Submitted URL: http://trans.edelweiss.co.in/YNUPGRJZM?id=25974=cU8IVFQBCFRXTFZVAQgKDAcLWgcHUg4CVlQBA1QCB1ECAQBRUAYGVlQIVlNSVl1QAw9FVQ5RWF9SR...
Effective URL: https://onboarding.nuvamawealth.com/
Submission: On February 24 via manual from IN — Scanned from DE

Summary

This website contacted 21 IPs in 6 countries across 18 domains to perform 42 HTTP transactions. The main IP is 52.222.214.54, located in United States and belongs to AMAZON-02, US. The main domain is onboarding.nuvamawealth.com.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on October 21st 2022. Valid for: a year.
This is the only time onboarding.nuvamawealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.117.197.73 396982 (GOOGLE-CL...)
7 52.222.214.54 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (STACKPATH...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2 142.250.74.198 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 142.250.186.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 212.82.100.181 34010 (YAHOO-IRD)
2 3 104.16.103.139 13335 (CLOUDFLAR...)
2 104.18.72.113 13335 (CLOUDFLAR...)
4 143.204.89.73 16509 (AMAZON-02)
3 2600:9000:225... 16509 (AMAZON-02)
2 52.222.236.27 16509 (AMAZON-02)
42 21
Apex Domain
Subdomains
Transfer
11 nuvamawealth.com
onboarding.nuvamawealth.com
capsapi.nuvamawealth.com
1 MB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
8696767.fls.doubleclick.net
3 KB
3 wzrkt.com
in.wzrkt.com — Cisco Umbrella Rank: 151590
2 KB
3 zopim.com
v2.zopim.com — Cisco Umbrella Rank: 9793
244 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 73
2 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 357
12 KB
2 cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
11 KB
2 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 1803
ekr.zdassets.com — Cisco Umbrella Rank: 2092
8 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 163
18 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 105
239 B
2 google.de
www.google.de — Cisco Umbrella Rank: 6149
563 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
137 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 466
7 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
136 KB
1 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1186
634 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
20 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 693
24 KB
1 edelweiss.co.in
trans.edelweiss.co.in
311 B
42 18
Domain Requested by
7 onboarding.nuvamawealth.com onboarding.nuvamawealth.com
4 capsapi.nuvamawealth.com onboarding.nuvamawealth.com
3 in.wzrkt.com onboarding.nuvamawealth.com
3 v2.zopim.com 2 redirects onboarding.nuvamawealth.com
3 bat.bing.com onboarding.nuvamawealth.com
bat.bing.com
2 d2r1yp2w7bby2u.cloudfront.net onboarding.nuvamawealth.com
2 www.googleadservices.com 8696767.fls.doubleclick.net
www.googleadservices.com
2 www.facebook.com onboarding.nuvamawealth.com
2 www.google.de onboarding.nuvamawealth.com
8696767.fls.doubleclick.net
2 www.google.com 1 redirects onboarding.nuvamawealth.com
2 8696767.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 connect.facebook.net onboarding.nuvamawealth.com
connect.facebook.net
2 s.yimg.com onboarding.nuvamawealth.com
s.yimg.com
2 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
2 www.googletagmanager.com onboarding.nuvamawealth.com
www.googletagmanager.com
1 ekr.zdassets.com v2.zopim.com
1 static.zdassets.com onboarding.nuvamawealth.com
1 sp.analytics.yahoo.com onboarding.nuvamawealth.com
1 adservice.google.com 8696767.fls.doubleclick.net
1 www.google-analytics.com www.googletagmanager.com
1 code.jquery.com onboarding.nuvamawealth.com
1 trans.edelweiss.co.in 1 redirects
42 22

This site contains no links.

Subject Issuer Validity Valid
*.nuvamawealth.com
GlobalSign RSA OV SSL CA 2018
2022-10-21 -
2023-11-22
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-01-19 -
2023-03-08
2 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02
2023-02-16 -
2023-08-16
6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-01-10 -
2023-03-03
2 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
www.google.com
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
www.google.de
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.google.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-01-03 -
2023-06-28
6 months crt.sh
zdassets.com
Cloudflare Inc ECC CA-3
2022-11-10 -
2023-11-09
a year crt.sh
in.wzrkt.com
Amazon
2022-04-06 -
2023-05-05
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh

This page contains 3 frames:

Primary Page: https://onboarding.nuvamawealth.com/
Frame ID: 6B9BE911D565D3F3E42917044BAD9AF3
Requests: 35 HTTP requests in this frame

Frame: https://8696767.fls.doubleclick.net/activityi;dc_pre=CK-F_JvHrf0CFRZnGQodBX4McQ;src=8696767;type=invmedia;cat=edelw000;ord=3542923751693;gtm=45fe32m0;auiddc=412537750.1677221026;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F
Frame ID: 8F14DB543F0A7D749ABEFAA7D2180DFD
Requests: 5 HTTP requests in this frame

Frame: data://truncated
Frame ID: BD558C08B9C6AAC891420748DA643070
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Nuvama

Page URL History Show full URLs

  1. http://trans.edelweiss.co.in/YNUPGRJZM?id=25974=cU8IVFQBCFRXTFZVAQgKDAcLWgcHUg4CVlQBA1QCB1ECAQBRUAYGVlQIV... HTTP 302
    https://onboarding.nuvamawealth.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • v2\.zopim\.com

