urlscan.io logo urlscan.io
SecurityTrails logo

www.nelnetbank.psl.sparrowtest.com Open in urlscan Pro
13.32.99.25  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://nelnetbank.psl.sparrowtest.com/
Effective URL: https://www.nelnetbank.psl.sparrowtest.com/
Submission: On November 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 3 countries across 20 domains to perform 64 HTTP transactions. The main IP is 13.32.99.25, located in United States and belongs to . The main domain is www.nelnetbank.psl.sparrowtest.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 14th 2024. Valid for: a year.
This is the only time www.nelnetbank.psl.sparrowtest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.173.205.127 ()
10 13.32.99.25 ()
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 35.201.112.186 396982 (GOOGLE-CL...)
1 216.58.212.132 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 2620:1ec:33:1... 8075 (MICROSOFT...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
2 157.240.251.9 32934 (FACEBOOK)
1 34.238.149.65 14618 (AMAZON-AES)
1 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
3 35.186.194.58 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.184.206 15169 (GOOGLE)
4 157.240.251.35 32934 (FACEBOOK)
1 216.69.100.142 ()
2 52.37.218.4 16509 (AMAZON-02)
2 13.32.121.79 16509 (AMAZON-02)
1 35.81.162.201 16509 (AMAZON-02)
1 13.224.189.18 ()
2 18.245.46.19 ()
3 52.71.50.88 ()
1 216.239.34.36 ()
64 27
1    18.173.205.127 (United States)

ASN- ()
PTR: server-18-173-205-127.fra56.r.cloudfront.net
nelnetbank.psl.sparrowtest.com
10    13.32.99.25 (United States)

ASN- ()
PTR: server-13-32-99-25.fra60.r.cloudfront.net
www.nelnetbank.psl.sparrowtest.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
1    216.58.212.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f4.1e100.net
www.google.com
6    2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
2    2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    2a02:26f0:3500:10::210:a99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net
connect.facebook.net
1    34.238.149.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-149-65.compute-1.amazonaws.com
dx.mountain.com
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
3    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net
www.google-analytics.com
4    157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com
www.facebook.com
1    216.69.100.142 (United States)

ASN- ()
www.nelnet.net
2    52.37.218.4 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-218-4.us-west-2.compute.amazonaws.com
px.mountain.com
2    13.32.121.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-79.fra60.r.cloudfront.net
api.sparrowtest.com
1    35.81.162.201 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-162-201.us-west-2.compute.amazonaws.com
gs.mountain.com
1    13.224.189.18 (None, )

ASN- ()
widget.intercom.io
2    18.245.46.19 (None, )

ASN- ()
js.intercomcdn.com
3    52.71.50.88 (None, )

ASN- ()
api-iam.intercom.io
1    216.239.34.36 (None, )

ASN- ()
region1.analytics.google.com
Apex Domain
Subdomains		 Transfer
13 sparrowtest.com
nelnetbank.psl.sparrowtest.com
www.nelnetbank.psl.sparrowtest.com
api.sparrowtest.com
902 KB
6 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 390
120 KB
6 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 2630
rs.fullstory.com — Cisco Umbrella Rank: 2600
81 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 404
px4.ads.linkedin.com — Cisco Umbrella Rank: 6892
2 KB
4 intercom.io
widget.intercom.io
api-iam.intercom.io
9 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
423 B
4 mountain.com
dx.mountain.com — Cisco Umbrella Rank: 5404
px.mountain.com — Cisco Umbrella Rank: 5644
gs.mountain.com — Cisco Umbrella Rank: 11087
8 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 4
region1.analytics.google.com — Cisco Umbrella Rank: 3604
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 65
22 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
360 KB
2 intercomcdn.com
js.intercomcdn.com
287 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 208
75 KB
2 bing.com
bat.bing.com — Cisco Umbrella Rank: 397
15 KB
1 nelnet.net
www.nelnet.net — Cisco Umbrella Rank: 354958
1 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 171
568 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1142
14 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 55
1 KB
0 google.de Failed
www.google.de Failed
0 bing.net Failed
bat.bing.net Failed
0 evgnet.com Failed
cdn.evgnet.com Failed
64 20
Domain Requested by
10 www.nelnetbank.psl.sparrowtest.com www.nelnetbank.psl.sparrowtest.com
6 cdn.cookielaw.org www.googletagmanager.com
cdn.cookielaw.org
www.nelnetbank.psl.sparrowtest.com
4 www.facebook.com www.nelnetbank.psl.sparrowtest.com
4 px.ads.linkedin.com 1 redirects snap.licdn.com
3 api-iam.intercom.io js.intercomcdn.com
3 region1.analytics.google.com www.nelnetbank.psl.sparrowtest.com
3 rs.fullstory.com edge.fullstory.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.nelnetbank.psl.sparrowtest.com
3 edge.fullstory.com www.nelnetbank.psl.sparrowtest.com
edge.fullstory.com
3 www.googletagmanager.com www.nelnetbank.psl.sparrowtest.com
www.googletagmanager.com
www.google-analytics.com
2 js.intercomcdn.com widget.intercom.io
2 api.sparrowtest.com www.nelnetbank.psl.sparrowtest.com
2 px.mountain.com dx.mountain.com
px.mountain.com
2 connect.facebook.net www.nelnetbank.psl.sparrowtest.com
connect.facebook.net
2 bat.bing.com www.googletagmanager.com
bat.bing.com
1 widget.intercom.io www.nelnetbank.psl.sparrowtest.com
1 gs.mountain.com px.mountain.com
1 www.nelnet.net www.nelnetbank.psl.sparrowtest.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 px4.ads.linkedin.com www.nelnetbank.psl.sparrowtest.com
1 dx.mountain.com www.nelnetbank.psl.sparrowtest.com
1 snap.licdn.com www.nelnetbank.psl.sparrowtest.com
1 www.google.com www.googletagmanager.com
1 fonts.googleapis.com www.nelnetbank.psl.sparrowtest.com
1 nelnetbank.psl.sparrowtest.com 1 redirects
0 www.google.de Failed www.nelnetbank.psl.sparrowtest.com
0 bat.bing.net Failed www.nelnetbank.psl.sparrowtest.com
0 cdn.evgnet.com Failed www.googletagmanager.com
64 28

This site contains links to these domains. Also see Links.

Domain
www.sparrowfi.com
onetrust.com
www.nelnetbank.com
Subject Issuer Validity Valid
www.nelnetbank.psl.sparrowtest.com
Amazon RSA 2048 M03		 2024-11-14 -
2025-12-14		 a year crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
edge.fullstory.com
WR3		 2024-10-20 -
2025-01-18		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
cookielaw.org
WE1		 2024-10-11 -
2025-01-09		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-09-16 -
2025-03-15		 6 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-23 -
2024-11-21		 3 months crt.sh
*.mountain.com
Go Daddy Secure Certificate Authority - G2		 2024-05-23 -
2025-06-24		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-10-14 -
2025-04-14		 6 months crt.sh
rs.fullstory.com
WR3		 2024-10-22 -
2025-01-20		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
www.nelnet.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-11-06 -
2025-11-06		 a year crt.sh
api.sparrowtest.com
Amazon RSA 2048 M03		 2024-01-29 -
2025-02-26		 a year crt.sh
*.intercom.com
Amazon RSA 2048 M03		 2024-01-15 -
2025-02-11		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02		 2024-10-31 -
2025-11-28		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.nelnetbank.psl.sparrowtest.com/
Frame ID: 3BA4AF338A581F7CAE40B99EDAA9E234
Requests: 60 HTTP requests in this frame

Frame: data://truncated
Frame ID: 32B17FE8B3E51578F800AECFC3074A3B
Requests: 2 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: 3D9AA03D86CE0A422FE78C1D5C0DC3D2
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.824d1611.js
Frame ID: F5822B0114B273B81D3E7707BB61A8F4
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nelnet Bank

Page URL History Show full URLs

  1. https://nelnetbank.psl.sparrowtest.com/ HTTP 301
    https://www.nelnetbank.psl.sparrowtest.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

64
Requests

92 %
HTTPS

33 %
IPv6

20
Domains

28
Subdomains

27
IPs

3
Countries

1898 kB
Transfer

6346 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://nelnetbank.psl.sparrowtest.com/ HTTP 301
    https://www.nelnetbank.psl.sparrowtest.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2735348&time=1731575423680&url=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com%2F HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2735348&time=1731575423680&url=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com%2F&e_ipv6=AQKybmnRyH69igAAAZMp8CNVuD7LZiGfk_R6UkxpMV09T205SjhGgKnAP2CKOWmX5g

