nelnetbank.applyloan.app Open in urlscan Pro
52.84.174.125  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request Login Show response nelnetbank.applyloan.app/Account/	24 KB 7 KB	1070ms 920ms	Document text/html	52.84.174.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nelnetbank.applyloan.app/Account/Login?mc=salesforceEMs000.lc_factsnewsletter_july_2023&code=NNBRFI014 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.174.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-174-125.cdg50.r.cloudfront.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash da393445f1e7e6e3ada9bf037dae6fc593606a305c57f861dcb064b7df57b783 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN SAMEORIGIN SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, no-store content-encoding gzip content-type text/html; charset=utf-8 date Wed, 12 Jul 2023 15:16:49 GMT expires -1 feature-policy accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none' pragma no-cache referrer-policy no-referrer server Microsoft-IIS/10.0 strict-transport-security max-age=31536000 vary Accept-Encoding via 1.1 64ca9347ad04534b1e47b07966197f28.cloudfront.net (CloudFront) x-amz-cf-id n1Q08w1CNiD3ANMjXDMf2b_qlE-ruIdDQy1gCAzupP9vl858V0YjCg== x-amz-cf-pop CDG50-P1 x-aspnet-version 4.0.30319 x-cache Miss from cloudfront x-content-type-options nosniff x-frame-options SAMEORIGIN SAMEORIGIN SAMEORIGIN x-permitted-cross-domain-policies none x-powered-by ASP.NET x-xss-protection 1; mode=block
GET H2	200	unifi nelnetbank.applyloan.app/Content/	67 KB 11 KB	519ms 517ms	Stylesheet text/css	52.84.174.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nelnetbank.applyloan.app/Content/unifi?v=64O9O8IB9RZ3flMq8x9xtH6JzFjO_qzin9HNMwRFOqg1 Requested by Host: nelnetbank.applyloan.app URL: https://nelnetbank.applyloan.app/Account/Login?mc=salesforceEMs000.lc_factsnewsletter_july_2023&code=NNBRFI014 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.174.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-174-125.cdg50.r.cloudfront.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 5efc0285f61b1b9cb7bd9653e473083c251e6b3b349b89ff21bd7fb9a3ac5aab Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 12 Jul 2023 15:16:49 GMT x-content-type-options nosniff content-encoding gzip x-permitted-cross-domain-policies none x-aspnet-version 4.0.30319 via 1.1 64ca9347ad04534b1e47b07966197f28.cloudfront.net (CloudFront) x-amz-cf-pop CDG50-P1 x-powered-by ASP.NET x-cache Miss from cloudfront x-xss-protection 1; mode=block pragma no-cache referrer-policy no-referrer server Microsoft-IIS/10.0 vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 cache-control no-cache, no-store feature-policy accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none' x-amz-cf-id pjd7dBnMZMfHzA_njSRMN0SAy5m29AsGv3PkdygrIESrmDnWUzTKfQ== expires -1
GET H2	200	unifi-theme.css nelnetbank.applyloan.app/Content/themes/nnb/	17 KB 4 KB	588ms 586ms	Stylesheet text/css	52.84.174.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nelnetbank.applyloan.app/Content/themes/nnb/unifi-theme.css?v=638191543490804971 Requested by Host: nelnetbank.applyloan.app URL: https://nelnetbank.applyloan.app/Account/Login?mc=salesforceEMs000.lc_factsnewsletter_july_2023&code=NNBRFI014 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.174.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-174-125.cdg50.r.cloudfront.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 55b6ed1c45eb747400e721cba0978eff99432c03c30c565303d118a7af0a19eb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 12 Jul 2023 15:16:49 GMT x-content-type-options nosniff content-encoding gzip x-permitted-cross-domain-policies none via 1.1 64ca9347ad04534b1e47b07966197f28.cloudfront.net (CloudFront) x-amz-cf-pop CDG50-P1 x-powered-by ASP.NET x-cache Miss from cloudfront x-xss-protection 1; mode=block referrer-policy no-referrer last-modified Mon, 08 May 2023 19:52:29 GMT server Microsoft-IIS/10.0 etag W/"eb84cc9ee681d91:0" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css feature-policy accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none' x-amz-cf-id dyRthNXe17BwIcbRlmQNLDEEabwC2MDGkAXW4zfc8_X0SB_t1B4uCg==
