&ts=1666036517239&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22NerdWallet%3A%20Make%20all%20the%20right%20money%20moves%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.85&r=stable&ec=1&o=30&fbp=fb.1.1666036515736.1343735140&it=1666036515238&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 17 Oct 2022 19:55:17 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
Snap
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/Snap?msn=7&pid=ba26668a-b481-4c80-8974-590e66b3f83d&token=81189091-1874-2770-4DD2-F030576CD53F&_=816090232
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.237.159.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-159-171.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 17 Oct 2022 19:55:17 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
8
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
events
api.trustedform.com/certs/2ec2853c5236095a8ea40ad05bf389ba506cba8a/ Frame 1276 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/2ec2853c5236095a8ea40ad05bf389ba506cba8a/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.80.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-80-156.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 17 Oct 2022 19:55:18 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
common.js
maps.googleapis.com/maps-api-v3/api/js/50/9/intl/de_ALL/ 		248 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/50/9/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDS-PiX0T0HhN3K_69LEvUOYySpGxNAaGk&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b02e2d78209325f7d74120d554a8c9e8350e508d99f5053e85daccd792f28acd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:38:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433003
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69614
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 19:01:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 19:38:37 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/50/9/intl/de_ALL/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/50/9/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDS-PiX0T0HhN3K_69LEvUOYySpGxNAaGk&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2984c3ba392dc9504b5ffb2c6626852dea7a71c5e1196bcbec4127ca1978d7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:38:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433003
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61951
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 19:01:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 19:38:37 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| regeneratorRuntime object| LeadiDconfig object| LeadiD object| DD_RUM function| parcelRequire object| defaultStyleFrame object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording object| analyticsConnectorInstances object| dataLayer object| google_tag_manager object| google_tag_data function| hj object| _hjSettings string| TiktokAnalyticsObject object| ttq function| fbq function| _fbq object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| UET function| UET_init function| UET_push object| ueto_bfbf6b59b9 object| uetq object| gaGlobal string| label string| id boolean| sensitiveData object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks

26 Cookies

Domain/Path Name / Value
.speedtrkzone.com/ Name: som