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.nelnetbank.psl.sparrowtest.com/
Redirect Chain
  • https://nelnetbank.psl.sparrowtest.com/
  • https://www.nelnetbank.psl.sparrowtest.com/
4 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nelnetbank.psl.sparrowtest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.25 , United States, ASN (),
Reverse DNS
server-13-32-99-25.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
9177d0c7d4e0873b0e3be0fa576c2036f3e4c35fd9ab58d23c13cc9ddf333c0f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'self'; script-src 'nonce-ALNQZJTSdb6GpVocoVd7ig==' 'strict-dynamic' 'self' widget.intercom.io *.intercomcdn.com cdnjs.cloudflare.com maps.googleapis.com *.fullstory.com https://*.googletagmanager.com bat.bing.com cdn.cookielaw.org connect.facebook.net snap.licdn.com cdn.evgnet.com/beacon/nelnetinc/nelnetbank/scripts/evergage.min.js www.google-analytics.com googleads.g.doubleclick.net *.sparrowtest.com 'sha256-XKl1DCtIkUBRvq1BiT9zIBS3ACWpsKjHNhFzq0JmE+c=' 'sha256-BibpoDGtLcqJmldHiTEJJaxae7rPNurFYXgWVCO4EVw=' 'sha256-Cp2zw0VJ1mIDeLf9E/9u2yfQ4K8yceNQMHk0BbUny8w=' 'sha256-PDHO0RDk4w5XlXMawrYw+4fVwJ5VvxjsZ0ocFGd3SzA=' 'sha256-zEF/ALwwDYV2nZ+rdYGh2XpjU1lbO3oZ2osZayOlmpw=' 'sha256-yxBn2Gp5NuqMNi7ReuwA3JbUbGjVKzk65Z2zsrps7Oc=' 'sha256-bvNubAaanvzctSH2Bj6ENjJoNk03JMpLZL4AeDGgepg=' 'sha256-F3Qj+IRGZEqGdWNLdiYQFEfi+pCkL2mRTY8vVLr+Q44='; style-src 'self' *.sparrowtest.com *.sparrowfi.com fonts.googleapis.com fonts.gstatic.com 'unsafe-inline'; font-src 'self' *.intercomcdn.com *.sparrowtest.com *.sparrowfi.com fonts.googleapis.com fonts.gstatic.com; connect-src 'self' *.intercomcdn.com *.intercom.io wss://*.intercom.io maps.googleapis.com cognito-idp.us-east-1.amazonaws.com o1192572.ingest.sentry.io *.sparrowtest.com *.sparrowfi.com *.fullstory.com cdn.cookielaw.org nelnetinc.us-7.evergage.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com *.linkedin.com stats.g.doubleclick.net; img-src 'self' *.intercomcdn.com static.intercomassets.com d3iunsqowh8khd.cloudfront.net d35hce9fx6cz15.cloudfront.net cdnjs.cloudflare.com bat.bing.com www.nelnet.net www.facebook.com *.linkedin.com www.google.com https://*.google-analytics.com https://*.googletagmanager.com data:; frame-src 'self' td.doubleclick.net
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
36000
content-length
4340
content-security-policy
block-all-mixed-content; default-src 'self'; script-src 'nonce-ALNQZJTSdb6GpVocoVd7ig==' 'strict-dynamic' 'self' widget.intercom.io *.intercomcdn.com cdnjs.cloudflare.com maps.googleapis.com *.fullstory.com https://*.googletagmanager.com bat.bing.com cdn.cookielaw.org connect.facebook.net snap.licdn.com cdn.evgnet.com/beacon/nelnetinc/nelnetbank/scripts/evergage.min.js www.google-analytics.com googleads.g.doubleclick.net *.sparrowtest.com 'sha256-XKl1DCtIkUBRvq1BiT9zIBS3ACWpsKjHNhFzq0JmE+c=' 'sha256-BibpoDGtLcqJmldHiTEJJaxae7rPNurFYXgWVCO4EVw=' 'sha256-Cp2zw0VJ1mIDeLf9E/9u2yfQ4K8yceNQMHk0BbUny8w=' 'sha256-PDHO0RDk4w5XlXMawrYw+4fVwJ5VvxjsZ0ocFGd3SzA=' 'sha256-zEF/ALwwDYV2nZ+rdYGh2XpjU1lbO3oZ2osZayOlmpw=' 'sha256-yxBn2Gp5NuqMNi7ReuwA3JbUbGjVKzk65Z2zsrps7Oc=' 'sha256-bvNubAaanvzctSH2Bj6ENjJoNk03JMpLZL4AeDGgepg=' 'sha256-F3Qj+IRGZEqGdWNLdiYQFEfi+pCkL2mRTY8vVLr+Q44='; style-src 'self' *.sparrowtest.com *.sparrowfi.com fonts.googleapis.com fonts.gstatic.com 'unsafe-inline'; font-src 'self' *.intercomcdn.com *.sparrowtest.com *.sparrowfi.com fonts.googleapis.com fonts.gstatic.com; connect-src 'self' *.intercomcdn.com *.intercom.io wss://*.intercom.io maps.googleapis.com cognito-idp.us-east-1.amazonaws.com o1192572.ingest.sentry.io *.sparrowtest.com *.sparrowfi.com *.fullstory.com cdn.cookielaw.org nelnetinc.us-7.evergage.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com *.linkedin.com stats.g.doubleclick.net; img-src 'self' *.intercomcdn.com static.intercomassets.com d3iunsqowh8khd.cloudfront.net d35hce9fx6cz15.cloudfront.net cdnjs.cloudflare.com bat.bing.com www.nelnet.net www.facebook.com *.linkedin.com www.google.com https://*.google-analytics.com https://*.googletagmanager.com data:; frame-src 'self' td.doubleclick.net
content-type
text/html
date
Thu, 14 Nov 2024 09:10:22 GMT
referrer-policy
strict-origin
server
CloudFront
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
x-amz-cf-id
_LZAamdaNs-He6uodk8-0kOapT9D5qSK-4vGwiaJtG3TVitXaUKeMw==
x-amz-cf-pop
FRA60-P3
x-cache
LambdaGeneratedResponse from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

cache-control
36000
content-length
0
date
Thu, 14 Nov 2024 09:10:23 GMT
location
https://www.nelnetbank.psl.sparrowtest.com/
referrer-policy
strict-origin
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 65c5d5104f267ee43cce97d81871c884.cloudfront.net (CloudFront)
x-amz-cf-id
0pVOmDQldCItkYa28HnwuO6VS3BKOhvB7GLg9tsCtm71ImbiPUKcBw==
x-amz-cf-pop
FRA56-P12
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
css2
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Mate&family=Oswald:wght@600;700&family=PT+Sans:wght@400;700&display=swap
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
729b4931457b15d335860cf1a2d9d3613e40f3c1deb0367c781d32303cdb3e79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 14 Nov 2024 09:10:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 09:10:23 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 14 Nov 2024 09:10:23 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
index-OIaWobx7.js
www.nelnetbank.psl.sparrowtest.com/assets/ 		2 MB
609 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nelnetbank.psl.sparrowtest.com/assets/index-OIaWobx7.js
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.25 , United States, ASN (),
Reverse DNS
server-13-32-99-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
113e511df2df84c9f6a9443f2a071f5fc935048eec8240f8fb31b44e488cd678
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.nelnetbank.psl.sparrowtest.com
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

content-encoding
gzip
etag
W/"4e070227e56a243b5ed9fee85392aba5"
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
E4H8c4bp-DTCbqLeeMqFz12RYbeV1nOnzvf-SJsxTW9GSGda5dXI9g==
date
Thu, 14 Nov 2024 09:10:24 GMT
content-type
application/javascript
vary
accept-encoding
last-modified
Wed, 13 Nov 2024 20:08:11 GMT
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
36000
referrer-policy
strict-origin
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
index-BYqIiPQ6.css
www.nelnetbank.psl.sparrowtest.com/assets/ 		156 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nelnetbank.psl.sparrowtest.com/assets/index-BYqIiPQ6.css
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.25 , United States, ASN (),
Reverse DNS
server-13-32-99-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25a23f99d58e3cdecf7c148aa921a390b283666aeccc09e1fb7932ccdb219d92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.nelnetbank.psl.sparrowtest.com
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

content-encoding
gzip
etag
W/"7347149350beb05291491b0da739fe35"
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
A9ia7dKoZ6oxagXwiOoM8Jp9oOCdlI5wZPZbPKGEtGtnjbX76u15TQ==
date
Thu, 14 Nov 2024 09:10:24 GMT
content-type
text/css
vary
accept-encoding
last-modified
Wed, 13 Nov 2024 20:08:11 GMT
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
36000
referrer-policy
strict-origin
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
gtm.js
www.googletagmanager.com/ 		421 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6eda923b1a339fe6f94494f5a879839095459c72069b1c40e197c5f8a6d88b43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 14 Nov 2024 09:10:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 09:10:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
133637
x-xss-protection
0
server
Google Tag Manager
fs.js
edge.fullstory.com/s/ 		286 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9c3a508b6f8a33e1f9f7e964c6f70e2c364bb836d69ad40912a873f4a30be96f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.nelnetbank.psl.sparrowtest.com
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
br
x-goog-hash
crc32c=i5SFWQ==, md5=dchxFTsSf6lAYIskBmwaVA==
etag
"75c871153b127fa940608b24066c1a54"
age
3576
x-goog-stored-content-encoding
br
expires
Thu, 14 Nov 2024 09:10:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
79062
date
Thu, 14 Nov 2024 08:10:47 GMT
last-modified
Wed, 13 Nov 2024 17:23:07 GMT
content-type
application/javascript
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0ueiv45O9FmaeYlprOKfXmpEbz-XB71z2W9NtAHORwh83COZI4Rae_cXK16TOV0UGzl4jRZ5mrCg
cache-control
public, max-age=3600,no-transform
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1731518587389058
content-length
79062
server
UploadServer
web
edge.fullstory.com/s/settings/BB4ET/v1/ 		13 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/settings/BB4ET/v1/web
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b8c093e6f421e3e70117b9b6bc33ed5b4cdfbd6cf1a1c8fdedbf38e6c441b9bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=2qnAMw==, md5=3nkp95ZLecTN9U69hQ3ajw==
etag
"de7929f7964b79c4cdf54ebd850dda8f"
age
444
x-goog-stored-content-encoding
gzip
expires
Thu, 14 Nov 2024 09:17:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
1792
date
Thu, 14 Nov 2024 09:02:59 GMT
last-modified
Thu, 14 Nov 2024 09:00:39 GMT
content-type
application/json
x-guploader-uploadid
AHmUCY0rtN5MresIo3tYMEoM0j8Ie-_kORKx5y8_2Lu029krXFuV8ZBi0O3EeFMA61tIy-X2pw4dQMisNg
cache-control
public,max-age=900,no-transform
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1731563739846266
content-length
1792
server
UploadServer
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1299229141.1731575423&auid=1921151359.1731575423&npa=1&gtm=45He4bc0v833140375za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102077855&tft=1731575423341&tfd=929&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers
js
www.googletagmanager.com/gtag/ 		409 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-E85CJLWCP7&l=dataLayer&cx=c&gtm=45He4bc0v833140375za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cd0db9ac60e98a3ece4134929421b09c691553126a35f67d1a8dc2623c039b90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 14 Nov 2024 09:10:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 09:10:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
134114
x-xss-protection
0
server
Google Tag Manager
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ade920fd5b00cd298aae7978673a9a64d0bb3fa593d23e91994ec6b6723ebace
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