GET H2	200	jquery Show response nelnetbank.applyloan.app/bundles/	86 KB 32 KB	507ms 505ms	Script text/javascript	52.84.174.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nelnetbank.applyloan.app/bundles/jquery?v=8Oos0avDZyPg-cbyVzvkIfERIE1DGSe3sRQdCSYrgEQ1 Requested by Host: nelnetbank.applyloan.app URL: https://nelnetbank.applyloan.app/Account/Login?mc=salesforceEMs000.lc_factsnewsletter_july_2023&code=NNBRFI014 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.174.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-174-125.cdg50.r.cloudfront.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash c6c9c55306e0cc0fbd50b3488121de96630e66f6744a6538e97e982d64144889 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 12 Jul 2023 15:16:49 GMT x-content-type-options nosniff content-encoding gzip x-permitted-cross-domain-policies none x-aspnet-version 4.0.30319 via 1.1 64ca9347ad04534b1e47b07966197f28.cloudfront.net (CloudFront) x-amz-cf-pop CDG50-P1 x-powered-by ASP.NET x-cache Miss from cloudfront x-xss-protection 1; mode=block pragma no-cache referrer-policy no-referrer server Microsoft-IIS/10.0 vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control no-cache, no-store feature-policy accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none' x-amz-cf-id l7OFyPsGOvyiISXhrNQgFsvOg3r0QapS13WDJ_XLJMOhNIJFUkiwHQ== expires -1
GET H2	200	jquery-migrate Show response nelnetbank.applyloan.app/bundles/	9 KB 4 KB	512ms 511ms	Script text/javascript	52.84.174.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nelnetbank.applyloan.app/bundles/jquery-migrate?v=TqwhJnE1nTBKubKx50CgprLGc1ynqe5oP5WihCR-PbA1 Requested by Host: nelnetbank.applyloan.app URL: https://nelnetbank.applyloan.app/Account/Login?mc=salesforceEMs000.lc_factsnewsletter_july_2023&code=NNBRFI014 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.174.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-174-125.cdg50.r.cloudfront.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 80d5a208d9937952f656dfcb6f644caa28bc68f547bed2e36eb3e57e2f4f28f2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 12 Jul 2023 15:16:49 GMT x-content-type-options nosniff content-encoding gzip x-permitted-cross-domain-policies none x-aspnet-version 4.0.30319 via 1.1 64ca9347ad04534b1e47b07966197f28.cloudfront.net (CloudFront) x-amz-cf-pop CDG50-P1 x-powered-by ASP.NET x-cache Miss from cloudfront x-xss-protection 1; mode=block pragma no-cache referrer-policy no-referrer server Microsoft-IIS/10.0 vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control no-cache, no-store feature-policy accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none' x-amz-cf-id OlIezrKGynufTwsJURas33VJjVdZ8V7hp9KaWEVdaEQvMKZOGLP6MA== expires -1
GET H2	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/	36 KB 11 KB	56ms 29ms	Script application/javascript	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js Requested by Host: nelnetbank.applyloan.app URL: https://nelnetbank.applyloan.app/Account/Login?mc=salesforceEMs000.lc_factsnewsletter_july_2023&code=NNBRFI014 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer Origin https://nelnetbank.applyloan.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 12 Jul 2023 15:16:50 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS content-encoding br cdn-edgestorageid 1053 cdn-cachedat 11/15/2022 10:30:01 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:00 GMT cdn-proxyver 1.03 cdn-requestpullcode 200 server cloudflare etag W/"5869c96cc8f19086aee625d670d741f9" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid fd535f14adf419d1ffa361d43bb9f4e3 timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 7e5a3fe54b251951-FRA cdn-requestpullsuccess True