Value: 1u8z+fWBTIzeKUFXhSWqQBoWnya5eWLfGiqmfcRiKZqKGjty1rmBeA==
.speedtrkzone.com/ Name: ti
Value: kR2gFptLk/5vWs6/mmTdJBoWnya5eWLfGiqmfcRiKZqKGjty1rmBeA==
.speedtrkzone.com/ Name: c31497
Value: 1u8z+fWBTIy3KJ2EB5vYbqg5KnWqC/CzXY6tSAKJ8poTH8HpcHUPmQ==
.www.nerdwallet.com/ Name: __cf_bm
Value: FQNhFne6fQ0OOf5t0S83yNBaQ99K_VGnqBNHSifN0rQ-1666036513-0-AWMliEwnhe/YV3txYoq5t1oV0qc/DkZq5OBo9tDwXAr4pozqO5qtjEzSPFS1bO1xt0JwaRYYoWoOwPpIJ7DXz7tv7qi3pUL4mSXxLwPHdiUh
.www.nerdwallet.com/ Name: __cfruid
Value: f2364b25253ab530c9363799d36ac1990295f942-1666036513
analyze.nw-click.com/ Name: leadid_token-22813350-8774-3000-19AC-FC31C47988BB-6A646C57-A079-2DAF-11AA-FA12E35CE4D2
Value: 81189091-1874-2770-4DD2-F030576CD53F
.nw-click.com/ Name: AMP_38544bdf07
Value: JTdCJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJkZXZpY2VJZCUyMiUzQSUyMmUxMDdjOTRjLTdlODMtNDk3Zi05ZThjLTMxY2E3MDlmMDEzYiUyMiUyQyUyMmxhc3RFdmVudFRpbWUlMjIlM0ExNjY2MDM2NTE0OTQ1JTJDJTIyc2Vzc2lvbklkJTIyJTNBMTY2NjAzNjUxNDg1MCUyQyUyMnVzZXJJZCUyMiUzQSUyMmRhMzg5Yjk2NjEyODQ3NjZhNTY5Mzk5MzdlOTdkMzU2JTIyJTdE
.nw-click.com/ Name: _gcl_au
Value: 1.1.211478237.1666036515
.deviceid.trueleadid.com/ Name: uuid
Value: d378dfc4e8d14f83a824e8d230f51248
.bing.com/ Name: MUID
Value: 1AB4DEA4576B62E00F4DCCE456C76382
.nw-click.com/ Name: _uetsid
Value: 9e3ee4104e5511ed897d0d427c9bb4d4
.nw-click.com/ Name: _uetvid
Value: 9e3f04404e5511edb4ceb92c40559c4f
.nw-click.com/ Name: _ga_X4363VV9ZN
Value: GS1.1.1666036515.1.0.1666036515.0.0.0
.nw-click.com/ Name: _ga
Value: GA1.1.1128694494.1666036515
.nw-click.com/ Name: _hjSessionUser_542041
Value: eyJpZCI6ImVkNTZkZTBiLTliMjEtNTBmNC05ZDM3LTAwNDNmZWI5ZjcxOSIsImNyZWF0ZWQiOjE2NjYwMzY1MTU0NjAsImV4aXN0aW5nIjpmYWxzZX0=
.nw-click.com/ Name: _hjFirstSeen
Value: 1
analyze.nw-click.com/ Name: _hjIncludedInSessionSample
Value: 0
.nw-click.com/ Name: _hjSession_542041
Value: eyJpZCI6ImNhZWMwZTUyLTNiYTYtNDRkNi1iYWZmLTE3NTFiZTQ0N2Q5MCIsImNyZWF0ZWQiOjE2NjYwMzY1MTU0NzQsImluU2FtcGxlIjpmYWxzZX0=
.nw-click.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
.nw-click.com/ Name: _tt_enable_cookie
Value: 1
.nw-click.com/ Name: _ttp
Value: 98afa45a-fcf3-46da-8c2d-46d80f038ea9
.nw-click.com/ Name: _fbp
Value: fb.1.1666036515736.1343735140
www.nerdwallet.com/ Name: AWSALBTGCORS
Value: v0pMEji/Vk053T0JVYXICg0babER5DMPkqNWJS3jELCJ8kugwZB+mPH9AmuKy9qCjkmzrqQX+tnybcHpoanWmogIcdX+Y0MKOhwSSSA0BVBbJZ8GJzpbiUz5eYqygpZFQ41MaBsqKoRDu7mkMThfR5U9K8xCYQEjLQHgQiHQMlJF
www.nerdwallet.com/ Name: AWSALBCORS
Value: GqjdR5s9BzmFNKl+ajpsacUQ3DrVoDMYGN5iyPk/8sEmS4X9yCBQDChb4IVdAuci92B4NbmNgFIdadFkgYgVm18KU3P8rTVZ55/ehYiOHJ1TOdDB6MfASt+doSGr
.nw-click.com/ Name: AMP_MKTG_38544bdf07
Value: JTdCJTIydXRtX3NvdXJjZSUyMiUzQSUyMkRBJTIyJTJDJTIydXRtX21lZGl1bSUyMiUzQSUyMmFmZmlsaWF0ZSUyMiUyQyUyMnV0bV9jYW1wYWlnbiUyMiUzQSUyMjQyNTc1JTIyJTdE
analyze.nw-click.com/ Name: _dd_s
Value: rum=1&id=480bb3bb-4e0c-405f-8f09-31cebd8192eb&created=1666036514187&expire=1666037414187

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
analyze.nw-click.com
api.onthebarrelhead.com
api.trustedform.com
api2.amplitude.com
bat.bing.com
cdn.trustedform.com
connect.facebook.net
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
email.devotionaloftheday.com
leadid.onthebarrelhead.com
maps.googleapis.com
region1.google-analytics.com
rum.browser-intake-datadoghq.com
script.hotjar.com
speedtrkzone.com
static.hotjar.com
track.insight.devotionalcheckin.com