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

90 %
HTTPS

57 %
IPv6

18
Domains

22
Subdomains

21
IPs

6
Countries

2115 kB
Transfer

4335 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://trans.edelweiss.co.in/YNUPGRJZM?id=25974=cU8IVFQBCFRXTFZVAQgKDAcLWgcHUg4CVlQBA1QCB1ECAQBRUAYGVlQIVlNSVl1QAw9FVQ5RWF9SRVNQUxhIHXJHWxdIV14OHwFTVAMACQADDgwFUQMBCAMGSlxDFRZeHRxMFgdaQk0GVAAPQ1VQRkEXWllIXVgeanljZHAzLD5/DFEAGkIC&fl=WkdMFBUOHkwMXgcMVUJdXFxeF1gTQldcUkBTVVsVDkpRXFVL HTTP 302
    https://onboarding.nuvamawealth.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://8696767.fls.doubleclick.net/activityi;src=8696767;type=invmedia;cat=edelw000;ord=3542923751693;gtm=45fe32m0;auiddc=412537750.1677221026;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F HTTP 302
  • https://8696767.fls.doubleclick.net/activityi;dc_pre=CK-F_JvHrf0CFRZnGQodBX4McQ;src=8696767;type=invmedia;cat=edelw000;ord=3542923751693;gtm=45fe32m0;auiddc=412537750.1677221026;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F
Request Chain 23
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/800386472/?random=190111222&cv=9&fst=1677221026739&num=1&npa=1&label=kqBBCMrtpYgDEKjb0_0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8696767.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCK-F_JvHrf0CFRZnGQodBX4McQ%3Bsrc%3D8696767%3Btype%3Dinvmedia%3Bcat%3Dedelw000%3Bord%3D3542923751693%3Bgtm%3D45fe32m0%3Bauiddc%3D412537750.1677221026%3B~oref%3Dhttps%253A%252F%252Fonboarding.nuvamawealth.com%252F%3F&ref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=olz4Y8ubLtzWmLAPtIKMuAY&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/800386472/?random=190111222&cv=9&fst=1677221026739&num=1&npa=1&label=kqBBCMrtpYgDEKjb0_0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8696767.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCK-F_JvHrf0CFRZnGQodBX4McQ%3Bsrc%3D8696767%3Btype%3Dinvmedia%3Bcat%3Dedelw000%3Bord%3D3542923751693%3Bgtm%3D45fe32m0%3Bauiddc%3D412537750.1677221026%3B~oref%3Dhttps%253A%252F%252Fonboarding.nuvamawealth.com%252F%3F&ref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=olz4Y8ubLtzWmLAPtIKMuAY&cid=CAQSKQDUE5ymT1ciP3g98jc7cHRzoVdz_HG7TobdmGcmkk4o--BcGzepL031&random=388940416&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/800386472/?random=190111222&cv=9&fst=1677221026739&num=1&npa=1&label=kqBBCMrtpYgDEKjb0_0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8696767.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCK-F_JvHrf0CFRZnGQodBX4McQ%3Bsrc%3D8696767%3Btype%3Dinvmedia%3Bcat%3Dedelw000%3Bord%3D3542923751693%3Bgtm%3D45fe32m0%3Bauiddc%3D412537750.1677221026%3B~oref%3Dhttps%253A%252F%252Fonboarding.nuvamawealth.com%252F%3F&ref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=olz4Y8ubLtzWmLAPtIKMuAY&cid=CAQSKQDUE5ymT1ciP3g98jc7cHRzoVdz_HG7TobdmGcmkk4o--BcGzepL031&random=388940416&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Request Chain 24
  • https://v2.zopim.com/?41MH0WLFP1PIiJh5X3GVaJmPkKi5A6EP HTTP 302
  • https://static.zdassets.com/ekr/asset_composer.js
Request Chain 34
  • https://v2.zopim.com/w?41MH0WLFP1PIiJh5X3GVaJmPkKi5A6EP HTTP 302
  • https://v2.zopim.com/bin/v/widget_v2.334.js

42 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
onboarding.nuvamawealth.com/
Redirect Chain
  • http://trans.edelweiss.co.in/YNUPGRJZM?id=25974=cU8IVFQBCFRXTFZVAQgKDAcLWgcHUg4CVlQBA1QCB1ECAQBRUAYGVlQIVlNSVl1QAw9FVQ5RWF9SRVNQUxhIHXJHWxdIV14OHwFTVAMACQADDgwFUQMBCAMGSlxDFRZeHRxMFgdaQk0GVAAPQ1VQR...
  • https://onboarding.nuvamawealth.com/
3 KB
4 KB
Document
General
Full URL
https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-54.fra56.r.cloudfront.net
Software
Microsoft-IIS/8.5 /
Resource Hash
f881fd7a9ee8be6acdd9cfc7f8a9a6f981198be3daf2b50b1025f31f95f30f22

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
3488
content-type
text/html
date
Fri, 24 Feb 2023 06:43:45 GMT
etag
"5e9d6b72ec32d91:0"
last-modified
Sat, 28 Jan 2023 07:45:09 GMT
server
Microsoft-IIS/8.5
vary
Accept-Encoding
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
x-amz-cf-id
iKnHc8BDEv5IM7I_JR9xbTMNElNpbR7LhUC_xfcvg5kaY85EGse8zQ==
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront

Redirect headers

Content-Type
text/html
Date
Fri, 24 Feb 2023 06:43:44 GMT
Location
https://onboarding.nuvamawealth.com/
Server
nginx
Strict-Transport-Security
max-age=7200
Transfer-Encoding
chunked
Via
1.1 google
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
jquery-3.4.1.slim.min.js
code.jquery.com/
69 KB
24 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.4.1.slim.min.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f

Request headers

Referer
https://onboarding.nuvamawealth.com/
Origin
https://onboarding.nuvamawealth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:43:45 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-1157d"
vary
Accept-Encoding
x-hw
1677221025.dop056.fr8.t,1677221025.cds290.fr8.hn,1677221025.cds326.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
24328
2.c61ffb77.chunk.css
onboarding.nuvamawealth.com/static/css/
4 KB
4 KB
Stylesheet
General
Full URL
https://onboarding.nuvamawealth.com/static/css/2.c61ffb77.chunk.css
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-54.fra56.r.cloudfront.net
Software
Microsoft-IIS/8.5 /
Resource Hash
ed5eec662b27f7c117c1536a39f5b625803802584062245468a9558fea0aa336

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:43:45 GMT
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
last-modified
Sat, 28 Jan 2023 07:45:09 GMT
server
Microsoft-IIS/8.5
x-amz-cf-pop
FRA56-P3
etag
"e7896b72ec32d91:0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
3790
x-amz-cf-id
59e3Tk48bsxk7uh2hetlWG-y5rgm-eUjCFcEfuhaKcaU-35fng5CeQ==
main.74beff27.chunk.css
onboarding.nuvamawealth.com/static/css/
177 KB
178 KB
Stylesheet
General
Full URL
https://onboarding.nuvamawealth.com/static/css/main.74beff27.chunk.css
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-54.fra56.r.cloudfront.net
Software
Microsoft-IIS/8.5 /
Resource Hash
1d495b44495409a61717a45e86717e1b860bec17610f726adcff7a500e6b7364