GET H2	200	jqueryval Show response nelnetbank.applyloan.app/bundles/	29 KB 10 KB	498ms 497ms	Script text/javascript	52.84.174.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nelnetbank.applyloan.app/bundles/jqueryval?v=eiain9zaU1Q5VclQj-s-5TfQf_RuSKCBT8kCYMzJw-A1 Requested by Host: nelnetbank.applyloan.app URL: https://nelnetbank.applyloan.app/Account/Login?mc=salesforceEMs000.lc_factsnewsletter_july_2023&code=NNBRFI014 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.174.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-174-125.cdg50.r.cloudfront.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash a479bd32031d0023004c05baf6c19cc0770ce4562541fc9b533bc9a6c7136641 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 12 Jul 2023 15:16:49 GMT x-content-type-options nosniff content-encoding gzip x-permitted-cross-domain-policies none x-aspnet-version 4.0.30319 via 1.1 64ca9347ad04534b1e47b07966197f28.cloudfront.net (CloudFront) x-amz-cf-pop CDG50-P1 x-powered-by ASP.NET x-cache Miss from cloudfront x-xss-protection 1; mode=block pragma no-cache referrer-policy no-referrer server Microsoft-IIS/10.0 vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control no-cache, no-store feature-policy accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none' x-amz-cf-id 5XVLT2CmBqu9EPPP3rWPAVrNkhiujKC2wlYaEy_Hr2b_WOUsZOcM8Q== expires -1
GET H2	200	scripts Show response nelnetbank.applyloan.app/bundles/	53 KB 17 KB	631ms 629ms	Script text/javascript	52.84.174.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nelnetbank.applyloan.app/bundles/scripts?v=t5xlLMf29Hlk52E7_H_Y5zWBwyZWUHerSxLWhYx1gR01 Requested by Host: nelnetbank.applyloan.app URL: https://nelnetbank.applyloan.app/Account/Login?mc=salesforceEMs000.lc_factsnewsletter_july_2023&code=NNBRFI014 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.174.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-174-125.cdg50.r.cloudfront.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash da737a3be413a47c616f4d6c760a6c0c7b8e14181a92dae9f2469db9f055caf2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 12 Jul 2023 15:16:49 GMT x-content-type-options nosniff content-encoding gzip x-permitted-cross-domain-policies none x-aspnet-version 4.0.30319 via 1.1 64ca9347ad04534b1e47b07966197f28.cloudfront.net (CloudFront) x-amz-cf-pop CDG50-P1 x-powered-by ASP.NET x-cache Miss from cloudfront x-xss-protection 1; mode=block pragma no-cache referrer-policy no-referrer server Microsoft-IIS/10.0 vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control no-cache, no-store feature-policy accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none' x-amz-cf-id ux4KxsCqyqAwQ9fnUywrG_XUtHadvlqga7adnhmG6f34wirr5eEEJA== expires -1
GET H2	200	customplugins Show response nelnetbank.applyloan.app/bundles/	56 KB 57 KB	500ms 498ms	Script text/javascript	52.84.174.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nelnetbank.applyloan.app/bundles/customplugins?v=QQLi8qWtPnik94ILPdn-8PAGHKBjun7-df3yRejCVrI1 Requested by Host: nelnetbank.applyloan.app URL: https://nelnetbank.applyloan.app/Account/Login?mc=salesforceEMs000.lc_factsnewsletter_july_2023&code=NNBRFI014 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.174.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-174-125.cdg50.r.cloudfront.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 85bd80a3940fb31eba21363e89928e5a3d0d258504fa5670eae1360966628b65 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 12 Jul 2023 15:16:49 GMT x-content-type-options nosniff via 1.1 64ca9347ad04534b1e47b07966197f28.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none x-aspnet-version 4.0.30319 x-amz-cf-pop CDG50-P1 x-powered-by ASP.NET x-cache Miss from cloudfront content-length 57336 x-xss-protection 1; mode=block pragma no-cache referrer-policy no-referrer server Microsoft-IIS/10.0 x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control no-cache, no-store feature-policy accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none' x-amz-cf-id RRa4qfdxFHEty12XcVv27yQuVJFR2qjf5UcSJFmc7ySCoWYfveK8jA== expires -1