content-md5
Vo/d0f3ZefkwyML/PnJnjg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DD03B52B60A337
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
19536
x-content-type-options
nosniff
date
Thu, 14 Nov 2024 09:10:23 GMT
content-type
application/javascript
last-modified
Wed, 13 Nov 2024 07:31:20 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
8676ee84-f01e-0019-699f-35bfe2000000
cf-ray
8e25de3cbe07bbb9-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
7212
x-ms-blob-type
BlockBlob
server
cloudflare
destination
www.googletagmanager.com/gtag/ 		283 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-541544738&l=dataLayer&cx=c&gtm=45He4bc0v833140375za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e03b3d69be32a0c3b375ed9aed3266bc0af5bdb6920efbe643989c40523a5571
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Thu, 14 Nov 2024 09:10:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 09:10:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
99822
x-xss-protection
0
server
Google Tag Manager
bat.js
bat.bing.com/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 35648EDA0A9A45939C8C4FED4EF0BAC9 Ref B: FRA31EDGE0821 Ref C: 2024-11-14T09:10:23Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Thu, 14 Nov 2024 09:10:22 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
insight.min.js
snap.licdn.com/li.lms-analytics/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

cache-control
max-age=62330
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14628
date
Thu, 14 Nov 2024 09:10:23 GMT
last-modified
Thu, 22 Aug 2024 10:43:55 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
evergage.min.js
cdn.evgnet.com/beacon/nelnetinc/nelnetbank/scripts/ 		0
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

content-encoding
gzip
age
1738
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Thu, 14 Nov 2024 10:41:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 08:41:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
499aa82b-54fa-47f1-a6f3-e08d213f8337.json
cdn.cookielaw.org/consent/499aa82b-54fa-47f1-a6f3-e08d213f8337/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/499aa82b-54fa-47f1-a6f3-e08d213f8337/499aa82b-54fa-47f1-a6f3-e08d213f8337.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cf210fd84fd02e9dd57208fdec607d5dbea51d3b7eee241ef042d359e51b9c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

content-md5
1EorCQ8AS0h4XDu7bpKumw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DC7A9CE49F587D
age
12662
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Fri, 15 Nov 2024 09:10:23 GMT
date
Thu, 14 Nov 2024 09:10:23 GMT
content-type
application/json
last-modified
Wed, 22 May 2024 20:22:24 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
05c836f3-b01e-0037-3b31-353f25000000
cf-ray
8e25de3dc815db06-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1518
x-ms-blob-type
BlockBlob
server
cloudflare
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-1QhVCW84' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 14 Nov 2024 09:10:23 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-1QhVCW84' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4471, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
ftYctv8OVK10eluGhF7ss18UTmVSqRmw3EAiQEbc8Xsr6ICGsbMyEcaFSym8KoW93LLqmMl2ufujD1fgP2Pr2w==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
spx
dx.mountain.com/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dx.mountain.com/spx?dxver=4.0.0&shaid=37208&tdr=&plh=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com%2F&cb=57807076607012810term=value
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.149.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-149-65.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
629f8c93b993e19cc18e5381869402347b45e930d5e612aca3a2141baf2924cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

transfer-encoding
chunked
content-encoding
gzip
x-envoy-upstream-service-time
2
expires
Thu, 01 Jan 1970 00:00:00 GMT
be
spx-prod
date
Thu, 14 Nov 2024 09:10:23 GMT
content-type
application/javascript;charset=utf-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
server
istio-envoy
truncated
/ Frame 32B1 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 32B1 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
136025897.js
bat.bing.com/p/action/ 		363 B
411 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/136025897.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a1fec7acc9e28feaa2280cd08d30cab4cac8e9557fb8fb35ab6ffcd1e28fade8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2D44803005DD448A9B24BF50607A21E9 Ref B: FRA31EDGE0821 Ref C: 2024-11-14T09:10:23Z
x-cache
CONFIG_NOCACHE
date
Thu, 14 Nov 2024 09:10:23 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
attribution_trigger
px.ads.linkedin.com/ 		2 B
814 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=2735348&time=1731575423680&url=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com%2F
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

x-li-pop
afd-prod-ltx1-x
content-encoding
gzip
x-fs-uuid
000626dbd209c284d210e07cf6aa8e64
x-msedge-ref
Ref A: 6A9D5772D4794DE1BEB2A1D465E97854 Ref B: FRAEDGE1307 Ref C: 2024-11-14T09:10:23Z
x-li-fabric
prod-ltx1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYm29IJwoTSEOB89qqOZA==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Thu, 14 Nov 2024 09:10:23 GMT
content-type
application/json
access-control-allow-headers
*
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2735348&time=1731575423680&url=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com%2F
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2735348&time=1731575423680&url=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com%2F&e_ipv6=AQKybmnRyH69igAAAZMp8CNVuD7LZiGfk_R6UkxpMV09T205SjhGgKn...
0
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2735348&time=1731575423680&url=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com%2F&e_ipv6=AQKybmnRyH69igAAAZMp8CNVuD7LZiGfk_R6UkxpMV09T205SjhGgKnAP2CKOWmX5g
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 99C9CCAC03E040A5990288FE5F0AE792 Ref B: FRAEDGE2011 Ref C: 2024-11-14T09:10:23Z
x-li-fabric
prod-lor1
x-li-uuid
AAYm29IN0eDm/tlyTmQGJw==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Thu, 14 Nov 2024 09:10:23 GMT
content-type
application/javascript

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2735348&time=1731575423680&url=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com%2F&e_ipv6=AQKybmnRyH69igAAAZMp8CNVuD7LZiGfk_R6UkxpMV09T205SjhGgKnAP2CKOWmX5g
x-msedge-ref
Ref A: C0E020236DFD43C0A127A4275884C7C3 Ref B: DUS30EDGE0320 Ref C: 2024-11-14T09:10:23Z
x-li-fabric
prod-lor1
x-li-uuid
AAYm29IJ6YbSca97n4k3Pg==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Thu, 14 Nov 2024 09:10:23 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.9.0/ 		341 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a7830da379aef49b3b3fbfc95e22edb88bc29a7dcaaee81f68a2d4ffdc42b48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

content-md5
56jOXvghU3RiFIKiZ2Zh+g==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
cf-cache-status
HIT
x-ms-version
2009-09-19
age
23554
content-encoding
gzip
x-content-type-options
nosniff
cf-polished
origSize=349017
date
Thu, 14 Nov 2024 09:10:23 GMT
content-type
application/javascript
last-modified
Fri, 20 Nov 2020 16:34:12 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
395cacfc-501e-00fa-1b66-255a6d000000
cf-ray
8e25de3e2f44bbb9-FRA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
0
bat.bing.net/action/ 		0
0
collect
www.google-analytics.com/j/ 		15 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1602802692&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com%2F&ul=de-de&de=UTF-8&dt=Nelnet%20Bank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACAABBAAAACAEC~&jid=1315622833&gjid=2056332502&cid=480913434.1731575424&tid=UA-180194408-1&_gid=1096749147.1731575424&_r=1&_slc=1&gtm=45He4bc0n815Z2DDNRv833140375za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102077855&npa=1&z=1433479692
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5cbf1455bbcabfd9a9a069e1d46f48f491347737ab6990f926d5cba7ac25850a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 09:10:23 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.nelnetbank.psl.sparrowtest.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
js
www.googletagmanager.com/gtag/ 		0
0
5669557999823491
connect.facebook.net/signals/config/ 		69 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/5669557999823491?v=2.9.176&r=stable&domain=www.nelnetbank.psl.sparrowtest.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
2cebfaa1a65eaf1ce0029bf83a194c77bee98eaf7c6fa48ae2a18e2ea87e9bc2
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-vkbwgs8e' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 14 Nov 2024 09:10:24 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-vkbwgs8e' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=71, mss=1232, tbw=70953, tp=68, tpl=0, uplat=159, ullat=0
pragma
public
x-fb-debug
xdkbJs32AukGfSRFMpum2NarOdWJ2C0Le58hg4fkZZmd3BILtRMGvi8kxlovlS5YAPBcVequoyDztHcvWL2xWw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
page
rs.fullstory.com/rec/ 		1 KB
849 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
00a06129f404e9ea7aa9dad782187d265b4d37f3025822cb4877a52b760bb846