tracking.plpro.co
vars.hotjar.com
vc.hotjar.io
wkwkero.com
www.facebook.com
www.googletagmanager.com
www.nerdwallet.com
172.64.145.193
18.210.69.85
18.214.171.162
18.66.112.19
18.66.147.29
18.66.97.37
184.86.103.17
2001:4860:4802:34::36
2600:1f18:24e6:b900:fb83:38c3:54ee:f548
2600:9000:223d:b800:c:d509:13c0:93a1
2600:9000:223d:fc00:1c:7f1a:6680:93a1
2606:4700:20::ac43:4aaa
2620:1ec:c11::200
2a00:1450:4001:82b::2008
2a00:1450:4001:830::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.232.143.48
34.200.117.186
34.86.85.56
44.240.84.34
52.210.123.14
52.222.206.49
52.222.236.63
54.167.80.156
54.237.159.171
10e59eebc56bdd8afae70a6ed3187b25317a7a8993374b539fa45b8277443274
159c6b1e9f2d3b4d2fc9530c5da40152f37a34551bd0a7fb528f7ff6e3d9d83a
18157870a65e487555dce9077bd3351b73a34fbdb844c4619b6fb5c530d58273
1d37da68533f0bec1e870616609117f51870aa044e96f81c85bfb24a32e3253e
209bbba6f7163b259848583858ea8e1cb5761089ad194de95a97e9601f9d7ccc
28b643dcf5072485f64c50e00b37045c8a7f0455e249fed27b9742fb345d0640
2984c3ba392dc9504b5ffb2c6626852dea7a71c5e1196bcbec4127ca1978d7e5
2d793e9fc718ea6e7c8e81ddf7cdef6cc4bf5817c4869171b56fddbdee811269
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
37473b44ff83bdebfe4656b14121fcf6213f1ab9c96be74e0b060f3cd9c11c11
38a90e4f4ecd3208b29b98998e078ab123edd00110f374519fcaac46e912ef77
44959f51a1fbe850b7fc994b3057394b062cdd1f7ff6d5ed3ef9b6c56904af83
46394703743ad9e36a77e1ec2f28f78d09723e0f79710ceaffdbfb6a56cc18a0
48da1f3149b6e00e95d8ef4a57e773ab558a864b77c96f6019e4cfebe19106a6
4ae4bbc3bbd5733dcaf9302940b4115e5871733f71ab3f3e7250e693b4d05f6d
4c53686b7318dc68f809d337ab0a9ec82db4d9d77e4f8c2d882151aef6cca082
5421dc0e3f4bff0e2f63bd5b0ef1de5eeefbca93253cebacca55a7847f95823f
5f2918a3837e166689fe62eae82565780f8e4e447790a9cf643e36f3817cf3d1
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
623f0bd0fa958088299554af62219394b9d0ebf20064784fd75f9b2544b0ae62
7e6c865ab64d2cd8c6bc7faf32005647387728a6510bd27d097131aa3beae88a
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
9b5c1ca37e9516661f3389aa8e7a0605d17c9102482a75398864017093ccf107
adf5bb45f442a6ff286794f7c6fbeaad016f80c73ac6e1a098ad5a5e6b6c48d3
ae68e771989d53e83a9887becea1cf92f05bb050409188d4476e8fe12834eaa4
b02e2d78209325f7d74120d554a8c9e8350e508d99f5053e85daccd792f28acd
b71779fb6bf169b8f365ad4ed7bb2559e122941f613cc69e6cd2004635f92fc0
ba8be65746ca30fadff7deb639117ec587a44e0428f89218d70bc5e4888ac308
c45992da4f0169a7651346ef0a4cb27efe93b28a3b80d230a6f428a0e242db65
c734bdbf3126abd312825cc131e855c2a47b97f237c04b430e7473877f678e90
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb9e9fef68b5e9d72ae30f7a82d7d8aba8034672cd49059ffd4d9ed64dcc24ae
ce6bc560b05dfbd3518479bfe62f74f38a38939bc9bac10033160a3b589a86ce
d5d51a485171dedb3566f661b32d8ab439d6c46c50547dce47f516dd9c5451a2
d80f782c175ee34155d9df75ffb2ebeff7e968fa049ed143ccf65e517a5c1b9e
d925fff8efab019e1af1ff0f17536c75c75a98d4a3a4e2a0da301bb7e43488fc
de10e6e1737b7031c84053fb8500a554901034dac8169e816b2a9d19dea8e27c
deaf4755d9da347b937b7b0ca90f0c5b811f380f4f9386b3ba081f73e5dec1e5
df7d904b769cd337e322637742dc8a004200cc4142d7b4fb40f1b3c222191774
df95c359e3559c219087fcb7d390b577cbd6577c0338d18644bd275149c62a86
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047
e9bd9db83268ae9694965b94341b1ac5c2da802cfb7d87ed5b1b2727d8ea5ed2
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629