Submitted URL: http://www.nwecorp.com/
Effective URL: https://nwecorp.com/
Submission: On November 12 via manual from US — Scanned from DE

Summary

This website contacted 16 IPs in 2 countries across 13 domains to perform 50 HTTP transactions. The main IP is 134.209.38.247, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is nwecorp.com.
TLS certificate: Issued by R11 on October 23rd 2024. Valid for: 3 months.
This is the only time nwecorp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 20 134.209.38.247 14061 (DIGITALOC...)
1 18.172.112.97 16509 (AMAZON-02)
3 172.67.39.148 13335 (CLOUDFLAR...)
4 142.250.185.168 15169 (GOOGLE)
1 172.217.18.10 15169 (GOOGLE)
6 18.234.10.85 14618 (AMAZON-AES)
5 142.250.185.227 15169 (GOOGLE)
1 172.217.16.196 15169 (GOOGLE)
2 142.250.185.110 15169 (GOOGLE)
2 157.240.253.1 32934 (FACEBOOK)
2 216.239.34.36 15169 (GOOGLE)
1 64.233.166.157 15169 (GOOGLE)
1 142.250.186.67 15169 (GOOGLE)
1 34.196.14.45 14618 (AMAZON-AES)
2 157.240.253.35 32934 (FACEBOOK)
50 16
Apex Domain
Subdomains
Transfer
20 nwecorp.com
www.nwecorp.com
nwecorp.com
300 KB
7 ladesk.com
nationwideequities.ladesk.com
5.ue1.vbus.apps.ladesk.com — Cisco Umbrella Rank: 128892
17 KB
5 gstatic.com
fonts.gstatic.com
76 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
361 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 4
region1.analytics.google.com — Cisco Umbrella Rank: 3604
3 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 4978
28 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 208
78 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 65
22 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 8378
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 171
542 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 55
1 KB
1 clickcease.com
www.clickcease.com — Cisco Umbrella Rank: 15362
43 KB
50 13
Domain Requested by
18 nwecorp.com nwecorp.com
6 nationwideequities.ladesk.com nwecorp.com
nationwideequities.ladesk.com
5 fonts.gstatic.com nwecorp.com
4 www.googletagmanager.com nwecorp.com
www.googletagmanager.com
3 static.addtoany.com nwecorp.com
static.addtoany.com
2 www.facebook.com nwecorp.com
2 region1.analytics.google.com www.googletagmanager.com
2 connect.facebook.net nwecorp.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.nwecorp.com 2 redirects
1 5.ue1.vbus.apps.ladesk.com nationwideequities.ladesk.com
1 www.google.de nwecorp.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 www.google.com www.googletagmanager.com
1 fonts.googleapis.com nwecorp.com
1 www.clickcease.com nwecorp.com
50 16

This site contains links to these domains. Also see Links.

Domain
wholesale.nwecorp.com
www.branchpower.com
Subject Issuer Validity Valid
www.nwecorp.com
R11
2024-10-23 -
2025-01-21
3 months crt.sh
clickcease.com
Amazon RSA 2048 M03
2024-10-26 -
2025-11-24
a year crt.sh
static.addtoany.com
WE1
2024-11-03 -
2025-02-01
3 months crt.sh
*.google-analytics.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
upload.video.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.ladesk.com
R11
2024-10-04 -
2025-01-02
3 months crt.sh
*.gstatic.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
www.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-08-21 -
2024-11-19
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
www.google.de
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
5.ue1.vbus.apps.ladesk.com
R11
2024-10-23 -
2025-01-21
3 months crt.sh

This page contains 5 frames:

Primary Page: https://nwecorp.com/
Frame ID: F08EC4FC05F3E55B8B5CF12E8DEC6371
Requests: 47 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: 04AF419438854DB02AB95B5DC714CAFB
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fnwecorp.com
Frame ID: 82836662FBBF2922390E350C368EC019
Requests: 1 HTTP requests in this frame

Frame: https://nationwideequities.ladesk.com/scripts/generateWidget.php?v=5.50.5.13&t=1731186846&cwid=r49hy5oo&cwrt=C&pt=Welcome%20-%20Nationwide%20Equities&ref=https%3A%2F%2Fnwecorp.com%2F
Frame ID: D79BA329ADEF4D715CB930AF9E5F1044
Requests: 1 HTTP requests in this frame

Frame: https://5.ue1.vbus.apps.ladesk.com/5_50_5_13/scripts/lib/bus.html?v=5.50.5.13
Frame ID: 948516ADF79CE0A8333574DE292F93DC
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Welcome - Nationwide Equities

Page URL History Show full URLs

  1. http://www.nwecorp.com/ HTTP 307
    https://www.nwecorp.com/ HTTP 307
    http://www.nwecorp.com/ HTTP 301
    https://www.nwecorp.com/ HTTP 301
    https://nwecorp.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

16
Subdomains

16
IPs

2
Countries

930 kB
Transfer

2429 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.nwecorp.com/ HTTP 307
    https://www.nwecorp.com/ HTTP 307
    http://www.nwecorp.com/ HTTP 301
    https://www.nwecorp.com/ HTTP 301
    https://nwecorp.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
nwecorp.com/
Redirect Chain
  • http://www.nwecorp.com/
  • https://www.nwecorp.com/
  • http://www.nwecorp.com/
  • https://www.nwecorp.com/
  • https://nwecorp.com/
44 KB
12 KB
Document
General
Full URL
https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.209.38.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
b411e0d531bd6c9c9a59285a3556b901bcc2cdb19f582cd27c9b30ca573cfeff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=3061, public
content-encoding
gzip
content-length
11560
content-type
text/html; charset=UTF-8
date
Tue, 12 Nov 2024 20:17:40 GMT
etag
"2d28-626bcc89ff255"
expires
Tue, 12 Nov 2024 21:08:41 GMT
last-modified
Tue, 12 Nov 2024 20:08:41 GMT
pragma
public
referrer-policy
no-referrer-when-downgrade
server
nginx
vary
Accept-Encoding,Cookie