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.nelnetbank.psl.sparrowtest.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
654
date
Thu, 14 Nov 2024 09:10:24 GMT
content-type
application/json; charset=utf-8
en.json
cdn.cookielaw.org/consent/499aa82b-54fa-47f1-a6f3-e08d213f8337/f3a72441-cbec-484c-9e4d-b4b598b959f2/ 		83 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/499aa82b-54fa-47f1-a6f3-e08d213f8337/f3a72441-cbec-484c-9e4d-b4b598b959f2/en.json
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fed8976f8267731abcd84353ce8d211fd7b654322572680e463e3a56712f0e50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

content-md5
rQYOn8HBZ7Xqi0CqCBAWzQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DC7A9CE7FC2FF6
age
12662
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Fri, 15 Nov 2024 09:10:23 GMT
date
Thu, 14 Nov 2024 09:10:23 GMT
content-type
application/json
last-modified
Wed, 22 May 2024 20:22:30 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
58cbc9a3-301e-004b-4131-35a210000000
cf-ray
8e25de3f3af8db06-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
18714
x-ms-blob-type
BlockBlob
server
cloudflare
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-E85CJLWCP7&gtm=45je4bc0v9100074456z8833140375za200zb833140375&_p=1731575422998&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&cid=480913434.1731575424&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731575423&sct=1&seg=0&dl=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com%2F&dt=Nelnet%20Bank&en=page_view&_fv=1&_ss=1&tfd=1524
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.nelnetbank.psl.sparrowtest.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 09:10:23 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
568 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-E85CJLWCP7&cid=480913434.1731575424&gtm=45je4bc0v9100074456z8833140375za200zb833140375&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E85CJLWCP7&l=dataLayer&cx=c&gtm=45He4bc0v833140375za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.nelnetbank.psl.sparrowtest.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 09:10:23 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		0
0
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1602802692&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com%2F&ul=de-de&de=UTF-8&dt=Nelnet%20Bank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20depth&ea=%25&el=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com%2F&_u=aGHACAABBAAAACAEC~&jid=&gjid=&cid=480913434.1731575424&tid=UA-180194408-1&_gid=1096749147.1731575424&gtm=45He4bc0n815Z2DDNRv833140375za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102077855&npa=1&z=570076617
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

age
25466
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 02:05:58 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
otFlat.json
cdn.cookielaw.org/scripttemplates/6.9.0/assets/ 		13 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.9.0/assets/otFlat.json
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb44400a61edda0b628ad2ff62cb5d299fab4e7a18d586ae7d70481c6c9550b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

content-md5
nLr4hEi4fuLY/p0DQsLcMA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8D88D721792550E
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
12663
x-content-type-options
nosniff
date
Thu, 14 Nov 2024 09:10:24 GMT
content-type
application/json
last-modified
Fri, 20 Nov 2020 16:34:03 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
08180cb5-801e-00d1-3931-352ed5000000
cf-ray
8e25de401cd4db06-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
3343
x-ms-blob-type
BlockBlob
server
cloudflare
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.9.0/assets/ 		62 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.9.0/assets/otPcCenter.json
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e13b47921ee79d3fab38b733e08dc04ca99b25c1880cb25475c9315ddc2146
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

content-md5
ue/MTNcIjSCNWtleQfbrzg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8D88D7217E98574
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
12663
x-content-type-options
nosniff
date
Thu, 14 Nov 2024 09:10:24 GMT
content-type
application/json
last-modified
Fri, 20 Nov 2020 16:34:03 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
30d739d0-401e-00e5-6a31-35817d000000
cf-ray
8e25de401cd5db06-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
14986
x-ms-blob-type
BlockBlob
server
cloudflare
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=5669557999823491&ev=PageView&dl=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com&rl=&if=false&ts=1731575424063&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12316&fbp=fb.1.1731575424059.766420925244066247&pm=1&hrl=201b4c&ler=empty&cdl=API_unavailable&it=1731575423835&coo=false&cs_cc=1&cas=7085164444926293%2C6986335164826165&rqm=GET
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=15, rtx=0, c=23, mss=1232, tbw=4474, tp=9, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 14 Nov 2024 09:10:24 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=5669557999823491&ev=PageView&dl=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com&rl=&if=false&ts=1731575424063&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12316&fbp=fb.1.1731575424059.766420925244066247&pm=1&hrl=201b4c&ler=empty&cdl=API_unavailable&it=1731575423835&coo=false&cs_cc=1&cas=7085164444926293%2C6986335164826165&rqm=FGET
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7437059817988203657"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 14 Nov 2024 09:10:24 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
sw/jIke0mRZOUuIASAwignl7cOsCFaiZm6PmMYwfalVKD9yEzOI5QdY/eoFAuUefoNLBw6fTPKMDgnWbDbCaZA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7437059817988203657", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=13, rtx=0, c=23, mss=1232, tbw=4874, tp=12, tpl=0, uplat=133, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
icon-close-all-colors.svg
www.nelnet.net/marketingprod/email/images/ 		866 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nelnet.net/marketingprod/email/images/icon-close-all-colors.svg
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.69.100.142 , United States, ASN (),
Reverse DNS
Software
/
Resource Hash
e5bbda35e57164f61f8b55537e15923c87ee6dfecdfb7b1739c5e950ccd2ab85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Robots-Tag
noindex
ETag
"8084ecb94843d61:0"
Accept-Ranges
bytes
Content-Length
866
Date
Thu, 14 Nov 2024 09:10:23 GMT
Content-Type
image/svg+xml
Last-Modified
Mon, 15 Jun 2020 19:11:09 GMT
BasierCircle-Regular-kuEpW37U.woff2
www.nelnetbank.psl.sparrowtest.com/assets/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nelnetbank.psl.sparrowtest.com/assets/BasierCircle-Regular-kuEpW37U.woff2
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/assets/index-BYqIiPQ6.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.25 , United States, ASN (),
Reverse DNS
server-13-32-99-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bc27ad01d2f8eb11cfdb80ff708214db38c85a0e039f772a282a8757b0230193
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.nelnetbank.psl.sparrowtest.com
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

etag
"43deb08ceb3cdc04cb644394052e8b66"
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
BRu6g3Hb0UuigAMWAYevRhWuSZNDtAmJfOtOoZ5kuyx9bbbjuBKqWA==
date
Thu, 14 Nov 2024 09:10:25 GMT
content-type
binary/octet-stream
last-modified
Wed, 13 Nov 2024 20:08:11 GMT
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
36000
referrer-policy
strict-origin
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
17552
x-amz-cf-pop
FRA60-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
BasierCircle-Bold-BRwEG-Yr.woff2
www.nelnetbank.psl.sparrowtest.com/assets/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nelnetbank.psl.sparrowtest.com/assets/BasierCircle-Bold-BRwEG-Yr.woff2
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/assets/index-BYqIiPQ6.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.25 , United States, ASN (),
Reverse DNS
server-13-32-99-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e05ff1a7ed11597c87b4df200fb58a0dac512021bd03a3b52ee41f64ce69846
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.nelnetbank.psl.sparrowtest.com
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

etag
"2104effc36d9963b5763a035b2b4d8c2"
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
Sit4IXXPkjSPcHPTT2SSwA2KQ_AwFwnU2lZN7eDZWT78jVjN5G-zMA==
date
Thu, 14 Nov 2024 09:10:25 GMT
content-type
binary/octet-stream
last-modified
Wed, 13 Nov 2024 20:08:11 GMT
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
36000
referrer-policy
strict-origin
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
17800
x-amz-cf-pop
FRA60-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
/
px.ads.linkedin.com/wa/ 		0
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nelnetbank.psl.sparrowtest.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 07DDA9F433B743B88DF23B13C82A11DC Ref B: DUS30EDGE0320 Ref C: 2024-11-14T09:10:24Z
x-li-fabric
prod-lor1
access-control-allow-credentials
true
x-li-uuid
AAYm29IRGWJLUUOUW8hAfA==
x-li-proto
http/2
access-control-allow-origin
https://www.nelnetbank.psl.sparrowtest.com
x-cache
CONFIG_NOCACHE
date
Thu, 14 Nov 2024 09:10:24 GMT
vary
Origin
st
px.mountain.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://px.mountain.com/st?ga_tracking_id=G-E85CJLWCP7%3BG-LEV6TNB7HC%3BUA-180194408-1&ga_client_id=480913434.1731575424&shpt=Nelnet%20Bank&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-E85CJLWCP7%3BG-LEV6TNB7HC%3BUA-180194408-1%22%2C%22ga_client_id%22%3A%22480913434.1731575424%22%2C%22shpt%22%3A%22Nelnet%20Bank%22%2C%22dcm_cid%22%3A%22480913434.1731575424%22%2C%22dcm_gid%22%3A%221096749147.1731575424%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A1%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=480913434.1731575424&dcm_gid=1096749147.1731575424&hardcoded_ga=G-E85CJLWCP7%3BG-LEV6TNB7HC%3BUA-180194408-1&dxver=4.0.0&shaid=37208&plh=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com%2F&cb=57807076607012810term%3Dvalue
Requested by
Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=37208&tdr=&plh=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com%2F&cb=57807076607012810term=value
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.37.218.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-218-4.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
bc61aada2c084cbbddde33d55dea933f795bea85f626ad054de89380e4476750