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:43:45 GMT
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
last-modified
Sat, 28 Jan 2023 07:45:09 GMT
server
Microsoft-IIS/8.5
x-amz-cf-pop
FRA56-P3
etag
"97f26a72ec32d91:0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
181655
x-amz-cf-id
IFhV5FsuKlxC7Kfkpb3UNxDMJwq4cPNirxcdReEMMBT2tWYIVzWRsg==
2.49b29dd0.chunk.js
onboarding.nuvamawealth.com/static/js/
440 KB
441 KB
Script
General
Full URL
https://onboarding.nuvamawealth.com/static/js/2.49b29dd0.chunk.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-54.fra56.r.cloudfront.net
Software
Microsoft-IIS/8.5 /
Resource Hash
3943ced17e3e77e5606dd8c3aa73c7405cb17b71c4ebaddb306d6b181f8ca994

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:43:45 GMT
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
last-modified
Sat, 28 Jan 2023 07:45:09 GMT
server
Microsoft-IIS/8.5
x-amz-cf-pop
FRA56-P3
etag
"5e9d6b72ec32d91:0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
450843
x-amz-cf-id
v8SP6dIEyA08rU_9jAZ4ZhG6T0LpRNbddhw8n0eL_shbJzRSAioCCQ==
main.f5939583.chunk.js
onboarding.nuvamawealth.com/static/js/
586 KB
587 KB
Script
General
Full URL
https://onboarding.nuvamawealth.com/static/js/main.f5939583.chunk.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-54.fra56.r.cloudfront.net
Software
Microsoft-IIS/8.5 /
Resource Hash
42f6d50e37d9f753f598b66b1bd285d568bf831fed110a625615ccf48956c156