Redirect headers

cache-control
max-age=3600
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 12 Nov 2024 20:17:40 GMT
expires
Tue, 12 Nov 2024 21:17:40 GMT
location
https://nwecorp.com/
referrer-policy
no-referrer-when-downgrade
server
nginx
vary
X-Forwarded-Proto,Accept-Encoding
x-redirect-by
WordPress
stat.js
www.clickcease.com/monitor/
142 KB
43 KB
Script
General
Full URL
https://www.clickcease.com/monitor/stat.js
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-97.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

content-encoding
gzip
etag
W/"e112b8bf96f23bc2970347a3c98e37fc"
x-amz-version-id
Cf02rYNryv9UIBzoGOQeQJTZ2QU2vf2Y
age
10
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
Uykw0V8GO5Jn7pMVIKZSvLmZ55bHbN02sgn6dRKTffLiM4BK4EM1hw==
date
Tue, 12 Nov 2024 20:17:32 GMT
content-type
application/javascript
vary
accept-encoding, Origin
last-modified
Tue, 12 Sep 2023 09:05:15 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
referrer-policy
no-referrer-when-downgrade
via
1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
permissions-policy
microphone 'none'; camera 'none';
x-amz-cf-pop
FRA60-P8
server
AmazonS3
x-amz-server-side-encryption
AES256
autoptimize_single_8d9d541cc4c37ce152038f142628e199.css
nwecorp.com/wp-content/cache/autoptimize/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://nwecorp.com/wp-content/cache/autoptimize/css/autoptimize_single_8d9d541cc4c37ce152038f142628e199.css
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.209.38.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
0dba6571cef550fa8620c6a696968379e3d179578db239f59cefbc74e9bee6fd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

cache-control
max-age=30672000, public, immutable, public
content-encoding
gzip
etag
"87c-62637f62d8793-gzip"
pragma
public
referrer-policy
no-referrer-when-downgrade
expires
Sun, 02 Nov 2025 20:17:41 GMT
accept-ranges
bytes
content-length
911
date
Tue, 12 Nov 2024 20:17:41 GMT
content-type
text/css
vary
X-Forwarded-Proto,Accept-Encoding
server
nginx
last-modified
Wed, 06 Nov 2024 05:40:55 GMT
autoptimize_single_0f909b68d93e874a2d7853fb4c93fe46.css
nwecorp.com/wp-content/cache/autoptimize/css/
2 KB
1014 B
Stylesheet
General
Full URL
https://nwecorp.com/wp-content/cache/autoptimize/css/autoptimize_single_0f909b68d93e874a2d7853fb4c93fe46.css
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.209.38.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
82e509e9ec9682de42d681a95932015008f7a9339b65da833b2437d4f472c7ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

cache-control
max-age=30672000, public, immutable, public
content-encoding
gzip
etag
"73f-62637f62d8793-gzip"
pragma
public
referrer-policy
no-referrer-when-downgrade
expires
Sun, 02 Nov 2025 20:17:41 GMT
accept-ranges
bytes
content-length
708
date
Tue, 12 Nov 2024 20:17:41 GMT
content-type
text/css
vary
X-Forwarded-Proto,Accept-Encoding
server
nginx
last-modified
Wed, 06 Nov 2024 05:40:55 GMT
autoptimize_single_280bb7d354c82e47914e91d3ec1b282e.css
nwecorp.com/wp-content/cache/autoptimize/css/
6 KB
3 KB
Stylesheet
General
Full URL
https://nwecorp.com/wp-content/cache/autoptimize/css/autoptimize_single_280bb7d354c82e47914e91d3ec1b282e.css
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.209.38.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
1aae0859bd282984ed066c3bb1ede5426ced8209b36e0ec8f13f98d5ea92f8f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

cache-control
max-age=30672000, public, immutable, public
content-encoding
gzip
etag
"1831-62637f62d9733-gzip"
pragma
public
referrer-policy
no-referrer-when-downgrade
expires
Sun, 02 Nov 2025 20:17:41 GMT
accept-ranges
bytes
content-length
2489
date
Tue, 12 Nov 2024 20:17:41 GMT
content-type
text/css
vary
X-Forwarded-Proto,Accept-Encoding
server
nginx
last-modified
Wed, 06 Nov 2024 05:40:55 GMT
pum-site-styles.css
nwecorp.com/wp-content/uploads/pum/
15 KB
3 KB
Stylesheet
General
Full URL
https://nwecorp.com/wp-content/uploads/pum/pum-site-styles.css
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.209.38.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
ceb3cef0a5f894c7bf8bf167e867df717f5b6a569219b12d03e4365bcf623901

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

cache-control
max-age=31536000, public
content-encoding
gzip
etag
"3ae8-622f8ffd3b92b-gzip"
pragma
public
referrer-policy
no-referrer-when-downgrade
expires
Wed, 12 Nov 2025 20:17:41 GMT
accept-ranges
bytes
content-length
3212
date
Tue, 12 Nov 2024 20:17:41 GMT
content-type
text/css
last-modified
Wed, 25 Sep 2024 22:18:19 GMT
server
nginx
vary
Accept-Encoding
autoptimize_single_5b460e4525e1460b60d26836678f38b7.css
nwecorp.com/wp-content/cache/autoptimize/css/
35 KB
6 KB
Stylesheet
General
Full URL
https://nwecorp.com/wp-content/cache/autoptimize/css/autoptimize_single_5b460e4525e1460b60d26836678f38b7.css
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.209.38.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
964601541a76922c4aaf65d9571dd64ca070fd6ddf909442fbbe204eda6bb5af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