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

transfer-encoding
chunked
content-encoding
gzip
x-envoy-upstream-service-time
1
connection
close
access-control-allow-origin
*
p3p
CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
date
Thu, 14 Nov 2024 09:10:25 GMT
content-type
application/javascript;charset=utf-8
server
istio-envoy
schools
api.sparrowtest.com/campus-door/v2/users/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sparrowtest.com/campus-door/v2/users/schools?requestId=&lenderId=4784f8a2-3c86-462c-a5b8-511e0ec0578d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-79.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.nelnetbank.psl.sparrowtest.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.nelnetbank.psl.sparrowtest.com
date
Thu, 14 Nov 2024 09:10:24 GMT
vary
Origin, Access-Control-Request-Headers
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
x-amz-apigw-id
BOq0MEFgIAMEgfA=
x-amz-cf-id
mp7n807S04-m-ZUodVGEUwhEavwbOGZKqncSrtyxuECdAjyfEG3Cdg==
x-amz-cf-pop
FRA60-P1
x-amzn-remapped-connection
keep-alive
x-amzn-remapped-content-length
0
x-amzn-remapped-date
Thu, 14 Nov 2024 09:10:24 GMT
x-amzn-remapped-server
nginx/1.22.1
x-amzn-requestid
44f0ca14-2052-4ef4-ba37-3f2efe9af0ad
x-cache
Miss from cloudfront
/
px.ads.linkedin.com/wa/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nelnetbank.psl.sparrowtest.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 4634919492D84AFDBE98B51E4B921820 Ref B: DUS30EDGE0320 Ref C: 2024-11-14T09:10:24Z
x-li-fabric
prod-lor1
access-control-allow-credentials
true
x-li-uuid
AAYm29IWI+NNiyOgRnsP3w==
x-li-proto
http/2
access-control-allow-origin
https://www.nelnetbank.psl.sparrowtest.com
x-cache
CONFIG_NOCACHE
date
Thu, 14 Nov 2024 09:10:24 GMT
vary
Origin
schools
api.sparrowtest.com/campus-door/v2/users/ 		60 KB
61 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sparrowtest.com/campus-door/v2/users/schools?requestId=&lenderId=4784f8a2-3c86-462c-a5b8-511e0ec0578d
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-79.fra60.r.cloudfront.net
Software
/
Resource Hash
eb17ff8a7e0c40b5fb4448e445c2a161abbd8c589de30a4188f7f869e38f3fd1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json;charset=utf-8
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

x-amzn-remapped-content-length
61472
ratelimit-remaining
99
ratelimit-policy
100;w=1
x-amzn-remapped-connection
keep-alive
etag
W/"f020-ume2tsWvvM/YZxhTgNpOP1q3hcU"
ratelimit-reset
1
x-amzn-requestid
d044d606-c5f4-4415-979c-48a51a5a686f
x-amzn-remapped-server
nginx/1.22.1
x-cache
Miss from cloudfront
x-amz-cf-id
gVw2RDKYir4IuNAeL8kYwqnZbRzFBTZR0RlAqzNJyrUdGup9LF7MtQ==
date
Thu, 14 Nov 2024 09:10:25 GMT
content-type
application/json; charset=utf-8
vary
Origin
x-amz-apigw-id
BOq0PGbkoAMEvqg=
x-amzn-remapped-date
Thu, 14 Nov 2024 09:10:25 GMT
access-control-allow-credentials
true
ratelimit-limit
100
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.nelnetbank.psl.sparrowtest.com
content-length
61472
x-amz-cf-pop
FRA60-P1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=5669557999823491&ev=PageView&dl=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com&rl=&if=false&ts=1731575424535&sw=1600&sh=1200&v=2.9.176&r=stable&ec=1&o=12316&fbp=fb.1.1731575424059.766420925244066247&pm=1&hrl=d1f0d7&ler=empty&cdl=API_unavailable&it=1731575423835&coo=false&cs_cc=1&cas=7085164444926293%2C6986335164826165&rqm=GET
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/prequalification/school-landing-page
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=12, rtx=0, c=26, mss=1232, tbw=7786, tp=18, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 14 Nov 2024 09:10:24 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=5669557999823491&ev=PageView&dl=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com&rl=&if=false&ts=1731575424535&sw=1600&sh=1200&v=2.9.176&r=stable&ec=1&o=12316&fbp=fb.1.1731575424059.766420925244066247&pm=1&hrl=d1f0d7&ler=empty&cdl=API_unavailable&it=1731575423835&coo=false&cs_cc=1&cas=7085164444926293%2C6986335164826165&rqm=FGET
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/prequalification/school-landing-page
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7437059818177723424"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 14 Nov 2024 09:10:24 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
iYfJ/HNYqHIuLLFpzMevAOuv+vKp2CLu3m+6+76smPDF2JPKO+stVTpfSjC+N5qK0SSL2JSs0NMz4VWWZn4bMQ==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7437059818177723424", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=10, rtx=0, c=26, mss=1232, tbw=8026, tp=21, tpl=0, uplat=104, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
logo-_0_dPQwB.png
www.nelnetbank.psl.sparrowtest.com/assets/ 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nelnetbank.psl.sparrowtest.com/assets/logo-_0_dPQwB.png
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/prequalification/school-landing-page
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.25 , United States, ASN (),
Reverse DNS
server-13-32-99-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
422089279a8d45dacd36064f612cfb1215a1e5186686a3da70ac577807a21ee4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

etag
"717e09807be349740177a1b5465b5596"
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
r_fgUmwEokzJLd1iGWQsA74pBwNpQHXAW7JzJ7pnHfrHqxfHsPjsug==
date
Thu, 14 Nov 2024 09:10:25 GMT
content-type
image/png
last-modified
Wed, 13 Nov 2024 20:08:11 GMT
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
36000
referrer-policy
strict-origin
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
105663
x-amz-cf-pop
FRA60-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
truncated
/ 		1018 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fc817364277ef9c6b2de3747b0f9a06c5e91696eb304cd3b025f0ac5fc1b858

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		736 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3883e9c7bd01cd5c2f70a3a90f7efbdd848b72f099651ef2caff00257cceda63

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea16d67ed8233e371bfa427a71e4576c39e87ed45123738b53b94c31b5f95779

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
BasierCircle-SemiBold-DG-qiOZi.woff2
www.nelnetbank.psl.sparrowtest.com/assets/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nelnetbank.psl.sparrowtest.com/assets/BasierCircle-SemiBold-DG-qiOZi.woff2
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/assets/index-BYqIiPQ6.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.25 , United States, ASN (),
Reverse DNS
server-13-32-99-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a4cc28baf83799e86168d5f90ea9a7544b593042e90e6b0ef2cb3ce15363d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.nelnetbank.psl.sparrowtest.com
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

etag
"6cf2b070a29ee4540f10ffca7d8f0e57"
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
hcICmIhDJOYZcLiC_rtmiHXpkIfW2RoYR4FkI_Fif8MXLJEo6mb5PA==
date
Thu, 14 Nov 2024 09:10:25 GMT
content-type
binary/octet-stream
last-modified
Wed, 13 Nov 2024 20:08:11 GMT
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
36000
referrer-policy
strict-origin
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
18304
x-amz-cf-pop
FRA60-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
BasierCircle-Medium-Bs0rI2ah.woff2
www.nelnetbank.psl.sparrowtest.com/assets/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nelnetbank.psl.sparrowtest.com/assets/BasierCircle-Medium-Bs0rI2ah.woff2
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/assets/index-BYqIiPQ6.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.25 , United States, ASN (),
Reverse DNS
server-13-32-99-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
efa9095d7835cec77935c57cf99e63942bcda1a59e487ae23523647d8f8c270e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.nelnetbank.psl.sparrowtest.com
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

etag
"99ef4d64ac4301d9c452b74e81f235af"
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
aQN5aNuBP4zHEBJuDi-HUv6ilLODXs_6QIN8rq0-KdAWd4Nnfgfsnw==
date
Thu, 14 Nov 2024 09:10:25 GMT
content-type
binary/octet-stream
last-modified
Wed, 13 Nov 2024 20:08:11 GMT
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
36000
referrer-policy
strict-origin
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
18256
x-amz-cf-pop
FRA60-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
icomoon-BXBee3-m.ttf
www.nelnetbank.psl.sparrowtest.com/assets/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nelnetbank.psl.sparrowtest.com/assets/icomoon-BXBee3-m.ttf?qubszx
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/assets/index-BYqIiPQ6.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.25 , United States, ASN (),
Reverse DNS
server-13-32-99-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
561eacd7a78089616588e8c34af06cce4d7592f578f62d2db2ebb66596483051
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.nelnetbank.psl.sparrowtest.com
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

etag
"93e0dc57cf80c039510a4b929f8699ee"
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
yyw67ng8BAsRcRh_78iQRKgC-TO0t_zZRyrdQrSmvDIwlQctY4i7pg==
date
Thu, 14 Nov 2024 09:10:25 GMT
content-type
binary/octet-stream
last-modified
Wed, 13 Nov 2024 20:08:11 GMT
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
36000
referrer-policy
strict-origin
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
19396
x-amz-cf-pop
FRA60-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
fs.js
edge.fullstory.com/s/ Frame 3D9A 		286 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9c3a508b6f8a33e1f9f7e964c6f70e2c364bb836d69ad40912a873f4a30be96f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.nelnetbank.psl.sparrowtest.com
Referer