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:43:45 GMT
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
last-modified
Sat, 28 Jan 2023 07:45:09 GMT
server
Microsoft-IIS/8.5
x-amz-cf-pop
FRA56-P3
etag
"c486b72ec32d91:0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
599770
x-amz-cf-id
BJe4lOHfFNvb9wP2AuklVeEE4tZq0NYj0_2NV3hTmu1IbKTCD1ZtTA==
gtm.js
www.googletagmanager.com/
296 KB
92 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-52S6X2
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a0c39796dd28866d18392144380ef9282457bb4a76da2d279566c933a0915c1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:43:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93987
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 24 Feb 2023 06:43:45 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S6X2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Feb 2023 04:54:44 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6542
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 24 Feb 2023 06:54:44 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/994734298/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994734298/?random=1677221026088&cv=11&fst=1677221026088&bg=ffffff&guid=ON&async=1&gtm=45He32m0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fonboarding.nuvamawealth.com%2F&tiba=Nuvama&auid=412537750.1677221026&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S6X2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09a51948fba50985c8e58868735063f2b292c2c5ab4f3792565e378c4618eb36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 06:43:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
852
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ytc.js
s.yimg.com/wi/
16 KB
6 KB
Script
General
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:42:53 GMT
x-amz-version-id
.QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
N8M3EDPE463W1NX5
age
54
x-amz-server-side-encryption
AES256
x-amz-id-2
A8KWRTm7oWbU4DHA7DdwxGXT0OBTf73q8YQf5mLPdTOvIC2+6VwFfN38Ojs/gtxyMf8qKkYUKFo=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Tue, 14 Jun 2022 12:21:31 GMT
server
ATS
etag
"6a624022b5d271dcefb070b0b6670abc-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
bat.js
bat.bing.com/
40 KB
12 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 24 Feb 2023 06:43:45 GMT
last-modified
Thu, 16 Feb 2023 18:31:53 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5BD68946403040D5ADD6FD1D2E9C5ED6 Ref B: FRAEDGE2015 Ref C: 2023-02-24T06:43:46Z
etag
"8072cff03442d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11894
js
www.googletagmanager.com/gtag/
112 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8696767
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S6X2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b2bbc97da7502db2b56b95d4df0999e7dbbc9be11b5f87ae1228d9c68088338a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:43:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44753
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 24 Feb 2023 06:43:46 GMT
fbevents.js
connect.facebook.net/en_US/
106 KB
28 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 24 Feb 2023 06:43:46 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27843
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
sVosukfHnWZhIp/tgemxqQyS5WDuFoQ5oOQSrHRWBtEiPOVZU+7YDOe5rMgzZwASBOJiBuPpoxCq91eiCgYkow==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
516773232307253
connect.facebook.net/signals/config/
378 KB
108 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/516773232307253?v=2.9.97&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cca3d75672ed655b4231f517610d6f5cd68ed2f53cec89e625a6b35dd0c09461
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 24 Feb 2023 06:43:46 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
2uuYKMEh9xCVgv2yZIsrpKLRFT7XAiQWJ6ftGuTzH9kqFc8Xc1TVE1BIdt9kdGinExlFXF0sFl3+tJ5fW0p43w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
5550104.js
bat.bing.com/p/action/
0
116 B
Script
General
Full URL
https://bat.bing.com/p/action/5550104.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Fri, 24 Feb 2023 06:43:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 083F1CDE403E43BA8BE562655A337882 Ref B: FRAEDGE2015 Ref C: 2023-02-24T06:43:46Z
x-cache
CONFIG_NOCACHE
activityi;dc_pre=CK-F_JvHrf0CFRZnGQodBX4McQ;src=8696767;type=invmedia;cat=edelw000;ord=3542923751693;gtm=45fe32m0;auiddc=412537750.1677221026;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F
8696767.fls.doubleclick.net/ Frame 8F14
Redirect Chain
  • https://8696767.fls.doubleclick.net/activityi;src=8696767;type=invmedia;cat=edelw000;ord=3542923751693;gtm=45fe32m0;auiddc=412537750.1677221026;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F?
  • https://8696767.fls.doubleclick.net/activityi;dc_pre=CK-F_JvHrf0CFRZnGQodBX4McQ;src=8696767;type=invmedia;cat=edelw000;ord=3542923751693;gtm=45fe32m0;auiddc=412537750.1677221026;~oref=https%3A%2F%2...
1 KB
833 B
Document
General
Full URL
https://8696767.fls.doubleclick.net/activityi;dc_pre=CK-F_JvHrf0CFRZnGQodBX4McQ;src=8696767;type=invmedia;cat=edelw000;ord=3542923751693;gtm=45fe32m0;auiddc=412537750.1677221026;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8696767
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
cafe /
Resource Hash
b8e4068a6a4164748970fbcd33f0814eaf59308a94ca2d634d8e8ae35dc08ea4
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onboarding.nuvamawealth.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
495
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Feb 2023 06:43:46 GMT
expires
Fri, 24 Feb 2023 06:43:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Feb 2023 06:43:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8696767.fls.doubleclick.net/activityi;dc_pre=CK-F_JvHrf0CFRZnGQodBX4McQ;src=8696767;type=invmedia;cat=edelw000;ord=3542923751693;gtm=45fe32m0;auiddc=412537750.1677221026;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
10017891.json
s.yimg.com/wi/config/
2 B
486 B
XHR
General
Full URL
https://s.yimg.com/wi/config/10017891.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:43:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
9DJY485MVHD4JQ9V
age
0
content-length
22
x-amz-id-2
bQnQR82fiJCuN6kYJa2AD+HG6VmnaSUIc8Z1cFRd2Xv4aNC8OMCDmKLfhQh9DiXfAy9KPhO75nk=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
/
www.google.com/pagead/1p-user-list/994734298/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/994734298/?random=1677221026088&cv=11&fst=1677218400000&bg=ffffff&guid=ON&async=1&gtm=45He32m0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fonboarding.nuvamawealth.com%2F&tiba=Nuvama&fmt=3&is_vtc=1&random=2511393577&rmt_tld=0&ipr=y
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 06:43:46 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/994734298/
42 B
455 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/994734298/?random=1677221026088&cv=11&fst=1677218400000&bg=ffffff&guid=ON&async=1&gtm=45He32m0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fonboarding.nuvamawealth.com%2F&tiba=Nuvama&fmt=3&is_vtc=1&random=2511393577&rmt_tld=1&ipr=y
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 06:43:46 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=516773232307253&ev=PageView&dl=https%3A%2F%2Fonboarding.nuvamawealth.com%2F&rl=&if=false&ts=1677221026519&sw=1600&sh=1200&v=2.9.97&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1677221026518.1423446833&it=1677221026132&coo=false&rqm=GET
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 24 Feb 2023 06:43:46 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
conversion.js
www.googleadservices.com/pagead/ Frame 8F14
45 KB
17 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 8696767.fls.doubleclick.net
URL: https://8696767.fls.doubleclick.net/activityi;dc_pre=CK-F_JvHrf0CFRZnGQodBX4McQ;src=8696767;type=invmedia;cat=edelw000;ord=3542923751693;gtm=45fe32m0;auiddc=412537750.1677221026;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ab60df6b60e2d9c6eb41d43c3c97b97419384c2fde934bf655e73e59ca237b41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8696767.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:43:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16998
x-xss-protection
0
server
cafe
etag
6765087244414729774
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 24 Feb 2023 06:43:46 GMT
dc_pre=CK-F_JvHrf0CFRZnGQodBX4McQ;src=8696767;type=invmedia;cat=edelw000;ord=3542923751693;gtm=45fe32m0;auiddc=*;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F
adservice.google.com/ddm/fls/z/ Frame 8F14
42 B
401 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CK-F_JvHrf0CFRZnGQodBX4McQ;src=8696767;type=invmedia;cat=edelw000;ord=3542923751693;gtm=45fe32m0;auiddc=*;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F
Requested by
Host: 8696767.fls.doubleclick.net
URL: https://8696767.fls.doubleclick.net/activityi;dc_pre=CK-F_JvHrf0CFRZnGQodBX4McQ;src=8696767;type=invmedia;cat=edelw000;ord=3542923751693;gtm=45fe32m0;auiddc=412537750.1677221026;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8696767.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 06:43:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sp.pl
sp.analytics.yahoo.com/
43 B
634 B
Image
General
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2024%20Feb%202023%2006%3A43%3A46%20GMT&n=0&b=Nuvama&.yp=10017891&f=https%3A%2F%2Fonboarding.nuvamawealth.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 06:43:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Fri, 24 Feb 2023 06:43:46 GMT
/
www.googleadservices.com/pagead/conversion/800386472/ Frame 8F14
2 KB
1 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/800386472/?random=1677221026739&cv=9&fst=1677221026739&num=1&npa=1&label=kqBBCMrtpYgDEKjb0_0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8696767.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCK-F_JvHrf0CFRZnGQodBX4McQ%3Bsrc%3D8696767%3Btype%3Dinvmedia%3Bcat%3Dedelw000%3Bord%3D3542923751693%3Bgtm%3D45fe32m0%3Bauiddc%3D412537750.1677221026%3B~oref%3Dhttps%253A%252F%252Fonboarding.nuvamawealth.com%252F%3F&ref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a1d5044fbcb5eaca2fa1d5806d857ecf850931613bf482c4b1dd68437e8bcb76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8696767.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 06:43:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1182
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/800386472/ Frame 8F14
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/800386472/?random=190111222&cv=9&fst=1677221026739&num=1&npa=1&label=kqBBCMrtpYgDEKjb0_0C&guid=ON&resp=GooglemKTybQhCsO&eid=37560326...
  • https://www.google.com/pagead/1p-conversion/800386472/?random=190111222&cv=9&fst=1677221026739&num=1&npa=1&label=kqBBCMrtpYgDEKjb0_0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926&u_h=120...
  • https://www.google.de/pagead/1p-conversion/800386472/?random=190111222&cv=9&fst=1677221026739&num=1&npa=1&label=kqBBCMrtpYgDEKjb0_0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926&u_h=1200...
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/800386472/?random=190111222&cv=9&fst=1677221026739&num=1&npa=1&label=kqBBCMrtpYgDEKjb0_0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8696767.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCK-F_JvHrf0CFRZnGQodBX4McQ%3Bsrc%3D8696767%3Btype%3Dinvmedia%3Bcat%3Dedelw000%3Bord%3D3542923751693%3Bgtm%3D45fe32m0%3Bauiddc%3D412537750.1677221026%3B~oref%3Dhttps%253A%252F%252Fonboarding.nuvamawealth.com%252F%3F&ref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=olz4Y8ubLtzWmLAPtIKMuAY&cid=CAQSKQDUE5ymT1ciP3g98jc7cHRzoVdz_HG7TobdmGcmkk4o--BcGzepL031&random=388940416&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Requested by
Host: 8696767.fls.doubleclick.net
URL: https://8696767.fls.doubleclick.net/activityi;dc_pre=CK-F_JvHrf0CFRZnGQodBX4McQ;src=8696767;type=invmedia;cat=edelw000;ord=3542923751693;gtm=45fe32m0;auiddc=412537750.1677221026;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F?
Protocol
H2
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8696767.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 06:43:46 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Feb 2023 06:43:46 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/800386472/?random=190111222&cv=9&fst=1677221026739&num=1&npa=1&label=kqBBCMrtpYgDEKjb0_0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8696767.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCK-F_JvHrf0CFRZnGQodBX4McQ%3Bsrc%3D8696767%3Btype%3Dinvmedia%3Bcat%3Dedelw000%3Bord%3D3542923751693%3Bgtm%3D45fe32m0%3Bauiddc%3D412537750.1677221026%3B~oref%3Dhttps%253A%252F%252Fonboarding.nuvamawealth.com%252F%3F&ref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=olz4Y8ubLtzWmLAPtIKMuAY&cid=CAQSKQDUE5ymT1ciP3g98jc7cHRzoVdz_HG7TobdmGcmkk4o--BcGzepL031&random=388940416&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
asset_composer.js
static.zdassets.com/ekr/
Redirect Chain
  • https://v2.zopim.com/?41MH0WLFP1PIiJh5X3GVaJmPkKi5A6EP
  • https://static.zdassets.com/ekr/asset_composer.js
23 KB
7 KB
Script
General
Full URL
https://static.zdassets.com/ekr/asset_composer.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:43:47 GMT
x-amz-version-id
57KHzv0Z81imwMa0XxScJAmcLiHhq1Ku
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
KXD0Q38HQ9B8HZ6T
age
16
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
uDy3kEFdQIOdTXYEc+nfT1ZtqpFsXAQ18Hu9c/1P/vGgVXtZg/maWal5FIy4oGV3KFetNXD1GM/ffZY7NXY5uw==
last-modified
Thu, 28 Jul 2022 23:44:02 GMT
server
cloudflare
etag
W/"5cae6ce528dce0c327b2bcbaad459fdb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gsFDamyeFetgvqgaOtqFWUJ9SK9bbuw%2FQlMvCjR0WvTkoO4P9IV3NbL8XrlvQ33XZ0z9GLeFHs44x9mDgVMOz39WCT2U40xiSiCzn2HDZmqSB5zDA8pkHaJg6SmpkOV7ZOF954Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
cf-ray
79e63a9f2acd35eb-FRA