GET H2	200	modalform Show response nelnetbank.applyloan.app/bundles/	1 KB 2 KB	538ms 537ms	Script text/javascript	52.84.174.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nelnetbank.applyloan.app/bundles/modalform?v=ZqDxsWcvTYG4uVpUz47dRV_61m4XNiwXCIyTaS1U8UA1 Requested by Host: nelnetbank.applyloan.app URL: https://nelnetbank.applyloan.app/Account/Login?mc=salesforceEMs000.lc_factsnewsletter_july_2023&code=NNBRFI014 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.174.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-174-125.cdg50.r.cloudfront.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash f15097336c7a6e63f262093c24c48fe433ff26541e10b811bff99200df8bdc16 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 12 Jul 2023 15:16:49 GMT x-content-type-options nosniff via 1.1 64ca9347ad04534b1e47b07966197f28.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none x-aspnet-version 4.0.30319 x-amz-cf-pop CDG50-P1 x-powered-by ASP.NET x-cache Miss from cloudfront content-length 1243 x-xss-protection 1; mode=block pragma no-cache referrer-policy no-referrer server Microsoft-IIS/10.0 x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control no-cache, no-store feature-policy accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none' x-amz-cf-id yWryyzuFKk0SqkS0kdk3tBRSjLuUokJqKVKmBO5DHHqoLyVOBs4kZA== expires -1
GET H2	200	polyfill Show response nelnetbank.applyloan.app/bundles/	93 KB 94 KB	537ms 536ms	Script text/javascript	52.84.174.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nelnetbank.applyloan.app/bundles/polyfill?v=cMcse-8UfrOhV5ctiN_B0z8iDaz9U8JPzIchNwqItpI1 Requested by Host: nelnetbank.applyloan.app URL: https://nelnetbank.applyloan.app/Account/Login?mc=salesforceEMs000.lc_factsnewsletter_july_2023&code=NNBRFI014 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.174.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-174-125.cdg50.r.cloudfront.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 5c4d9fabd665c0758127ae568b28f7ae008e294f0595e728225721cc9bf344d0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 12 Jul 2023 15:16:49 GMT x-content-type-options nosniff via 1.1 64ca9347ad04534b1e47b07966197f28.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none x-aspnet-version 4.0.30319 x-amz-cf-pop CDG50-P1 x-powered-by ASP.NET x-cache Miss from cloudfront content-length 95389 x-xss-protection 1; mode=block pragma no-cache referrer-policy no-referrer server Microsoft-IIS/10.0 x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control no-cache, no-store feature-policy accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none' x-amz-cf-id RxHPMEFBBA1jt8tx4ruB82w4r1p_Rom20_POA29qwUuqmZnVFbaKeg== expires -1
GET H2	200	vue Show response nelnetbank.applyloan.app/bundles/	91 KB 92 KB	611ms 610ms	Script text/javascript	52.84.174.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nelnetbank.applyloan.app/bundles/vue?v=owzI97rxTN5Ve7qHTuAl7zbj3v-QigwNzSw9hb46tII1 Requested by Host: nelnetbank.applyloan.app URL: https://nelnetbank.applyloan.app/Account/Login?mc=salesforceEMs000.lc_factsnewsletter_july_2023&code=NNBRFI014 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.174.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-174-125.cdg50.r.cloudfront.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 8f70efc2f0027cf9b8824d75882278e4dafc8521fb6cbfa0e46180cc1c211f49 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 12 Jul 2023 15:16:49 GMT x-content-type-options nosniff via 1.1 64ca9347ad04534b1e47b07966197f28.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none x-aspnet-version 4.0.30319 x-amz-cf-pop CDG50-P1 x-powered-by ASP.NET x-cache Miss from cloudfront content-length 93016 x-xss-protection 1; mode=block pragma no-cache referrer-policy no-referrer server Microsoft-IIS/10.0 x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control no-cache, no-store feature-policy accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none' x-amz-cf-id NQiiOFy-qei_2LWkS5HQTAomtnZq5fN1UmunRKRAAES1UVea7Q1NeQ== expires -1