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
br
x-goog-hash
crc32c=i5SFWQ==, md5=dchxFTsSf6lAYIskBmwaVA==
etag
"75c871153b127fa940608b24066c1a54"
age
3576
x-goog-stored-content-encoding
br
expires
Thu, 14 Nov 2024 09:10:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
79062
date
Thu, 14 Nov 2024 08:10:47 GMT
last-modified
Wed, 13 Nov 2024 17:23:07 GMT
content-type
application/javascript
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0ueiv45O9FmaeYlprOKfXmpEbz-XB71z2W9NtAHORwh83COZI4Rae_cXK16TOV0UGzl4jRZ5mrCg
cache-control
public, max-age=3600,no-transform
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1731518587389058
content-length
79062
server
UploadServer
gs
gs.mountain.com/ 		144 B
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gs.mountain.com/gs
Requested by
Host: px.mountain.com
URL: https://px.mountain.com/st?ga_tracking_id=G-E85CJLWCP7%3BG-LEV6TNB7HC%3BUA-180194408-1&ga_client_id=480913434.1731575424&shpt=Nelnet%20Bank&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-E85CJLWCP7%3BG-LEV6TNB7HC%3BUA-180194408-1%22%2C%22ga_client_id%22%3A%22480913434.1731575424%22%2C%22shpt%22%3A%22Nelnet%20Bank%22%2C%22dcm_cid%22%3A%22480913434.1731575424%22%2C%22dcm_gid%22%3A%221096749147.1731575424%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A1%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=480913434.1731575424&dcm_gid=1096749147.1731575424&hardcoded_ga=G-E85CJLWCP7%3BG-LEV6TNB7HC%3BUA-180194408-1&dxver=4.0.0&shaid=37208&plh=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com%2F&cb=57807076607012810term%3Dvalue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.81.162.201 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-162-201.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
cf7e5bced535bfe8cf715e025afcfe29ef93c70a73c054a1b62cb774f61733f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

cache-control
public, max-age=31536000
x-envoy-upstream-service-time
0
connection
close
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
x-application-context
application:prod:8080
p3p
CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
date
Thu, 14 Nov 2024 09:10:25 GMT
content-length
144
content-type
application/javascript;charset=utf-8
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
istio-envoy
access-control-allow-headers
Accept, Content-Type, x-requested-with, X-Custom-Header
st
px.mountain.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://px.mountain.com/st?ga_tracking_id=G-E85CJLWCP7%3BG-LEV6TNB7HC%3BUA-180194408-1&ga_client_id=480913434.1731575424&shpt=Nelnet%20Bank&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-E85CJLWCP7%3BG-LEV6TNB7HC%3BUA-180194408-1%22%2C%22ga_client_id%22%3A%22480913434.1731575424%22%2C%22shpt%22%3A%22Nelnet%20Bank%22%2C%22dcm_cid%22%3A%22480913434.1731575424%22%2C%22dcm_gid%22%3A%221096749147.1731575424%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A1%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=480913434.1731575424&dcm_gid=1096749147.1731575424&hardcoded_ga=G-E85CJLWCP7%3BG-LEV6TNB7HC%3BUA-180194408-1&dxver=4.0.0&shaid=37208&plh=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com%2F&cb=1731575425145197&shguid=923fadba-7771-3f8b-8de0-5bdac01eaf2f&shgts=1731575425880
Requested by
Host: px.mountain.com
URL: https://px.mountain.com/st?ga_tracking_id=G-E85CJLWCP7%3BG-LEV6TNB7HC%3BUA-180194408-1&ga_client_id=480913434.1731575424&shpt=Nelnet%20Bank&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-E85CJLWCP7%3BG-LEV6TNB7HC%3BUA-180194408-1%22%2C%22ga_client_id%22%3A%22480913434.1731575424%22%2C%22shpt%22%3A%22Nelnet%20Bank%22%2C%22dcm_cid%22%3A%22480913434.1731575424%22%2C%22dcm_gid%22%3A%221096749147.1731575424%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A1%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=480913434.1731575424&dcm_gid=1096749147.1731575424&hardcoded_ga=G-E85CJLWCP7%3BG-LEV6TNB7HC%3BUA-180194408-1&dxver=4.0.0&shaid=37208&plh=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com%2F&cb=57807076607012810term%3Dvalue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.37.218.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-218-4.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

transfer-encoding
chunked
content-encoding
gzip
x-envoy-upstream-service-time
22
connection
close
access-control-allow-origin
*
p3p
CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
date
Thu, 14 Nov 2024 09:10:26 GMT
content-type
application/javascript;charset=utf-8
server
istio-envoy
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-E85CJLWCP7&gtm=45je4bc0v9100074456za200zb833140375&_p=1731575422998&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&cid=480913434.1731575424&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&sid=1731575423&sct=1&seg=0&dl=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com%2F&dt=Nelnet%20Bank&_s=2&tfd=4143
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.nelnetbank.psl.sparrowtest.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 09:10:26 GMT
content-type
text/plain
server
Golfe2
favicon.ico
www.nelnetbank.psl.sparrowtest.com/ 		923 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.nelnetbank.psl.sparrowtest.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.25 , United States, ASN (),
Reverse DNS
server-13-32-99-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8442aba60307d45590ffff0bc7a330e3b50c856debf1149a1b178600457d419c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

etag
"cb014465c1b9f63fbc4a11c6ce1b8e5d"
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
SWL_wTArniamGCdgSVbYd5MePxULYj3uzy3wLYKCcc_gF9x8qwludg==
date
Thu, 14 Nov 2024 09:10:27 GMT
content-type
image/vnd.microsoft.icon
last-modified
Wed, 13 Nov 2024 20:08:12 GMT
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
36000
referrer-policy
strict-origin
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
923
x-amz-cf-pop
FRA60-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
v2
rs.fullstory.com/rec/bundle/ 		29 B
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle/v2?OrgId=BB4ET&UserId=36575b46-69b8-4127-9152-e1edff2dc33a&SessionId=4fa43999-e620-455f-82e2-23cf3a589093&PageId=f3f03e97-0eb7-4a49-b047-111e41258f2c&Seq=1&ClientTime=1731575426965&CompiledVersion=0e8b110ed51dbda96d9e20c9428442057807890d&PageStart=1731575424192&PrevBundleTime=0&LastActivity=2048&IsNewSession=true&ContentEncoding=gzip
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
f08c51623f34701de977e1ae624f18fd2e1ae3685e757c1acfdd0fd259c6b3c8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

via
1.1 google
access-control-allow-origin
https://www.nelnetbank.psl.sparrowtest.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
date
Thu, 14 Nov 2024 09:10:27 GMT
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
ffi98qsi
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/ffi98qsi
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/assets/index-OIaWobx7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.18 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
caec2cc5ff9c3e99b578e6e5370d89aa33918a98f5056ad55fb9281b20da35db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

content-encoding
gzip
x-amz-version-id
_PoQ7ln94lIv15A69vfM4FJl_Hbwlj5D
etag
"988554a71f0a5f183fcd73acdff8b922"
age
273
alt-svc
h3=":443"; ma=86400
x-cache
Error from cloudfront
x-amz-cf-id
zIK8tfBuOSdUeyAPv6UCOc0ERbp-TrtkuJdQj67i-jgG-UbJRlPU2g==
date
Thu, 14 Nov 2024 09:05:59 GMT
content-type
application/javascript; charset=UTF-8
vary
accept-encoding, Origin
last-modified
Wed, 13 Nov 2024 15:05:45 GMT
cache-control
max-age=300, s-maxage=300, public
cross-origin-resource-policy
cross-origin
via
1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2668
x-amz-cf-pop
FRA2-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
frame-modern.824d1611.js
js.intercomcdn.com/ Frame F582 		471 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.824d1611.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ffi98qsi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.19 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0426e0e193805fea9bc375986cfc916bd60ef93c6ed703ede1254e10f624ae0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-amz-version-id
sEpU.oDOorblxpV8ucsrbKXrgbFA1vqv
etag
"474ef199e895de84f79af0e4280939ed"
age
282
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
hY6AhukCBES_WqZbag36-rnMAzB73_EtuXPMt-4accOOAPDQYjC9Xg==
date
Thu, 14 Nov 2024 09:05:49 GMT
content-type
application/javascript; charset=UTF-8
vary
accept-encoding
last-modified
Wed, 13 Nov 2024 15:03:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy
cross-origin
via
1.1 08144b62d8ba59c510ae7682981f36c0.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
144924
x-amz-cf-pop
FRA56-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
vendor-modern.5c288613.js
js.intercomcdn.com/ Frame F582 		456 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.5c288613.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ffi98qsi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.19 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad0e16e3e83936688a11f292ef26cd62ff0b2125053c37e9cc8ac41b24f44342
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-amz-version-id
rif4mvb1wbjWaQ9.1VyoBz4QJ8qlO8rb
etag
"cfcbe890471af67f5140f9f36766a673"
age
3568
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
AQS9CUnbuNk1aGlYS3oJIepXFPrtRYN0HlMZhxnEnH674k4HWDB8hw==
date
Thu, 14 Nov 2024 08:11:03 GMT
content-type
application/javascript; charset=UTF-8
vary
accept-encoding
last-modified
Wed, 13 Nov 2024 15:03:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy
cross-origin
via
1.1 08144b62d8ba59c510ae7682981f36c0.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
147369
x-amz-cf-pop
FRA56-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
launcher_settings
api-iam.intercom.io/messenger/web/ Frame F582 		240 B
913 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/launcher_settings
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.824d1611.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.71.50.88 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
18b99350b2bacac3eee8ea7487c71767edaffb49d7eba620af986fd149b1bd74
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer

Response headers

x-request-id
0001qd5ov2ftrdauq8eg
access-control-expose-headers
x-request-id
content-encoding
gzip
etag
W/"18b99350b2bacac3eee8ea7487c71767"
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
status
200 OK
date
Thu, 14 Nov 2024 09:10:30 GMT
content-type
application/json; charset=utf-8
vary
Accept,Accept-Encoding
x-runtime
0.039246
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31556952; includeSubDomains; preload
x-request-queueing
0
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.nelnetbank.psl.sparrowtest.com
x-xss-protection
1; mode=block
x-intercom-version
6f5d3b6ef728b766c38a9b4009c34a8f98be0b16
x-ami-version
ami-0d82ec08b45e6923b
server
nginx
ping
api-iam.intercom.io/messenger/web/ Frame F582 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.824d1611.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.71.50.88 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
3ffde0c51933693bb75c8179a5d773b816e94219c283d09ecd90831c521363b0
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer

Response headers

x-request-id
0019h5g2mocieggvplf0
access-control-expose-headers
x-request-id
content-encoding
gzip
etag
W/"3ffde0c51933693bb75c8179a5d773b8"
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
status
200 OK
date
Thu, 14 Nov 2024 09:10:30 GMT
content-type
application/json; charset=utf-8
vary
Accept,Accept-Encoding
x-runtime
0.170444
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31556952; includeSubDomains; preload
x-request-queueing
0
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.nelnetbank.psl.sparrowtest.com
x-xss-protection
1; mode=block
x-intercom-version
6f5d3b6ef728b766c38a9b4009c34a8f98be0b16
x-ami-version
ami-0d82ec08b45e6923b
server
nginx
ping
api-iam.intercom.io/messenger/web/ Frame F582 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.824d1611.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.71.50.88 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
38a5c58fd15ccabc867a185632bff40d1e32ad1ec1ae7ceb9b46f3a17bac9986
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer

Response headers

x-request-id
001852e4t6l46bsd1hmg
access-control-expose-headers
x-request-id
content-encoding
gzip
etag
W/"38a5c58fd15ccabc867a185632bff40d"
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
status
200 OK
date
Thu, 14 Nov 2024 09:10:31 GMT
content-type
application/json; charset=utf-8
vary
Accept,Accept-Encoding
x-runtime
0.130109
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31556952; includeSubDomains; preload
x-request-queueing
0
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.nelnetbank.psl.sparrowtest.com
x-xss-protection
1; mode=block
x-intercom-version
6f5d3b6ef728b766c38a9b4009c34a8f98be0b16
x-ami-version
ami-0d82ec08b45e6923b
server
nginx
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-E85CJLWCP7&gtm=45je4bc0v9100074456z8833140375za200zb833140375&_p=1731575422998&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&cid=480913434.1731575424&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sid=1731575423&sct=1&seg=1&dl=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com%2Fprequalification%2Fschool-landing-page&dr=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com%2F&dt=Nelnet%20Bank&_s=3&tfd=9145
Requested by
Host: www.nelnetbank.psl.sparrowtest.com
URL: https://www.nelnetbank.psl.sparrowtest.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.nelnetbank.psl.sparrowtest.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 09:10:31 GMT
content-type
text/plain
server
Golfe2
v2
rs.fullstory.com/rec/bundle/ 		29 B
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle/v2?OrgId=BB4ET&UserId=36575b46-69b8-4127-9152-e1edff2dc33a&SessionId=4fa43999-e620-455f-82e2-23cf3a589093&PageId=f3f03e97-0eb7-4a49-b047-111e41258f2c&Seq=2&ClientTime=1731575434454&CompiledVersion=0e8b110ed51dbda96d9e20c9428442057807890d&PageStart=1731575424192&PrevBundleTime=1731575427039&LastActivity=9544&IsNewSession=true&ContentEncoding=gzip
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
f7d36f22f36cada2729291363ca4ccd322f15d79c91546294a57ba42e2c09fc1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.nelnetbank.psl.sparrowtest.com/

Response headers

via
1.1 google
access-control-allow-origin
https://www.nelnetbank.psl.sparrowtest.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
date
Thu, 14 Nov 2024 09:10:34 GMT
content-type
application/json; charset=utf-8
access-control-allow-credentials
true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.evgnet.com
URL
https://cdn.evgnet.com/beacon/nelnetinc/nelnetbank/scripts/evergage.min.js
Domain
bat.bing.net
URL
https://bat.bing.net/action/0?ti=136025897&tm=gtm002&Ver=2&mid=344bf1ca-8949-4856-8999-ed734a9eedac&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Nelnet%20Bank&p=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com%2F&r=&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=429470
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-LEV6TNB7HC&cx=c&_slc=1
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-E85CJLWCP7&cid=480913434.1731575424&gtm=45je4bc0v9100074456z8833140375za200zb833140375&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855&tag_exp=101925629~102067555~102067808~102077855&z=2003535650

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS string| _fs_loaded function| _fs_shutdown object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| onYouTubeIframeAPIReady string| _linkedin_partner_id object| _linkedin_data_partner_ids function| autotrack string| GoogleAnalyticsObject function| ga function| OptanonWrapper function| fbq function| _fbq function| UET function| UET_init function| UET_push object| ueto_90309856c0 object| uetq function| lintrk boolean| _already_called_lintrk object| OtTrustedType string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| gaplugins object| gaGlobal object| gaData object| Optanon object| OneTrust string| dcm_cid object| ORIBILI string| __reactRouterVersion number| __mobxInstanceCount object| __mobxGlobals object| regeneratorRuntime boolean| _pdfjsCompatibilityChecked object| __SENTRY__ function| Intercom object| intercomSettings object| irongate object| mntn

14 Cookies

Domain/Path Name / Value
.sparrowtest.com/ Name: _gcl_au
Value: 1.1.1921151359.1731575423
.nelnetbank.psl.sparrowtest.com/ Name: _ga
Value: GA1.4.480913434.1731575424
.nelnetbank.psl.sparrowtest.com/ Name: _gid
Value: GA1.4.1096749147.1731575424
.nelnetbank.psl.sparrowtest.com/ Name: _gat_UA-180194408-1
Value: 1
.linkedin.com/ Name: bcookie
Value: "v=2&4d072e55-c6e1-4aa1-8e3d-fc6c1126aaff"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MzE1NzU0MjM7MjswMjGRkkgXuZ8eg+nHG5MsQpJ7jHie3ZLgJluakIKaqb4Ksg==
.linkedin.com/ Name: lidc
Value: "b=OGST05:s=O:r=O:a=O:p=O:g=3227:u=1:x=1:i=1731575423:t=1731661823:v=2:sig=AQE9ExMpmMmGbGxzItT2t1eIjHxOM4MB"
.sparrowtest.com/ Name: _ga
Value: GA1.1.480913434.1731575424
.sparrowtest.com/ Name: _fbp
Value: fb.1.1731575424059.766420925244066247
.sparrowtest.com/ Name: fs_lua
Value: 1.1731575423855
.sparrowtest.com/ Name: fs_uid
Value: #BB4ET#36575b46-69b8-4127-9152-e1edff2dc33a:4fa43999-e620-455f-82e2-23cf3a589093:1731575423855::1#/1763111425
.mountain.com/ Name: guid
Value: 48ae3720-a268-11ef-a0c3-173f05c8509b
.px.mountain.com/ Name: tt
Value: H4sIAAAAAAAAAKtWKlOyMqoFAP609q8HAAAA
.sparrowtest.com/ Name: _ga_E85CJLWCP7
Value: GS1.1.1731575423.1.1.1731575426.57.0.0