Redirect headers

location
https://static.zdassets.com/ekr/asset_composer.js
date
Fri, 24 Feb 2023 06:43:47 GMT
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server
cloudflare
cf-ray
79e63a9efcc99a33-FRA
vary
Accept-Encoding
expires
Thu, 01 Jan 1970 00:00:01 GMT
Nuvama_Identity_RGB_Positive.607aa283.jpg
onboarding.nuvamawealth.com/static/media/
90 KB
90 KB
Image
General
Full URL
https://onboarding.nuvamawealth.com/static/media/Nuvama_Identity_RGB_Positive.607aa283.jpg
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-54.fra56.r.cloudfront.net
Software
Microsoft-IIS/8.5 /
Resource Hash
334792603e185228465fe1600d535be07b105133ea2b84c3df86f4d120dd1b07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:43:47 GMT
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
last-modified
Sat, 28 Jan 2023 07:45:09 GMT
server
Microsoft-IIS/8.5
x-amz-cf-pop
FRA56-P3
etag
"8f846672ec32d91:0"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
91886
x-amz-cf-id
92SSBfAK7P9gn9tHXObhc8girtsthz6IcBSthN6p572BHZR_0Jiijg==
regBanner.61a6dd18.jpeg
onboarding.nuvamawealth.com/static/media/
0
0

GetCity
capsapi.nuvamawealth.com/DIYAPI/api/MastersData/ Frame
0
0
Preflight
General
Full URL
https://capsapi.nuvamawealth.com/DIYAPI/api/MastersData/GetCity
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-73.fra50.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
api-key,content-type
Access-Control-Request-Method
GET
Origin
https://onboarding.nuvamawealth.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers
api-key,content-type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
date
Fri, 24 Feb 2023 06:43:47 GMT
server
Microsoft-IIS/8.5
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id
lbeXMeAz6RQfmZ-atNk69GWO5qe9ahGRWsvYFzySMhX7uZxJB8QgiA==
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-powered-by
ASP.NET
GetCity
capsapi.nuvamawealth.com/DIYAPI/api/MastersData/
784 KB
130 KB
Fetch
General
Full URL
https://capsapi.nuvamawealth.com/DIYAPI/api/MastersData/GetCity
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/static/js/main.f5939583.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-73.fra50.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4d5823cae31104e8110e7f664af2694847c54cb0d1b1cbe4b146dbb58a0a62d2

Request headers

Referer
https://onboarding.nuvamawealth.com/
api-key
c41121ed-b6fb-c9a6-bc9b-574c82929e7e
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Feb 2023 22:19:40 GMT
content-encoding
br
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
server
Microsoft-IIS/8.5
x-amz-cf-pop
FRA50-C1
age
30248
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-amz-cf-id
mXW1-Rz3hGHILrogNfx6uBCb6HqFcYt0vl0aA_F2U24L8pjTJ6_dIg==
Errormessages
capsapi.nuvamawealth.com/DIYAPI/api/MastersData/
7 KB
2 KB
Fetch
General
Full URL
https://capsapi.nuvamawealth.com/DIYAPI/api/MastersData/Errormessages
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/static/js/main.f5939583.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-73.fra50.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c65ae43341647b2a18074905d205535bae98322f0c21d89b23888d1d588733a0