cache-control
max-age=30672000, public, immutable, public
content-encoding
gzip
etag
"8ad6-62637f62db673-gzip"
pragma
public
referrer-policy
no-referrer-when-downgrade
expires
Sun, 02 Nov 2025 20:17:41 GMT
accept-ranges
bytes
content-length
5330
date
Tue, 12 Nov 2024 20:17:41 GMT
content-type
text/css
vary
X-Forwarded-Proto,Accept-Encoding
server
nginx
last-modified
Wed, 06 Nov 2024 05:40:55 GMT
autoptimize_single_c2ec01871cd61faff1114b6e54f379db.css
nwecorp.com/wp-content/cache/autoptimize/css/
3 KB
2 KB
Stylesheet
General
Full URL
https://nwecorp.com/wp-content/cache/autoptimize/css/autoptimize_single_c2ec01871cd61faff1114b6e54f379db.css
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.209.38.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
43a35f2989e50e04cca73ad26e12e6226c628b09c14a4614bdf40122ff6a6b55

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

cache-control
max-age=30672000, public, immutable, public
content-encoding
gzip
etag
"d58-62637f62dc613-gzip"
pragma
public
referrer-policy
no-referrer-when-downgrade
expires
Sun, 02 Nov 2025 20:17:41 GMT
accept-ranges
bytes
content-length
1265
date
Tue, 12 Nov 2024 20:17:41 GMT
content-type
text/css
vary
X-Forwarded-Proto,Accept-Encoding
server
nginx
last-modified
Wed, 06 Nov 2024 05:40:55 GMT
autoptimize_single_d842b6773b4c7956cb1ea51d3139d31c.css
nwecorp.com/wp-content/cache/autoptimize/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://nwecorp.com/wp-content/cache/autoptimize/css/autoptimize_single_d842b6773b4c7956cb1ea51d3139d31c.css
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.209.38.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
9820efbd16ef470fb8b301db4d4bc16896e548cde33bc0681bc41a72579e16c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

cache-control
max-age=30672000, public, immutable, public
content-encoding
gzip
etag
"1517-62637f62dc613-gzip"
pragma
public
referrer-policy
no-referrer-when-downgrade
expires
Sun, 02 Nov 2025 20:17:41 GMT
accept-ranges
bytes
content-length
1555
date
Tue, 12 Nov 2024 20:17:41 GMT
content-type
text/css
vary
X-Forwarded-Proto,Accept-Encoding
server
nginx
last-modified
Wed, 06 Nov 2024 05:40:55 GMT
autoptimize_single_04ac1c8630c503a10b29812f26f29f7d.css
nwecorp.com/wp-content/cache/autoptimize/css/
13 KB
3 KB
Stylesheet
General
Full URL
https://nwecorp.com/wp-content/cache/autoptimize/css/autoptimize_single_04ac1c8630c503a10b29812f26f29f7d.css
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.209.38.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
4fd55b67dfa8c74950a1f5ae219f97391ba2e8cb481f704750040fb8f80ab335

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

cache-control
max-age=30672000, public, immutable, public
content-encoding
gzip
etag
"35d6-62637f62dd5b3-gzip"
pragma
public
referrer-policy
no-referrer-when-downgrade
expires
Sun, 02 Nov 2025 20:17:41 GMT
accept-ranges
bytes
content-length
2919
date
Tue, 12 Nov 2024 20:17:41 GMT
content-type
text/css
vary
X-Forwarded-Proto,Accept-Encoding
server
nginx
last-modified
Wed, 06 Nov 2024 05:40:55 GMT
autoptimize_single_f9ef19b8c81feae24fe5970bfadc34bb.css
nwecorp.com/wp-content/cache/autoptimize/css/
54 KB
4 KB
Stylesheet
General
Full URL
https://nwecorp.com/wp-content/cache/autoptimize/css/autoptimize_single_f9ef19b8c81feae24fe5970bfadc34bb.css
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.209.38.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
61f8c72add16b26504130f7bac616d5d0eca91946748273a95259ca2f8cc12e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

cache-control
max-age=30672000, public, immutable, public
content-encoding
gzip
etag
"d7f6-62637f62e1433-gzip"
pragma
public
referrer-policy
no-referrer-when-downgrade
expires
Sun, 02 Nov 2025 20:17:41 GMT
accept-ranges
bytes
content-length
3830
date
Tue, 12 Nov 2024 20:17:41 GMT
content-type
text/css
vary
X-Forwarded-Proto,Accept-Encoding
server
nginx
last-modified
Wed, 06 Nov 2024 05:40:55 GMT
page.js
static.addtoany.com/menu/
3 KB
2 KB
Script
General
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa2c31f1139ecdb4a5ee194df5b10f4844435639cdf791bebae6c49ee5b05089
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"7980d9a797beb21fbeb086d8f294ad7b"
age
725
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F9wNMng8XolOsS5Fr2i6EY8ohtJyF4AxiipGCfs4NPJmZj8O221PWDU6F%2F2pny10Ukz%2Bgdq8%2F2P85i3R%2BKE4YGCmXwukFIrrm3zlYu3ztZbIRFz%2BMwR6o4%2FhuL7VdWHpj%2FhexNC7S6AA2UVc1FFQNbj7"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 20:17:41 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400, stale-while-revalidate=30, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules
"/cdn-cgi/speculation"
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1934fd39a6915c-FRA
access-control-allow-origin
*
server
cloudflare
jquery.min.js
nwecorp.com/wp-includes/js/jquery/
86 KB
30 KB
Script
General
Full URL
https://nwecorp.com/wp-includes/js/jquery/jquery.min.js
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.209.38.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