GET H2	200	js Show response www.googletagmanager.com/gtag/	162 KB 60 KB	76ms 39ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-180194408-1 Requested by Host: nelnetbank.applyloan.app URL: https://nelnetbank.applyloan.app/Account/Login?mc=salesforceEMs000.lc_factsnewsletter_july_2023&code=NNBRFI014 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 80d6dd878b5d08420f6869992a9f2a1688cb03940a25ca11dde549bb30825aef Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 12 Jul 2023 15:16:51 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60967 x-xss-protection 0 last-modified Wed, 12 Jul 2023 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 12 Jul 2023 15:16:51 GMT
GET H2	200	logo.svg nelnetbank.applyloan.app/Content/themes/nnb/	4 KB 5 KB	147ms 146ms	Image image/svg+xml	52.84.174.125 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://nelnetbank.applyloan.app/Content/themes/nnb/logo.svg Requested by Host: nelnetbank.applyloan.app URL: https://nelnetbank.applyloan.app/Account/Login?mc=salesforceEMs000.lc_factsnewsletter_july_2023&code=NNBRFI014 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.174.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-174-125.cdg50.r.cloudfront.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash f48eec4f0531be0d54b7f9c96f3037739cb545b096504bcd733f7c13225e48e3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 12 Jul 2023 15:16:51 GMT x-content-type-options nosniff via 1.1 64ca9347ad04534b1e47b07966197f28.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none x-amz-cf-pop CDG50-P1 x-powered-by ASP.NET x-cache Miss from cloudfront content-length 4135 x-xss-protection 1; mode=block referrer-policy no-referrer last-modified Mon, 08 May 2023 19:52:29 GMT server Microsoft-IIS/10.0 etag "ba4ccb9ee681d91:0" x-frame-options SAMEORIGIN content-type image/svg+xml feature-policy accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none' accept-ranges bytes x-amz-cf-id _yh9TYPA6SaQlROOGVsSZnAz7L1yy_aOhumyomg6EXUO_htryEe7SA==
GET H2	200	login.js Show response nelnetbank.applyloan.app/Scripts/Shared/	3 KB 3 KB	149ms 149ms	Script application/javascript	52.84.174.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nelnetbank.applyloan.app/Scripts/Shared/login.js?v=638191543495365252 Requested by Host: nelnetbank.applyloan.app URL: https://nelnetbank.applyloan.app/Account/Login?mc=salesforceEMs000.lc_factsnewsletter_july_2023&code=NNBRFI014 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.174.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-174-125.cdg50.r.cloudfront.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 4725b85cc9838d22d1a556d217012e8634f2df125634fe7c6d747000fc7d7ee1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 12 Jul 2023 15:16:51 GMT x-content-type-options nosniff via 1.1 64ca9347ad04534b1e47b07966197f28.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none x-amz-cf-pop CDG50-P1 x-powered-by ASP.NET x-cache Miss from cloudfront content-length 2659 x-xss-protection 1; mode=block referrer-policy no-referrer last-modified Mon, 08 May 2023 19:52:29 GMT server Microsoft-IIS/10.0 etag "841a129fe681d91:0" x-frame-options SAMEORIGIN content-type application/javascript feature-policy accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none' accept-ranges bytes x-amz-cf-id DR20B89D4TicnW7RsvHaG-vlMg3mDXN7OQpf9UT1P6HLRYi-TzTCWg==
GET H2	200	platform Show response nelnetbank.applyloan.app/bundles/	14 KB 14 KB	141ms 141ms	Script text/javascript	52.84.174.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nelnetbank.applyloan.app/bundles/platform?v=loI8QAe0lXzE-4kKQ7vENai14oy0L51dl-obt_9pKZI1 Requested by Host: nelnetbank.applyloan.app URL: https://nelnetbank.applyloan.app/Account/Login?mc=salesforceEMs000.lc_factsnewsletter_july_2023&code=NNBRFI014 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.174.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-174-125.cdg50.r.cloudfront.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash a6ddec31600eff9b39382da0a9769c129bdf7bf2642f5233c199ed25fc64afc1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 12 Jul 2023 15:16:51 GMT x-content-type-options nosniff via 1.1 64ca9347ad04534b1e47b07966197f28.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none x-aspnet-version 4.0.30319 x-amz-cf-pop CDG50-P1 x-powered-by ASP.NET x-cache Miss from cloudfront content-length 13943 x-xss-protection 1; mode=block pragma no-cache referrer-policy no-referrer server Microsoft-IIS/10.0 x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control no-cache, no-store feature-policy accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none' x-amz-cf-id Rd3Tdetss1J359KmGsb28jpmyQIh0ugPN-HqQaxI8iOIABCJwCKbfQ== expires -1