Request headers

Referer
https://onboarding.nuvamawealth.com/
api-key
c41121ed-b6fb-c9a6-bc9b-574c82929e7e
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 24 Feb 2023 06:43:47 GMT
content-encoding
br
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
server
Microsoft-IIS/8.5
x-amz-cf-pop
FRA50-C1
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-amz-cf-id
I4tb_OsQapDbW-WDV1VlMsoTXCRafmYxfGjfMXkAA2JrkrCDflBuUQ==
clevertap.js
onboarding.nuvamawealth.com/lib/
42 KB
43 KB
Script
General
Full URL
https://onboarding.nuvamawealth.com/lib/clevertap.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/static/js/main.f5939583.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-54.fra56.r.cloudfront.net
Software
Microsoft-IIS/8.5 /
Resource Hash
9cc4ec8ad664968577c80aa7105c2d2e849906fa95b8b8c92004c80f18f2692f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:43:47 GMT
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
last-modified
Wed, 15 Dec 2021 09:58:11 GMT
server
Microsoft-IIS/8.5
x-amz-cf-pop
FRA56-P3
etag
"6e6be9449af1d71:0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
43433
x-amz-cf-id
zkdcb6SUXdTdr_GfPqHXz06p1cMz0PnHe2JWhxL0doFv4n2dcF95xw==
Errormessages
capsapi.nuvamawealth.com/DIYAPI/api/MastersData/ Frame
0
0
Preflight
General
Full URL
https://capsapi.nuvamawealth.com/DIYAPI/api/MastersData/Errormessages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-73.fra50.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
api-key,content-type
Access-Control-Request-Method
POST
Origin
https://onboarding.nuvamawealth.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers
api-key,content-type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
date
Fri, 24 Feb 2023 06:43:47 GMT
server
Microsoft-IIS/8.5
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id
lcV-g7xVO9OsD1WCu9hiJd289H5ImXIAErkSJrcQnXcM3p-WyzYWuA==
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-powered-by
ASP.NET
0
bat.bing.com/action/
0
286 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5550104&Ver=2&mid=9c617a55-ca27-42a1-86c4-59b34af36ab6&sid=9722ba30b40e11ed8886fb0796e72b68&vid=9722c0a0b40e11ed8c86993c7f6c23e4&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Nuvama&p=https%3A%2F%2Fonboarding.nuvamawealth.com%2F&r=&lt=2842&evt=pageLoad&sv=1&rn=223384
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 24 Feb 2023 06:43:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7A9DA2829CA64BE18B064B8956C5182C Ref B: FRAEDGE2015 Ref C: 2023-02-24T06:43:47Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
41MH0WLFP1PIiJh5X3GVaJmPkKi5A6EP
ekr.zdassets.com/compose/zopim_chat/
193 B
1003 B
XHR
General
Full URL
https://ekr.zdassets.com/compose/zopim_chat/41MH0WLFP1PIiJh5X3GVaJmPkKi5A6EP
Requested by
Host: v2.zopim.com
URL: https://v2.zopim.com/?41MH0WLFP1PIiJh5X3GVaJmPkKi5A6EP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb0e234d1e9f5a9cdf9d4a2deff29d9bbd1729826ac477f418a8055736c0c26e
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:43:47 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
status
200 OK
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
79e63a9f7f262c1a-SEA, 79e63a9f7f262c1a-SEA
x-runtime
0.002565
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"bb0e234d1e9f5a9cdf9d4a2deff29d9b"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdkWdQc9xrMEIgDJ8va7WOwJvKNNBYS74Ot0WT7qCZi1yNPsw%2Bw2trHxSkQIkLG3spN4o90ne4xB10YGjgGOQcnU7i1DZvsAZfrId3DcExs6yjiqupHg%2FHMuy94BIorgxDA%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
vary
Origin, Accept-Encoding
cf-ray
79e63a9f7f262c1a-FRA
widget_v2.334.js
v2.zopim.com/bin/v/
Redirect Chain
  • https://v2.zopim.com/w?41MH0WLFP1PIiJh5X3GVaJmPkKi5A6EP
  • https://v2.zopim.com/bin/v/widget_v2.334.js
1 MB
244 KB
Script
General
Full URL
https://v2.zopim.com/bin/v/widget_v2.334.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Server
104.16.103.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84fd53c6a8ac1f66c4166ec099766a4cff3eb93f3ab1a4d51e60cbdcc1a86ff4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:43:47 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 27 Jul 2022 03:35:19 GMT
server
cloudflare
age
1312168
etag
W/"62e0b277-10301f"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=315360000
cf-ray
79e63aa0cee09a33-FRA
expires
Mon, 21 Feb 2033 06:43:47 GMT

Redirect headers

date
Fri, 24 Feb 2023 06:43:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
etag
"62e9bace-0"
content-type
application/octet-stream
location
https://v2.zopim.com/bin/v/widget_v2.334.js
cache-control
max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
cf-ray
79e63aa0aec29a33-FRA
content-length
0
expires
Fri, 24 Feb 2023 10:43:47 GMT
/
www.facebook.com/tr/
0
54 B
Image
General
Full URL
https://www.facebook.com/tr/?id=516773232307253&ev=Microdata&dl=https%3A%2F%2Fonboarding.nuvamawealth.com%2F&rl=&if=false&ts=1677221028024&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Nuvama%22%2C%22meta%3Adescription%22%3A%22Nuvama%20Account%20Opening%20Application%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.97&r=stable&ec=1&o=30&fbp=fb.1.1677221026518.1423446833&it=1677221026132&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 24 Feb 2023 06:43:48 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
truncated
/ Frame BD55
13 KB
13 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2d83ad40a286051bd88ec3207cfeccf2e94ad85e777d9fe84708256f37ace14