cache-control
max-age=31536000, public
content-encoding
gzip
etag
"15601-609974e1cf3bb-gzip"
pragma
public
referrer-policy
no-referrer-when-downgrade
expires
Wed, 12 Nov 2025 20:17:41 GMT
accept-ranges
bytes
content-length
30368
date
Tue, 12 Nov 2024 20:17:41 GMT
content-type
application/x-javascript
vary
X-Forwarded-Proto,Accept-Encoding
server
nginx
last-modified
Tue, 07 Nov 2023 22:15:15 GMT
js
www.googletagmanager.com/gtag/
402 KB
130 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-W6BZBTG
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e6ff150f56952d37c56bf0d2bd370ef01fa07d1000656ef9030b2566f7a7ac62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 12 Nov 2024 20:17:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 20:17:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
132990
x-xss-protection
0
server
Google Tag Manager
Nationwide-Equities-w-NMLS2.png
nwecorp.com/wp-content/uploads/2024/04/
56 KB
56 KB
Image
General
Full URL
https://nwecorp.com/wp-content/uploads/2024/04/Nationwide-Equities-w-NMLS2.png
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.209.38.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
0ff89e5acb09e7e41cdbbac921d6e5fc533938009a3f886705190b166c044a1f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

cache-control
private, max-age=2592000
referrer-policy
no-referrer-when-downgrade
expires
Thu, 12 Dec 2024 20:17:41 GMT
date
Tue, 12 Nov 2024 20:17:41 GMT
x-webp-convert-log
Serving converted file
content-type
image/webp
vary
Accept,X-Forwarded-Proto,Accept-Encoding
server
nginx
last-modified
Wed, 10 Apr 2024 20:48:01 GMT
CO-OP-RM-AD-469X391-px-1.png
nwecorp.com/wp-content/uploads/2023/01/
45 KB
45 KB
Image
General
Full URL
https://nwecorp.com/wp-content/uploads/2023/01/CO-OP-RM-AD-469X391-px-1.png
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.209.38.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
a62078429f202690e9572de95c242df21b3e27ab8f72ec73cf6454afe830f170

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

cache-control
private, max-age=2592000
referrer-policy
no-referrer-when-downgrade
expires
Thu, 12 Dec 2024 20:17:41 GMT
date
Tue, 12 Nov 2024 20:17:41 GMT
x-webp-convert-log
Serving converted file
content-type
image/webp
vary
Accept,X-Forwarded-Proto,Accept-Encoding
server
nginx
last-modified
Tue, 03 Jan 2023 19:09:16 GMT
lazysizes.min.js
nwecorp.com/wp-content/plugins/autoptimize/classes/external/js/
10 KB
4 KB
Script
General
Full URL
https://nwecorp.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.209.38.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

cache-control
max-age=31536000, public
content-encoding
gzip
etag
"2655-61e1852382a07-gzip"
pragma
public
referrer-policy
no-referrer-when-downgrade
expires
Wed, 12 Nov 2025 20:17:41 GMT
accept-ranges
bytes
content-length
4122
date
Tue, 12 Nov 2024 20:17:41 GMT
content-type
application/x-javascript
vary
X-Forwarded-Proto,Accept-Encoding
server
nginx
last-modified
Thu, 25 Jul 2024 20:34:27 GMT
autoptimize_92e02f51ce93fbe59ce729b569dd94fa.js
nwecorp.com/wp-content/cache/autoptimize/js/
172 KB
45 KB
Script
General
Full URL
https://nwecorp.com/wp-content/cache/autoptimize/js/autoptimize_92e02f51ce93fbe59ce729b569dd94fa.js
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.209.38.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
86d4e3bb895e6aa3fcdf65667e60638e894f0aa5089ed8e42fed4becba550b53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

cache-control
max-age=31536000, public, immutable, public
content-encoding
gzip
etag
"2af4a-62637f62d6853-gzip"
pragma
public
referrer-policy
no-referrer-when-downgrade
expires
Wed, 12 Nov 2025 20:17:41 GMT
accept-ranges
bytes
content-length
46128
date
Tue, 12 Nov 2024 20:17:41 GMT
content-type
application/x-javascript
vary
X-Forwarded-Proto,Accept-Encoding
server
nginx
last-modified
Wed, 06 Nov 2024 05:40:55 GMT
css
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/wp-content/uploads/pum/pum-site-styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f10.1e100.net
Software
ESF /
Resource Hash
1c445d2ae619f3e88627f553bd2f0e8ed5c4470d0b94624aab47c529a16cc010
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/wp-content/uploads/pum/pum-site-styles.css

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 12 Nov 2024 20:17:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 20:17:41 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 12 Nov 2024 19:01:45 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
gtm.js
www.googletagmanager.com/
284 KB
101 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WJ6CTLP
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8dd51c7671ef84eedd36d7167fb0887eeac2c23c4396a087cf4f8c08334dc0d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 12 Nov 2024 20:17:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 20:17:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 12 Nov 2024 18:38:54 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
102698
x-xss-protection
0
server
Google Tag Manager
track.js
nationwideequities.ladesk.com/scripts/
49 KB
13 KB
Script
General
Full URL
https://nationwideequities.ladesk.com/scripts/track.js
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.10.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-10-85.compute-1.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
59eda655b2af9936e87548893472328efa781a853b01f4aa8aa2352ec330f05e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=300, public
content-encoding
gzip
etag
W/"c577-6259959423880"
age
37
x-content-type-options
nosniff
via
1.1 varnish (prod-ue1)
accept-ranges
bytes
x-varnish
16234785 17641831
content-length
13153
date
Tue, 12 Nov 2024 20:17:04 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 08:26:58 GMT
server
Apache/2.4.57 (Unix)
la-ver
5.50.5.13
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5620fd3acd4874ee2d86b7cc4ac77997940fb53e8faf51aa640573805c71cfce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/wp-content/cache/autoptimize/css/autoptimize_single_04ac1c8630c503a10b29812f26f29f7d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://nwecorp.com
Referer
https://nwecorp.com/wp-content/cache/autoptimize/css/autoptimize_single_04ac1c8630c503a10b29812f26f29f7d.css