GET H2	200	icon fonts.googleapis.com/	569 B 775 B	48ms 18ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: nelnetbank.applyloan.app URL: https://nelnetbank.applyloan.app/Content/themes/nnb/unifi-theme.css?v=638191543490804971 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 12 Jul 2023 15:16:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 12 Jul 2023 15:16:50 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 12 Jul 2023 15:16:50 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	44ms 7ms	Script text/javascript	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: nelnetbank.applyloan.app URL: https://nelnetbank.applyloan.app/Account/Login?mc=salesforceEMs000.lc_factsnewsletter_july_2023&code=NNBRFI014 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 12 Jul 2023 14:35:19 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 2492 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Wed, 12 Jul 2023 16:35:19 GMT
GET DATA	200 OK	truncated /	162 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b1770d9a605ec64cae2813a2bb88f3175ec89079f600cc1414f5b6b8368506f3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/svg+xml;charset=UTF-8
GET H2	200	flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 fonts.gstatic.com/s/materialicons/v140/	125 KB 126 KB	41ms 8ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/icon?family=Material+Icons Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://nelnetbank.applyloan.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 12 Jul 2023 05:24:38 GMT x-content-type-options nosniff age 35533 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 128352 x-xss-protection 0 last-modified Tue, 07 Mar 2023 19:51:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 11 Jul 2024 05:24:38 GMT
GET H2	200	jqueryval Show response nelnetbank.applyloan.app/bundles/	29 KB 30 KB	172ms 172ms	Script text/javascript	52.84.174.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nelnetbank.applyloan.app/bundles/jqueryval?v=eiain9zaU1Q5VclQj-s-5TfQf_RuSKCBT8kCYMzJw-A1 Requested by Host: nelnetbank.applyloan.app URL: https://nelnetbank.applyloan.app/Account/Login?mc=salesforceEMs000.lc_factsnewsletter_july_2023&code=NNBRFI014 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.174.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-174-125.cdg50.r.cloudfront.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash a479bd32031d0023004c05baf6c19cc0770ce4562541fc9b533bc9a6c7136641 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 12 Jul 2023 15:16:51 GMT x-content-type-options nosniff via 1.1 64ca9347ad04534b1e47b07966197f28.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none x-aspnet-version 4.0.30319 x-amz-cf-pop CDG50-P1 x-powered-by ASP.NET x-cache Miss from cloudfront content-length 30164 x-xss-protection 1; mode=block pragma no-cache referrer-policy no-referrer server Microsoft-IIS/10.0 x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control no-cache, no-store feature-policy accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none' x-amz-cf-id l7_HFTJ3osUWZHww4mY7NlkvPZ_eREdLqP2w67y_8kb3Y5NvteBTgQ== expires -1