Request headers

Referer
Origin
https://onboarding.nuvamawealth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
application/font-woff
a
in.wzrkt.com/
316 B
833 B
Script
General
Full URL
https://in.wzrkt.com/a?t=94&type=push&d=N4IgLgngDgpiBcIoCcD2AzAlgGzgGiTS1wVAGMwB9VKMVAVzAXQENsBnGAXwMwBMEIAGwBpAJwBaEQHUA7BNkAWAKwAtEASgBzBAEYuQAAA%3D&optOut=false&rn=1&i=1677221028&sn=0&r=1677221028337
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/lib/clevertap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:d000:16:152c:ba40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
46ac29e6f6472f3575be1c17c6844e7c555f4b6f82dd378fb985f09c36d9974d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Feb 2023 06:43:48 GMT
Strict-Transport-Security
max-age=31536000;includeSubDomains;preload
Content-Encoding
gzip
Via
1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript;charset=utf-8
Vary
Accept-Encoding, User-Agent
X-Cache
Miss from cloudfront
Cache-Control
no-cache, no-store, no-cache, no-store
Connection
keep-alive
X-Amz-Cf-Id
jeiYZqcPIwstihfToeaCIDLJG1BoThB8KyI3Uof3SsVpFpnltqs15A==
Expires
0
a
in.wzrkt.com/
268 B
822 B
Script
General
Full URL
https://in.wzrkt.com/a?t=94&type=push&d=N4IgLgngDgpiBcIYDcYDswgDROWAcgIYC2ci%2BMA7gPoCCAxvQPYCuG1A8rGgJZoDmAAgA%2BggDIxCAE2oAFQvxgjBAZTAwo1NYQBOmHCjAARQmEIJQAUVQYipBCAo0GzNmE7c%2BQ0ROlyFSqJqGlpmetggAKoAKgCyWhyRAEoAwpYOETHxsZZGAJKRsRk4WdQptLGytHkA4vjFICksOjroYPKKDgAWYGBQAM7wAPRDTGgARky6Ul4AdGgsyCSElJIANmBds8zEQxGya6YAZkw6xA4A6jDj%2FTzq1EYw%2FQDWYExQIAC%2BODxSDgBsAGkAJwAWkBFwA7KDIQAWACsAC0IlB%2BAgAIw4C6IpKAsoVWQWECUYgfeAABhwYDW9AQAG0ALqfT5AAA%3D%3D&rn=2&i=1677221028&sn=0&gc=82346b9b763c4580b1bda15661b6c248&arp=N4IgVg%2BgdiBcIC0DuBeFIA0ICW06IHUBGMAUwEUBBAEUvIFV0sATCAFwGc4AGFgCx5YAbnCJZIXeMAAEAX0w5m%2BAGwBpAJwBaVQQDsm3QBYArAgWl2k3iABOl0ct26ATM6LdnADllAA%3D&r=1677221028542
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/lib/clevertap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:d000:16:152c:ba40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
822d3b553942b10a90b0603e1edfed2fc47af1050286a1a3a680ba2634848798
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Feb 2023 06:43:48 GMT
Strict-Transport-Security
max-age=31536000;includeSubDomains;preload
Content-Encoding
gzip
Via
1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript;charset=utf-8
Vary
Accept-Encoding, User-Agent
X-Cache
Miss from cloudfront
Cache-Control
no-cache, no-store, no-cache, no-store
Connection
keep-alive
X-Amz-Cf-Id
Y4qZx6cPRDQO1N3KfHn7Lg9X39FB1ch1BCsSlAxhMy9Ke3sQC2N4QQ==
Expires
0
a
in.wzrkt.com/
303 B
848 B
Script
General
Full URL
https://in.wzrkt.com/a?t=94&type=page&d=N4IglgJiBcIGwGkCcBaBB1A7CzAWArAFogA0IADgOYwCMZAxlTCABYAub5AztAPS8B7AHYAjAQEMAThDBDKAOiEBXAG7iAtuIDuAU3EAbNi3n0B63qRDpCAJQQB9AMIBBALIAFGKC3ryMAAxkbPr0MADaALoAvlFAAA%3D&rn=3&i=1677221028&sn=1&gc=82346b9b763c4580b1bda15661b6c248&arp=N4IgVg%2BgdiBcIC0DuBeFIA0ICW06IHUBGMAUwEUBBAEUvIFV0sATCAFwGc4AGFgCx5YAbnCJZIXeMAAEAX0w5m%2BAGwBpAJwBaVQQDsm3QBYArAgWl2k3iABOl0ct26ATM6LdnADllAA%3D&r=1677221028545
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/lib/clevertap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:d000:16:152c:ba40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9592a1fa3ce147f76d4b53cf8b848f93ef50f42c790c4dc90337d016bebc7f17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Feb 2023 06:43:48 GMT
Strict-Transport-Security
max-age=31536000;includeSubDomains;preload
Content-Encoding
gzip
Via
1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript;charset=utf-8
Vary
Accept-Encoding, User-Agent
X-Cache
Miss from cloudfront
Cache-Control
no-cache, no-store, no-cache, no-store
Connection
keep-alive
X-Amz-Cf-Id
CLEx0Xq2Xope45GEhpT0D3WsdxbGdkqOEE4LLU3EUMMEcedkTXeVow==
Expires
0
wzrk_dialog.min.js
d2r1yp2w7bby2u.cloudfront.net/js/
5 KB
2 KB
Script
General
Full URL
https://d2r1yp2w7bby2u.cloudfront.net/js/wzrk_dialog.min.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/lib/clevertap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-27.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5a31e088ca5323f5198d7a8642d71c8f98f28fe4c3602dd6dec3d6050cddba2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 06:39:20 GMT
Content-Encoding
gzip
Via
1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P4
Age
270
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 02 Feb 2023 10:21:09 GMT
Server
AmazonS3
ETag
W/"d88c7f215ede5f1df721205a700d563e"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1800, private
X-Amz-Cf-Id
wJiwm0FjbD3vsb3GQaWNcmAmVp2IVb6FwdujAwWLkdePLTAbSNo3ew==
PB_CT_new.png
d2r1yp2w7bby2u.cloudfront.net/js/
8 KB
9 KB
Image
General
Full URL
https://d2r1yp2w7bby2u.cloudfront.net/js/PB_CT_new.png
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-27.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5815f8715aa038803c4aa101915b811fdc1e935fe4617a0da7a4f6586775071

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 06:42:34 GMT
Via
1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P4
Age
77
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
8497
Last-Modified
Thu, 02 Feb 2023 10:21:13 GMT
Server
AmazonS3
ETag
"178040ad9cf7040646d09a3a33c5ac4a"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=1800, private
Accept-Ranges
bytes
X-Amz-Cf-Id
CK-yhYlll1qv0BCtTaw64ZOaeKVcolgtuUOQXuklHGMtJCgXxWEZYA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
onboarding.nuvamawealth.com
URL
https://onboarding.nuvamawealth.com/static/media/regBanner.61a6dd18.jpeg

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless function| $ function| jQuery object| dataLayer object| clevertap boolean| refreshKeyPressed boolean| modifierPressed object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| GooglebQhCsO function| createCookie function| readCookie function| eraseCookie object| dotq object| uetq function| fbq function| _fbq function| UET function| UET_init function| UET_push object| ueto_677dab06ad function| gtag object| YAHOO object| gaplugins object| gaGlobal object| gaData object| webpackJsonpao_ecosystem object| regeneratorRuntime function| $zopim function| getCookie function| getCookie1 boolean| trafficsrc string| URL1 string| ref function| getQueryVariable string| src1 string| med1 string| cam1 boolean| uat_present undefined| ref1 undefined| search_engine function| onYouTubeIframeAPIReady object| zEWebpackACJsonp function| zE function| zEmbed boolean| zEACLoaded object| wizrocket object| $WZRK_WR object| $CLTP_WR object| wzrkPermissionPopup