Response headers

age
40406
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 12 Nov 2025 09:04:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 09:04:16 GMT
last-modified
Thu, 05 Nov 2020 22:01:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7776
x-xss-protection
0
server
sffe
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/wp-content/cache/autoptimize/css/autoptimize_single_04ac1c8630c503a10b29812f26f29f7d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://nwecorp.com
Referer
https://nwecorp.com/wp-content/cache/autoptimize/css/autoptimize_single_04ac1c8630c503a10b29812f26f29f7d.css

Response headers

age
42715
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 12 Nov 2025 08:25:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 08:25:47 GMT
last-modified
Tue, 15 Sep 2020 18:09:20 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
45416
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/wp-content/cache/autoptimize/css/autoptimize_single_04ac1c8630c503a10b29812f26f29f7d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://nwecorp.com
Referer
https://nwecorp.com/wp-content/cache/autoptimize/css/autoptimize_single_04ac1c8630c503a10b29812f26f29f7d.css

Response headers

age
40407
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 12 Nov 2025 09:04:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 09:04:15 GMT
last-modified
Thu, 05 Nov 2020 22:01:48 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7832
x-xss-protection
0
server
sffe
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/wp-content/cache/autoptimize/css/autoptimize_single_04ac1c8630c503a10b29812f26f29f7d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://nwecorp.com
Referer
https://nwecorp.com/wp-content/cache/autoptimize/css/autoptimize_single_04ac1c8630c503a10b29812f26f29f7d.css

Response headers

age
141
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 12 Nov 2025 20:15:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 20:15:21 GMT
last-modified
Thu, 05 Nov 2020 22:02:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7900
x-xss-protection
0
server
sffe
Mask-Group96.jpg
nwecorp.com/wp-content/uploads/2021/12/
67 KB
68 KB
Image
General
Full URL
https://nwecorp.com/wp-content/uploads/2021/12/Mask-Group96.jpg
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.209.38.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
7a812b69ffc360efe0433e70801e2896424d2f102195a805a7cd198637a98f17

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

cache-control
private, max-age=2592000
referrer-policy
no-referrer-when-downgrade
expires
Thu, 12 Dec 2024 20:17:41 GMT
date
Tue, 12 Nov 2024 20:17:41 GMT
x-webp-convert-log
Serving converted file
content-type
image/webp
vary
Accept,X-Forwarded-Proto,Accept-Encoding
server
nginx
last-modified
Tue, 28 Dec 2021 18:27:58 GMT
sm.25.html
static.addtoany.com/menu/ Frame 04AF
0
0
Document
General
Full URL
https://static.addtoany.com/menu/sm.25.html
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nwecorp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
2244
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
8e193500dec7dbab-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 12 Nov 2024 20:17:42 GMT
last-modified
Tue, 12 Nov 2024 19:40:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JLPRPnZmELgHe%2FuatHick%2FhMUvTstCaFQPn6HHLRS2B2ei9wEyqdH3RLrEGvKMeL%2FG2CG%2BvxAYWNuOg804ofM2dbeogcnIhkV7KVwiSxzNypprm52NlegSLpXSPfid4%2FjTDUSQ99"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
core.m4v434v2.js
static.addtoany.com/menu/modules/
70 KB
26 KB
Script
General
Full URL
https://static.addtoany.com/menu/modules/core.m4v434v2.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cd3f28cdd95b9189601f65545a6fc9095734f3bf7d2f74f13e60d86fc86da77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://nwecorp.com
Referer
https://nwecorp.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"a4f330a2c6b3bd08f77e32260990108f"
age
17030
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=11SfN5jUKq0IJQ4wHWFgtBkpWvuRWmpBuxWFTt5KEMpph6%2BjIjl6rzk2kwWtu53pFlfRtvjpboR9T6zElexRS%2BHGMJw0Dm%2BFf6e3HwihuSaSleh334dKj03gTxOnndqXWTHlNiIj"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 20:17:42 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=315360000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules
"/cdn-cgi/speculation"
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1935013aa8d262-FRA
access-control-allow-origin
*
server
cloudflare
Menu-dropdown-1.png
nwecorp.com/wp-content/uploads/2021/11/
14 KB
14 KB
Image
General
Full URL
https://nwecorp.com/wp-content/uploads/2021/11/Menu-dropdown-1.png
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.209.38.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
b0ed95185fec7963ac89c9e2c98f8a9e6c0808052088fef9440586d6ea90fedd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

cache-control
private, max-age=2592000
referrer-policy
no-referrer-when-downgrade
expires
Thu, 12 Dec 2024 20:17:42 GMT
date
Tue, 12 Nov 2024 20:17:42 GMT
x-webp-convert-log
Serving converted file
content-type
image/webp
vary
Accept,X-Forwarded-Proto,Accept-Encoding
server
nginx
last-modified
Tue, 28 Dec 2021 17:57:02 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/wp-content/cache/autoptimize/css/autoptimize_single_04ac1c8630c503a10b29812f26f29f7d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://nwecorp.com
Referer
https://nwecorp.com/wp-content/cache/autoptimize/css/autoptimize_single_04ac1c8630c503a10b29812f26f29f7d.css