POST H2	200	collect Show response www.google-analytics.com/j/	15 B 227 B	17ms 17ms	XHR text/plain	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2070149109&t=pageview&_s=1&dl=https%3A%2F%2Fnelnetbank.applyloan.app%2FAccount%2FLogin%3Fmc%3DsalesforceEMs000.lc_factsnewsletter_july_2023%26code%3DNNBRFI014&ul=en-us&de=UTF-8&dt=Log%20In%20-%20Private%20Loans&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1178442251&gjid=164525929&cid=890694108.1689175011&tid=UA-92525257-1&_gid=884487618.1689175011&_r=1&_slc=1&z=1215132994 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 184ed48059ac8966894358c6b7450ee0966b5ab368e4eb1d7b0c7fd1489118e2 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 12 Jul 2023 15:16:51 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://nelnetbank.applyloan.app cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	219 KB 78 KB	43ms 42ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-JR60MVQP8E&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d778ecabd72e2427593f64cc5bafee48f4440d1a527ccb27aae12c1e678e9e7c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 12 Jul 2023 15:16:51 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 79717 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 12 Jul 2023 15:16:51 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	15ms 14ms	XHR text/plain	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2070149109&t=pageview&_s=1&dl=https%3A%2F%2Fnelnetbank.applyloan.app%2FAccount%2FLogin%3Fmc%3DsalesforceEMs000.lc_factsnewsletter_july_2023%26code%3DNNBRFI014&ul=en-us&de=UTF-8&dt=Log%20In%20-%20Private%20Loans&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=1733024592&gjid=164639622&cid=890694108.1689175011&tid=UA-180194408-1&_gid=884487618.1689175011&_r=1&gtm=457e37a0&jsscut=1&z=95010007 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 12 Jul 2023 15:16:51 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://nelnetbank.applyloan.app cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 352 B	94ms 18ms	XHR text/plain	2a00:1450:400c:c0c::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-180194408-1&cid=890694108.1689175011&jid=1733024592&gjid=164639622&_gid=884487618.1689175011&_u=aEDAAUABAAAAACAAI~&z=995317675 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Wed, 12 Jul 2023 15:16:51 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://nelnetbank.applyloan.app cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 251 B	50ms 16ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-JR60MVQP8E&gtm=45je37a0&_p=2070149109&ul=en-us&sr=1600x1200&cid=890694108.1689175011&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABA&ngs=1&_s=1&dl=https%3A%2F%2Fnelnetbank.applyloan.app%2FAccount%2FLogin%3Fmc%3DsalesforceEMs000.lc_factsnewsletter_july_2023%26code%3DNNBRFI014&dt=Log%20In%20-%20Private%20Loans&sid=1689175011&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-JR60MVQP8E&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Wed, 12 Jul 2023 15:16:51 GMT server Golfe2 content-type text/plain access-control-allow-origin https://nelnetbank.applyloan.app cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	ValidatePassword Show response nelnetbank.applyloan.app/Account/	707 B 1 KB	240ms 238ms	XHR text/html	52.84.174.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nelnetbank.applyloan.app/Account/ValidatePassword Requested by Host: nelnetbank.applyloan.app URL: https://nelnetbank.applyloan.app/bundles/jquery?v=8Oos0avDZyPg-cbyVzvkIfERIE1DGSe3sRQdCSYrgEQ1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.174.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-174-125.cdg50.r.cloudfront.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash d54dba74eceedb16356fa6ff778807a389b4f734c224128689280867877c4473 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept text/html, */*; q=0.01 Referer X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers strict-transport-security max-age=31536000 date Wed, 12 Jul 2023 15:16:51 GMT x-content-type-options nosniff via 1.1 64ca9347ad04534b1e47b07966197f28.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none x-aspnet-version 4.0.30319 x-amz-cf-pop CDG50-P1 x-powered-by ASP.NET x-cache Miss from cloudfront content-length 707 x-xss-protection 1; mode=block pragma no-cache referrer-policy no-referrer server Microsoft-IIS/10.0 x-frame-options SAMEORIGIN content-type text/html; charset=utf-8 cache-control no-cache, no-store feature-policy accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none' x-amz-cf-id BTB4XLCGx598XH1HwpcoGYj9XcgFBR9K2VlCm4RAbwpsXc-MXecHVg== expires -1