28 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/
Message:
Refused to frame 'https://www.googletagmanager.com/' because it violates the following Content Security Policy directive: "frame-src 'self' td.doubleclick.net".
security warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR(Line 533)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security error URL: https://bat.bing.com/bat.js
Message:
Refused to connect to 'https://bat.bing.net/actionp/0?ti=136025897&tm=gtm002&Ver=2&mid=344bf1ca-8949-4856-8999-ed734a9eedac&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D' because it violates the following Content Security Policy directive: "connect-src 'self' *.intercomcdn.com *.intercom.io wss://*.intercom.io maps.googleapis.com cognito-idp.us-east-1.amazonaws.com o1192572.ingest.sentry.io *.sparrowtest.com *.sparrowfi.com *.fullstory.com cdn.cookielaw.org nelnetinc.us-7.evergage.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com *.linkedin.com stats.g.doubleclick.net".
security error URL: https://www.nelnetbank.psl.sparrowtest.com/
Message:
Refused to load the image 'https://bat.bing.net/action/0?ti=136025897&tm=gtm002&Ver=2&mid=344bf1ca-8949-4856-8999-ed734a9eedac&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Nelnet%20Bank&p=https%3A%2F%2Fwww.nelnetbank.psl.sparrowtest.com%2F&r=&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=429470' because it violates the following Content Security Policy directive: "img-src 'self' *.intercomcdn.com static.intercomassets.com d3iunsqowh8khd.cloudfront.net d35hce9fx6cz15.cloudfront.net cdnjs.cloudflare.com bat.bing.com www.nelnet.net www.facebook.com *.linkedin.com www.google.com https://*.google-analytics.com https://*.googletagmanager.com data:".
security error URL: https://www.nelnetbank.psl.sparrowtest.com/
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-E85CJLWCP7&cid=480913434.1731575424&gtm=45je4bc0v9100074456z8833140375za200zb833140375&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855&tag_exp=101925629~102067555~102067808~102077855&z=2003535650' because it violates the following Content Security Policy directive: "img-src 'self' *.intercomcdn.com static.intercomassets.com d3iunsqowh8khd.cloudfront.net d35hce9fx6cz15.cloudfront.net cdnjs.cloudflare.com bat.bing.com www.nelnet.net www.facebook.com *.linkedin.com www.google.com https://*.google-analytics.com https://*.googletagmanager.com data:".
security error URL: https://www.nelnetbank.psl.sparrowtest.com/(Line 15)
Message:
Refused to connect to 'https://54.156.2.105/is' because it violates the following Content Security Policy directive: "connect-src 'self' *.intercomcdn.com *.intercom.io wss://*.intercom.io maps.googleapis.com cognito-idp.us-east-1.amazonaws.com o1192572.ingest.sentry.io *.sparrowtest.com *.sparrowfi.com *.fullstory.com cdn.cookielaw.org nelnetinc.us-7.evergage.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com *.linkedin.com stats.g.doubleclick.net".
javascript error URL: https://www.nelnetbank.psl.sparrowtest.com/(Line 15)
Message:
Refused to connect to 'https://54.156.2.105/is' because it violates the document's Content Security Policy.
security warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR(Line 533)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR(Line 533)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR(Line 533)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR(Line 533)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR(Line 533)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR(Line 533)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR(Line 533)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR(Line 533)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR(Line 533)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR(Line 533)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR(Line 533)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR(Line 533)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR(Line 533)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR(Line 533)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR(Line 533)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR(Line 533)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR(Line 533)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR(Line 533)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR(Line 533)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z2DDNR(Line 533)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security error URL: https://bat.bing.com/bat.js
Message:
Refused to connect to 'https://bat.bing.net/actionp/0?ti=136025897&tm=gtm002&Ver=2&mid=344bf1ca-8949-4856-8999-ed734a9eedac&bo=3&evt=pageHide&asc=D' because it violates the following Content Security Policy directive: "connect-src 'self' *.intercomcdn.com *.intercom.io wss://*.intercom.io maps.googleapis.com cognito-idp.us-east-1.amazonaws.com o1192572.ingest.sentry.io *.sparrowtest.com *.sparrowfi.com *.fullstory.com cdn.cookielaw.org nelnetinc.us-7.evergage.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com *.linkedin.com stats.g.doubleclick.net".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; default-src 'self'; script-src 'nonce-ALNQZJTSdb6GpVocoVd7ig==' 'strict-dynamic' 'self' widget.intercom.io *.intercomcdn.com cdnjs.cloudflare.com maps.googleapis.com *.fullstory.com https://*.googletagmanager.com bat.bing.com cdn.cookielaw.org connect.facebook.net snap.licdn.com cdn.evgnet.com/beacon/nelnetinc/nelnetbank/scripts/evergage.min.js www.google-analytics.com googleads.g.doubleclick.net *.sparrowtest.com 'sha256-XKl1DCtIkUBRvq1BiT9zIBS3ACWpsKjHNhFzq0JmE+c=' 'sha256-BibpoDGtLcqJmldHiTEJJaxae7rPNurFYXgWVCO4EVw=' 'sha256-Cp2zw0VJ1mIDeLf9E/9u2yfQ4K8yceNQMHk0BbUny8w=' 'sha256-PDHO0RDk4w5XlXMawrYw+4fVwJ5VvxjsZ0ocFGd3SzA=' 'sha256-zEF/ALwwDYV2nZ+rdYGh2XpjU1lbO3oZ2osZayOlmpw=' 'sha256-yxBn2Gp5NuqMNi7ReuwA3JbUbGjVKzk65Z2zsrps7Oc=' 'sha256-bvNubAaanvzctSH2Bj6ENjJoNk03JMpLZL4AeDGgepg=' 'sha256-F3Qj+IRGZEqGdWNLdiYQFEfi+pCkL2mRTY8vVLr+Q44='; style-src 'self' *.sparrowtest.com *.sparrowfi.com fonts.googleapis.com fonts.gstatic.com 'unsafe-inline'; font-src 'self' *.intercomcdn.com *.sparrowtest.com *.sparrowfi.com fonts.googleapis.com fonts.gstatic.com; connect-src 'self' *.intercomcdn.com *.intercom.io wss://*.intercom.io maps.googleapis.com cognito-idp.us-east-1.amazonaws.com o1192572.ingest.sentry.io *.sparrowtest.com *.sparrowfi.com *.fullstory.com cdn.cookielaw.org nelnetinc.us-7.evergage.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com *.linkedin.com stats.g.doubleclick.net; img-src 'self' *.intercomcdn.com static.intercomassets.com d3iunsqowh8khd.cloudfront.net d35hce9fx6cz15.cloudfront.net cdnjs.cloudflare.com bat.bing.com www.nelnet.net www.facebook.com *.linkedin.com www.google.com https://*.google-analytics.com https://*.googletagmanager.com data:; frame-src 'self' td.doubleclick.net
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
api.sparrowtest.com
bat.bing.com
bat.bing.net
cdn.cookielaw.org
cdn.evgnet.com
connect.facebook.net
dx.mountain.com
edge.fullstory.com
fonts.googleapis.com
gs.mountain.com
js.intercomcdn.com
nelnetbank.psl.sparrowtest.com
px.ads.linkedin.com
px.mountain.com
px4.ads.linkedin.com
region1.analytics.google.com
rs.fullstory.com
snap.licdn.com
stats.g.doubleclick.net
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.nelnet.net
www.nelnetbank.psl.sparrowtest.com
bat.bing.net
cdn.evgnet.com
www.google.de
www.googletagmanager.com
13.107.42.14
13.224.189.18
13.32.121.79
13.32.99.25
142.250.184.206
157.240.251.35
157.240.251.9
18.173.205.127
18.245.46.19
2001:4860:4802:34::36
216.239.34.36
216.58.212.132
216.69.100.142
2606:4700::6812:562a
2620:1ec:21::14
2620:1ec:33:1::10
2a00:1450:4001:829::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9c
2a02:26f0:3500:10::210:a99
34.238.149.65
35.186.194.58
35.201.112.186
35.81.162.201
52.37.218.4
52.71.50.88
00a06129f404e9ea7aa9dad782187d265b4d37f3025822cb4877a52b760bb846
0426e0e193805fea9bc375986cfc916bd60ef93c6ed703ede1254e10f624ae0a
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
0a7830da379aef49b3b3fbfc95e22edb88bc29a7dcaaee81f68a2d4ffdc42b48
113e511df2df84c9f6a9443f2a071f5fc935048eec8240f8fb31b44e488cd678
18b99350b2bacac3eee8ea7487c71767edaffb49d7eba620af986fd149b1bd74
25a23f99d58e3cdecf7c148aa921a390b283666aeccc09e1fb7932ccdb219d92
2cebfaa1a65eaf1ce0029bf83a194c77bee98eaf7c6fa48ae2a18e2ea87e9bc2
2cf210fd84fd02e9dd57208fdec607d5dbea51d3b7eee241ef042d359e51b9c1
3883e9c7bd01cd5c2f70a3a90f7efbdd848b72f099651ef2caff00257cceda63
38a5c58fd15ccabc867a185632bff40d1e32ad1ec1ae7ceb9b46f3a17bac9986
3a4cc28baf83799e86168d5f90ea9a7544b593042e90e6b0ef2cb3ce15363d96
3ffde0c51933693bb75c8179a5d773b816e94219c283d09ecd90831c521363b0
422089279a8d45dacd36064f612cfb1215a1e5186686a3da70ac577807a21ee4
422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4fc817364277ef9c6b2de3747b0f9a06c5e91696eb304cd3b025f0ac5fc1b858
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
561eacd7a78089616588e8c34af06cce4d7592f578f62d2db2ebb66596483051
5cbf1455bbcabfd9a9a069e1d46f48f491347737ab6990f926d5cba7ac25850a
629f8c93b993e19cc18e5381869402347b45e930d5e612aca3a2141baf2924cd
6e05ff1a7ed11597c87b4df200fb58a0dac512021bd03a3b52ee41f64ce69846
6eda923b1a339fe6f94494f5a879839095459c72069b1c40e197c5f8a6d88b43
729b4931457b15d335860cf1a2d9d3613e40f3c1deb0367c781d32303cdb3e79
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8442aba60307d45590ffff0bc7a330e3b50c856debf1149a1b178600457d419c
84e13b47921ee79d3fab38b733e08dc04ca99b25c1880cb25475c9315ddc2146
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
9177d0c7d4e0873b0e3be0fa576c2036f3e4c35fd9ab58d23c13cc9ddf333c0f
9c3a508b6f8a33e1f9f7e964c6f70e2c364bb836d69ad40912a873f4a30be96f
a1fec7acc9e28feaa2280cd08d30cab4cac8e9557fb8fb35ab6ffcd1e28fade8
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ad0e16e3e83936688a11f292ef26cd62ff0b2125053c37e9cc8ac41b24f44342
ade920fd5b00cd298aae7978673a9a64d0bb3fa593d23e91994ec6b6723ebace
b8c093e6f421e3e70117b9b6bc33ed5b4cdfbd6cf1a1c8fdedbf38e6c441b9bc
bc27ad01d2f8eb11cfdb80ff708214db38c85a0e039f772a282a8757b0230193
bc61aada2c084cbbddde33d55dea933f795bea85f626ad054de89380e4476750
caec2cc5ff9c3e99b578e6e5370d89aa33918a98f5056ad55fb9281b20da35db
cd0db9ac60e98a3ece4134929421b09c691553126a35f67d1a8dc2623c039b90
cf7e5bced535bfe8cf715e025afcfe29ef93c70a73c054a1b62cb774f61733f4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e03b3d69be32a0c3b375ed9aed3266bc0af5bdb6920efbe643989c40523a5571
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
e5bbda35e57164f61f8b55537e15923c87ee6dfecdfb7b1739c5e950ccd2ab85
ea16d67ed8233e371bfa427a71e4576c39e87ed45123738b53b94c31b5f95779
eb17ff8a7e0c40b5fb4448e445c2a161abbd8c589de30a4188f7f869e38f3fd1
efa9095d7835cec77935c57cf99e63942bcda1a59e487ae23523647d8f8c270e
f08c51623f34701de977e1ae624f18fd2e1ae3685e757c1acfdd0fd259c6b3c8
f7d36f22f36cada2729291363ca4ccd322f15d79c91546294a57ba42e2c09fc1
fb44400a61edda0b628ad2ff62cb5d299fab4e7a18d586ae7d70481c6c9550b2
fed8976f8267731abcd84353ce8d211fd7b654322572680e463e3a56712f0e50