Response headers

age
534924
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:42:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:42:18 GMT
last-modified
Thu, 05 Nov 2020 22:02:10 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7988
x-xss-protection
0
server
sffe
button.php
nationwideequities.ladesk.com/scripts/
3 KB
1 KB
Script
General
Full URL
https://nationwideequities.ladesk.com/scripts/button.php?ChS=UTF-8&C=Widget&i=r49hy5oo&p=__S__nwecorp.com%2F
Requested by
Host: nationwideequities.ladesk.com
URL: https://nationwideequities.ladesk.com/scripts/track.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.10.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-10-85.compute-1.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
4510df0a5f2321275e4160d058fa3735f42ff9c5fcfd4876b5403b64def3f7c6
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=15, public
content-encoding
gzip
pragma
age
0
x-content-type-options
nosniff, nosniff
via
1.1 varnish (prod-ue1)
expires
Tue, 12 Nov 2024 20:17:57 GMT
accept-ranges
bytes
x-varnish
12444955
date
Tue, 12 Nov 2024 20:17:42 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 12 Nov 2024 20:17:42 GMT
server
Apache/2.4.57 (Unix)
la-ver
5.50.5.13
collect
www.google.com/ccm/
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fnwecorp.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1648992381.1731442662&auid=2091317855.1731442662&npa=1&gtm=45He4b70v865888577za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629~102077854&tft=1731442662375&tfd=6084&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJ6CTLP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f196.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJ6CTLP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

content-encoding
gzip
age
2854
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Tue, 12 Nov 2024 21:30:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 19:30:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
fbevents.js
connect.facebook.net/en_US/
239 KB
63 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-est0aT1H' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 20:17:42 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-est0aT1H' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1348, tbw=2912, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
/hEW7kQbSVCBHKweb/brI8LxKLFSfV/wcFMXtta2mKw7T2AsMP0zOM6dN2wMvPYRetcuTwAZKp66sA+jDZ3gfQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
js
www.googletagmanager.com/gtag/
402 KB
130 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-W6BZBTG&l=dataLayer&cx=c&gtm=45He4b70v865888577za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJ6CTLP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f97f5a00286031ba708e9002e73430901c6911c21d119cc6f6cac4a144b2161b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 12 Nov 2024 20:17:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 20:17:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
132955
x-xss-protection
0
server
Google Tag Manager
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 8283
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fnwecorp.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJ6CTLP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
70127
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Nov 2024 00:48:55 GMT
expires
Wed, 12 Nov 2025 00:48:55 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-8TJV7DG7P1&gtm=45Pe4b70v9122446017za200zb865888577&_p=1731442661612&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629~102077855&gdid=dZTNiMT&cid=1938940886.1731442663&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731442662&sct=1&seg=0&dl=https%3A%2F%2Fnwecorp.com%2F&dt=Welcome%20-%20Nationwide%20Equities&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=6305
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-W6BZBTG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://nwecorp.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 20:17:42 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
542 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8TJV7DG7P1&cid=1938940886.1731442663&gtm=45Pe4b70v9122446017za200zb865888577&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101823848~101925629~102077855
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-W6BZBTG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://nwecorp.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 20:17:42 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8TJV7DG7P1&cid=1938940886.1731442663&gtm=45Pe4b70v9122446017za200zb865888577&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101823848~101925629~102077855&tag_exp=101823848~101925629~102077855&z=1760162657
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 12 Nov 2024 20:17:42 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
track_visit.php
nationwideequities.ladesk.com/scripts/
511 B
284 B
Script
General
Full URL
https://nationwideequities.ladesk.com/scripts/track_visit.php?t=Y&C=Track&B=z02m437xiltu18nij2mkjtet2lq1n&S=nq97he1kkwidnmkaf96koxtcp2uau&pt=Welcome%20-%20Nationwide%20Equities&url=__S__nwecorp.com%2F&ref=&sr=1600x1200&ud=%7B%7D&vn=Y&ci=&jstk=Y
Requested by
Host: nationwideequities.ladesk.com
URL: https://nationwideequities.ladesk.com/scripts/track.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.10.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-10-85.compute-1.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
22841ee04c73243dafdba0450f0448ac9dab1571adc9c01acd25e64455df0cdb
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=15, public
content-encoding
gzip
pragma
age
0
x-content-type-options
nosniff, nosniff
via
1.1 varnish (prod-ue1)
expires
Tue, 12 Nov 2024 20:17:57 GMT
accept-ranges
bytes
x-varnish
13553098
date
Tue, 12 Nov 2024 20:17:42 GMT
content-type
application/javascript
last-modified
Tue, 12 Nov 2024 20:17:42 GMT
server
Apache/2.4.57 (Unix)
la-ver
5.50.5.13
generateWidget.php
nationwideequities.ladesk.com/scripts/ Frame D79B
0
0
Document
General
Full URL
https://nationwideequities.ladesk.com/scripts/generateWidget.php?v=5.50.5.13&t=1731186846&cwid=r49hy5oo&cwrt=C&pt=Welcome%20-%20Nationwide%20Equities&ref=https%3A%2F%2Fnwecorp.com%2F
Requested by
Host: nationwideequities.ladesk.com
URL: https://nationwideequities.ladesk.com/scripts/track.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.10.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-10-85.compute-1.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nwecorp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=31536000, public
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Nov 2024 20:17:43 GMT
expires
Wed, 01 Jan 2025 00:00:00 GMT
la-ver
5.50.5.13
last-modified
Tue, 01 Jan 2008 00:00:00 GMT
server
Apache/2.4.57 (Unix)
vary
Accept-Encoding
via
1.1 varnish (prod-ue1)
x-content-type-options
nosniff
x-varnish
11587815
pipe-gray-gradient.png
nationwideequities.ladesk.com/themes/install/_common_templates/img/cwpresets/
1011 B
1 KB
Image
General
Full URL
https://nationwideequities.ladesk.com/themes/install/_common_templates/img/cwpresets/pipe-gray-gradient.png
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.10.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-10-85.compute-1.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
aace582508a8ec80992f3053c86486ab5b837ede2cf03a7403e5d73fe05c0b83
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