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery function| togglePwd function| toggleNext function| cancelBackspace function| formatCurrency function| manageErrors function| SortByName function| getFilterArrayById function| showMessage function| hideMessage function| showError function| hideError function| bindOptionIdNameSorted function| CheckDenialReasonCount object| respond number| $hiddenOptions function| Autocomplete function| SchoolList function| LenderList function| SearchIndex function| Bloodhound function| bindForm function| submitWithAsyncReload object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| Vue string| userId string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer boolean| firstEntry function| compareEmails object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| platform function| ValidatePassword function| debounce function| openTab number| windowHeight

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			nelnetbank.applyloan.app/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: sqiuybv5tsxllsn50qnow0bt
			nelnetbank.applyloan.app/	1969-12-31 23:59:59	Name: LenderLoanProgramCode Value: NNBRFI014
			nelnetbank.applyloan.app/	1970-01-20 13:22:59	Name: mc Value: salesforceEMs000.lc_factsnewsletter_july_2023
			nelnetbank.applyloan.app/	1969-12-31 23:59:59	Name: Theme Value: /Content/themes/nnb/theme.css
			nelnetbank.applyloan.app/	1969-12-31 23:59:59	Name: LogoUrl Value: /Content/themes/nnb/logo.png
			nelnetbank.applyloan.app/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: K7o4q1QBA2GxQGZSn6Lm9eqsv4oFzcVpz6c5GXOlNslFdhNQN_tyZeCkTpZmu22QzK7oeSllLqF6CvRYndPoVmr7a0Mywzm0VkHxbO0J6qI1
			.applyloan.app/	1970-01-20 22:48:55	Name: _ga Value: GA1.2.890694108.1689175011
			.applyloan.app/	1970-01-20 13:14:21	Name: _gid Value: GA1.2.884487618.1689175011
			.applyloan.app/	1970-01-20 13:12:55	Name: _gat Value: 1
			.applyloan.app/	1970-01-20 13:12:55	Name: _gat_gtag_UA_180194408_1 Value: 1
			.applyloan.app/	1970-01-20 22:48:55	Name: _ga_JR60MVQP8E Value: GS1.2.1689175011.1.0.1689175011.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
nelnetbank.applyloan.app
region1.google-analytics.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
2001:4860:4802:34::36
2606:4700::6812:acf
2a00:1450:4001:80e::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2008
2a00:1450:4001:829::200a
2a00:1450:400c:c0c::9a
52.84.174.125
184ed48059ac8966894358c6b7450ee0966b5ab368e4eb1d7b0c7fd1489118e2
4725b85cc9838d22d1a556d217012e8634f2df125634fe7c6d747000fc7d7ee1
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
55b6ed1c45eb747400e721cba0978eff99432c03c30c565303d118a7af0a19eb
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5c4d9fabd665c0758127ae568b28f7ae008e294f0595e728225721cc9bf344d0
5efc0285f61b1b9cb7bd9653e473083c251e6b3b349b89ff21bd7fb9a3ac5aab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
80d5a208d9937952f656dfcb6f644caa28bc68f547bed2e36eb3e57e2f4f28f2
80d6dd878b5d08420f6869992a9f2a1688cb03940a25ca11dde549bb30825aef
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
85bd80a3940fb31eba21363e89928e5a3d0d258504fa5670eae1360966628b65
8f70efc2f0027cf9b8824d75882278e4dafc8521fb6cbfa0e46180cc1c211f49
a479bd32031d0023004c05baf6c19cc0770ce4562541fc9b533bc9a6c7136641
a6ddec31600eff9b39382da0a9769c129bdf7bf2642f5233c199ed25fc64afc1
b1770d9a605ec64cae2813a2bb88f3175ec89079f600cc1414f5b6b8368506f3
c6c9c55306e0cc0fbd50b3488121de96630e66f6744a6538e97e982d64144889
d54dba74eceedb16356fa6ff778807a389b4f734c224128689280867877c4473
d778ecabd72e2427593f64cc5bafee48f4440d1a527ccb27aae12c1e678e9e7c
da393445f1e7e6e3ada9bf037dae6fc593606a305c57f861dcb064b7df57b783
da737a3be413a47c616f4d6c760a6c0c7b8e14181a92dae9f2469db9f055caf2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f15097336c7a6e63f262093c24c48fe433ff26541e10b811bff99200df8bdc16
f48eec4f0531be0d54b7f9c96f3037739cb545b096504bcd733f7c13225e48e3