19 Cookies

Domain/Path Name / Value
.nuvamawealth.com/ Name: _gcl_au
Value: 1.1.412537750.1677221026
.nuvamawealth.com/ Name: _ga
Value: GA1.2.2103247390.1677221026
.nuvamawealth.com/ Name: _gid
Value: GA1.2.1914904007.1677221026
.nuvamawealth.com/ Name: _fbp
Value: fb.1.1677221026518.1423446833
.doubleclick.net/ Name: IDE
Value: AHWqTUl4-djMZ9ANcdqVhR2WiyJW3If6QldvPqc-T1FPGzSsH6rf6CY93a6p-5f-oVE
.yahoo.com/ Name: A3
Value: d=AQABBKJc-GMCEBvBqhQNTdaRStDXQHg3IYMFEgEBAQGu-WMCZAAAAAAA_eMAAA&S=AQAAAq5WFmcXi-JJQXDaTXg6YaM
.nuvamawealth.com/ Name: _uetsid
Value: 9722ba30b40e11ed8886fb0796e72b68
.nuvamawealth.com/ Name: _uetvid
Value: 9722c0a0b40e11ed8c86993c7f6c23e4
onboarding.nuvamawealth.com/ Name: LP
Value: https://onboarding.nuvamawealth.com/
onboarding.nuvamawealth.com/ Name: trafficsource
Value: Direct|Not set|
onboarding.nuvamawealth.com/ Name: source
Value: Direct
onboarding.nuvamawealth.com/ Name: medium
Value: Not set
onboarding.nuvamawealth.com/ Name: campaign
Value:
onboarding.nuvamawealth.com/ Name: platform
Value: undefined
.bing.com/ Name: MUID
Value: 3FB24C0F437E6B9A19945ECD42AC6A9C
widget-mediator.zopim.com/ Name: AWSALBCORS
Value: lfTFO4KqecCblO6Wrf6FK4OE+muc5c6ARuX17nfRQgOUNzTjF1wgze2kYQbH1msvUpSniJDQU/dVz2i7sRhJdOtdttEaBJhluAuJVzKC/om4FO9TSqbSb8CgxaX3
.nuvamawealth.com/ Name: __zlcmid
Value: 1EalcqBOqgK2qbr
.nuvamawealth.com/ Name: WZRK_G
Value: 82346b9b763c4580b1bda15661b6c248
.nuvamawealth.com/ Name: WZRK_S_6K9-KW7-745Z
Value: %7B%22p%22%3A1%2C%22s%22%3A1677221028%2C%22t%22%3A1677221028%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8696767.fls.doubleclick.net
adservice.google.com
bat.bing.com
capsapi.nuvamawealth.com
code.jquery.com
connect.facebook.net
d2r1yp2w7bby2u.cloudfront.net
ekr.zdassets.com
googleads.g.doubleclick.net
in.wzrkt.com
onboarding.nuvamawealth.com
s.yimg.com
sp.analytics.yahoo.com
static.zdassets.com
trans.edelweiss.co.in
v2.zopim.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
onboarding.nuvamawealth.com
104.16.103.139
104.18.72.113
142.250.186.162
142.250.74.198
143.204.89.73
2001:4de0:ac18::1:a:3a
212.82.100.181
2600:9000:2250:d000:16:152c:ba40:93a1
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::200e
2a00:1450:400d:80c::2004
2a00:1450:400d:80d::2008
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.117.197.73
52.222.214.54
52.222.236.27
09a51948fba50985c8e58868735063f2b292c2c5ab4f3792565e378c4618eb36
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
1d495b44495409a61717a45e86717e1b860bec17610f726adcff7a500e6b7364
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
334792603e185228465fe1600d535be07b105133ea2b84c3df86f4d120dd1b07
3943ced17e3e77e5606dd8c3aa73c7405cb17b71c4ebaddb306d6b181f8ca994
42f6d50e37d9f753f598b66b1bd285d568bf831fed110a625615ccf48956c156
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46ac29e6f6472f3575be1c17c6844e7c555f4b6f82dd378fb985f09c36d9974d
4d5823cae31104e8110e7f664af2694847c54cb0d1b1cbe4b146dbb58a0a62d2
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
822d3b553942b10a90b0603e1edfed2fc47af1050286a1a3a680ba2634848798
84fd53c6a8ac1f66c4166ec099766a4cff3eb93f3ab1a4d51e60cbdcc1a86ff4
9592a1fa3ce147f76d4b53cf8b848f93ef50f42c790c4dc90337d016bebc7f17
9cc4ec8ad664968577c80aa7105c2d2e849906fa95b8b8c92004c80f18f2692f
a0c39796dd28866d18392144380ef9282457bb4a76da2d279566c933a0915c1a
a1d5044fbcb5eaca2fa1d5806d857ecf850931613bf482c4b1dd68437e8bcb76
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
ab60df6b60e2d9c6eb41d43c3c97b97419384c2fde934bf655e73e59ca237b41
b2bbc97da7502db2b56b95d4df0999e7dbbc9be11b5f87ae1228d9c68088338a
b5a31e088ca5323f5198d7a8642d71c8f98f28fe4c3602dd6dec3d6050cddba2
b8e4068a6a4164748970fbcd33f0814eaf59308a94ca2d634d8e8ae35dc08ea4
bb0e234d1e9f5a9cdf9d4a2deff29d9bbd1729826ac477f418a8055736c0c26e
c2d83ad40a286051bd88ec3207cfeccf2e94ad85e777d9fe84708256f37ace14
c65ae43341647b2a18074905d205535bae98322f0c21d89b23888d1d588733a0
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b
cca3d75672ed655b4231f517610d6f5cd68ed2f53cec89e625a6b35dd0c09461
d5815f8715aa038803c4aa101915b811fdc1e935fe4617a0da7a4f6586775071
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed5eec662b27f7c117c1536a39f5b625803802584062245468a9558fea0aa336
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f881fd7a9ee8be6acdd9cfc7f8a9a6f981198be3daf2b50b1025f31f95f30f22