vary
Accept-Encoding
etag
"3f3-625995a365c80"
age
0
x-content-type-options
nosniff
via
1.1 varnish (prod-ue1)
accept-ranges
bytes
x-varnish
16989751
content-length
1011
date
Tue, 12 Nov 2024 20:17:42 GMT
content-type
image/png
last-modified
Tue, 29 Oct 2024 08:27:14 GMT
server
Apache/2.4.57 (Unix)
la-ver
5.50.5.13
horizontal-white-triangle-01.png
nationwideequities.ladesk.com/themes/install/_common_templates/img/cwpresets/
1 KB
1 KB
Image
General
Full URL
https://nationwideequities.ladesk.com/themes/install/_common_templates/img/cwpresets/horizontal-white-triangle-01.png
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.10.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-10-85.compute-1.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
512899d0b04cfd09b2437b784246d1ea41615562311554d00cf4ccf0e6937611
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

vary
Accept-Encoding
etag
"474-625995a365c80"
age
0
x-content-type-options
nosniff
via
1.1 varnish (prod-ue1)
accept-ranges
bytes
x-varnish
11846284
content-length
1140
date
Tue, 12 Nov 2024 20:17:42 GMT
content-type
image/png
last-modified
Tue, 29 Oct 2024 08:27:14 GMT
server
Apache/2.4.57 (Unix)
la-ver
5.50.5.13
bus.html
5.ue1.vbus.apps.ladesk.com/5_50_5_13/scripts/lib/ Frame 9485
0
0
Document
General
Full URL
https://5.ue1.vbus.apps.ladesk.com/5_50_5_13/scripts/lib/bus.html?v=5.50.5.13
Requested by
Host: nationwideequities.ladesk.com
URL: https://nationwideequities.ladesk.com/scripts/track.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.196.14.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-14-45.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://nwecorp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
93
content-encoding
gzip
content-length
140
content-type
text/html; charset=utf-8
date
Tue, 12 Nov 2024 20:17:43 GMT
etag
W/"13b-6259959423880"
last-modified
Tue, 29 Oct 2024 08:26:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish (prod-ue1)
x-content-type-options
nosniff
x-varnish
17642047 13159740
collect
www.google-analytics.com/j/
3 B
418 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=664027370&t=pageview&_s=1&dl=https%3A%2F%2Fnwecorp.com%2F&ul=de-de&de=UTF-8&dt=Welcome%20-%20Nationwide%20Equities&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1016369486&gjid=1766980324&cid=1938940886.1731442663&tid=UA-45658048-1&_gid=1021696055.1731442663&_r=1&_slc=1&gtm=45He4b70n81WJ6CTLPv865888577za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629~102077854&npa=1&z=512716617
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://nwecorp.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 20:17:42 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://nwecorp.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
1023868751573115
connect.facebook.net/signals/config/
74 KB
15 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1023868751573115?v=2.9.176&r=stable&domain=nwecorp.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
2732c7cb71c14febbbea709e001956a7587916fc560e7cfcd0e1bc9cc23492dd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Nj4fbVvA' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 20:17:43 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Nj4fbVvA' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=13, rtx=0, c=66, mss=1348, tbw=67715, tp=-1, tpl=-1, uplat=159, ullat=0
pragma
public
x-fb-debug
7W4O5iolo1x3SLtotRcH/FCJnTlMmiwfnSpGBio8W0vqdCTzpZx7VCV975vi/QcUAPU7TX6Y2T8KmJsUyLFslg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/
0
273 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1023868751573115&ev=PageView&dl=https%3A%2F%2Fnwecorp.com&rl=&if=false&ts=1731442663124&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12316&fbp=fb.1.1731442663120.20748815860558557&pm=1&hrl=be4463&ler=empty&cdl=API_unavailable&it=1731442662929&coo=false&cs_cc=1&rqm=GET
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1348, tbw=2959, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 12 Nov 2024 20:17:43 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1023868751573115&ev=PageView&dl=https%3A%2F%2Fnwecorp.com&rl=&if=false&ts=1731442663124&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12316&fbp=fb.1.1731442663120.20748815860558557&pm=1&hrl=be4463&ler=empty&cdl=API_unavailable&it=1731442662929&coo=false&cs_cc=1&rqm=FGET
Requested by
Host: nwecorp.com
URL: https://nwecorp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7436489613498029673"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 20:17:43 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
bMZn7XoF5C9VHK3wKKhrdWdBqS+SqAMUtMAW+2CvUsGrQnV4Fod8gNmPYTTv+y2F1Qls6E6nivCz3PKEPI1sCg==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7436489613498029673", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=14, mss=1348, tbw=3276, tp=-1, tpl=-1, uplat=185, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
cropped-favicon-32x32.png
nwecorp.com/wp-content/uploads/2021/10/
1 KB
1 KB
Other
General
Full URL
https://nwecorp.com/wp-content/uploads/2021/10/cropped-favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.209.38.247 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
7f37ab993f0a56fce7b62d6d51d3dd64eda48e8844a00b359e8e2f6456125e27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

cache-control
private, max-age=2592000
referrer-policy
no-referrer-when-downgrade
expires
Thu, 12 Dec 2024 20:17:44 GMT
date
Tue, 12 Nov 2024 20:17:44 GMT
x-webp-convert-log
Serving converted file
content-type
image/webp
vary
Accept,X-Forwarded-Proto,Accept-Encoding
server
nginx
last-modified
Tue, 28 Dec 2021 17:56:50 GMT
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-8TJV7DG7P1&gtm=45Pe4b70v9122446017za200zb865888577&_p=1731442661612&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629~102077855&gdid=dZTNiMT&cid=1938940886.1731442663&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1731442662&sct=1&seg=0&dl=https%3A%2F%2Fnwecorp.com%2F&dt=Welcome%20-%20Nationwide%20Equities&en=scroll&epn.percent_scrolled=90&_et=18&tfd=11333
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-W6BZBTG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nwecorp.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://nwecorp.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 20:17:47 GMT
content-type
text/plain
server
Golfe2

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| regeneratorRuntime object| ccConsole function| getBrowserFingerprint boolean| ccinstalled object| a2a_config function| jQuery function| gtag object| dataLayer object| lazySizesConfig object| pum_vars object| pum_sub_vars object| pum_popups object| lazySizes object| a2a function| a2a_init object| PUM object| PUM_Accessibility object| PUM_Analytics function| pm_cookie function| pm_cookie_json function| pm_remove_cookie function| Waypoint string| ajaxurl object| pum function| FormSerializer object| bootstrap object| Modernizr object| google_tag_manager object| google_tag_data function| hashCode object| LiveAgentTrackerXD function| LiveAgent function| LiveAgentTracker string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal function| init_button_r49hy5oo object| widgets number| widgetsLength object| gaplugins object| gaData

9 Cookies

Domain/Path Name / Value
nwecorp.com/ Name: LaVisitorNew
Value: Y
.nwecorp.com/ Name: LaVisitorId_bmF0aW9ud2lkZWVxdWl0aWVzLmxhZGVzay5jb20v
Value: z02m437xiltu18nij2mkjtet2lq1n
nwecorp.com/ Name: LaSID
Value: nq97he1kkwidnmkaf96koxtcp2uau
.nwecorp.com/ Name: _gcl_au
Value: 1.1.2091317855.1731442662
.nwecorp.com/ Name: _ga_8TJV7DG7P1
Value: GS1.1.1731442662.1.0.1731442662.60.0.0
.nwecorp.com/ Name: _ga
Value: GA1.2.1938940886.1731442663
.nwecorp.com/ Name: _gid
Value: GA1.2.1021696055.1731442663
.nwecorp.com/ Name: _gat_UA-45658048-1
Value: 1
.nwecorp.com/ Name: _fbp
Value: fb.1.1731442663120.20748815860558557

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5.ue1.vbus.apps.ladesk.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
nationwideequities.ladesk.com
nwecorp.com
region1.analytics.google.com
static.addtoany.com
stats.g.doubleclick.net
www.clickcease.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.nwecorp.com
134.209.38.247
142.250.185.110
142.250.185.168
142.250.185.227
142.250.186.67
157.240.253.1
157.240.253.35
172.217.16.196
172.217.18.10
172.67.39.148
18.172.112.97
18.234.10.85
216.239.34.36
34.196.14.45
64.233.166.157
0dba6571cef550fa8620c6a696968379e3d179578db239f59cefbc74e9bee6fd
0ff89e5acb09e7e41cdbbac921d6e5fc533938009a3f886705190b166c044a1f
1aae0859bd282984ed066c3bb1ede5426ced8209b36e0ec8f13f98d5ea92f8f5
1c445d2ae619f3e88627f553bd2f0e8ed5c4470d0b94624aab47c529a16cc010
1cd3f28cdd95b9189601f65545a6fc9095734f3bf7d2f74f13e60d86fc86da77
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
22841ee04c73243dafdba0450f0448ac9dab1571adc9c01acd25e64455df0cdb
2732c7cb71c14febbbea709e001956a7587916fc560e7cfcd0e1bc9cc23492dd
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
43a35f2989e50e04cca73ad26e12e6226c628b09c14a4614bdf40122ff6a6b55
4510df0a5f2321275e4160d058fa3735f42ff9c5fcfd4876b5403b64def3f7c6
4fd55b67dfa8c74950a1f5ae219f97391ba2e8cb481f704750040fb8f80ab335
512899d0b04cfd09b2437b784246d1ea41615562311554d00cf4ccf0e6937611
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
5620fd3acd4874ee2d86b7cc4ac77997940fb53e8faf51aa640573805c71cfce
59eda655b2af9936e87548893472328efa781a853b01f4aa8aa2352ec330f05e
61f8c72add16b26504130f7bac616d5d0eca91946748273a95259ca2f8cc12e6
7a812b69ffc360efe0433e70801e2896424d2f102195a805a7cd198637a98f17
7f37ab993f0a56fce7b62d6d51d3dd64eda48e8844a00b359e8e2f6456125e27
82e509e9ec9682de42d681a95932015008f7a9339b65da833b2437d4f472c7ef
86d4e3bb895e6aa3fcdf65667e60638e894f0aa5089ed8e42fed4becba550b53
889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0
8dd51c7671ef84eedd36d7167fb0887eeac2c23c4396a087cf4f8c08334dc0d4
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
964601541a76922c4aaf65d9571dd64ca070fd6ddf909442fbbe204eda6bb5af
9820efbd16ef470fb8b301db4d4bc16896e548cde33bc0681bc41a72579e16c9
a62078429f202690e9572de95c242df21b3e27ab8f72ec73cf6454afe830f170
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aace582508a8ec80992f3053c86486ab5b837ede2cf03a7403e5d73fe05c0b83
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b0ed95185fec7963ac89c9e2c98f8a9e6c0808052088fef9440586d6ea90fedd
b411e0d531bd6c9c9a59285a3556b901bcc2cdb19f582cd27c9b30ca573cfeff
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ceb3cef0a5f894c7bf8bf167e867df717f5b6a569219b12d03e4365bcf623901
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ff150f56952d37c56bf0d2bd370ef01fa07d1000656ef9030b2566f7a7ac62
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f97f5a00286031ba708e9002e73430901c6911c21d119cc6f6cac4a144b2161b
fa2c31f1139ecdb4a5ee194df5b10f4844435639cdf791bebae6c49ee5b05089