urlscan.io logo urlscan.io
SecurityTrails logo

onboarding.nuvamawealth.com Open in urlscan Pro
52.222.214.54  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://trans.edelweiss.co.in/YNUPGRJZM?id=25974=cU8IVFQBCFRXTFZVAQgKDAcLWgcHUg4CVlQBA1QCB1ECAQBRUAYGVlQIVlNSVl1QAw9FVQ5RWF9SR...
Effective URL: https://onboarding.nuvamawealth.com/
Submission: On February 24 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 6 countries across 18 domains to perform 43 HTTP transactions. The main IP is 52.222.214.54, located in United States and belongs to AMAZON-02, US. The main domain is onboarding.nuvamawealth.com.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on October 21st 2022. Valid for: a year.
This is the only time onboarding.nuvamawealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.117.197.73 396982 (GOOGLE-CL...)
8 52.222.214.54 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (STACKPATH...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2 142.250.185.230 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
2 172.217.18.2 15169 (GOOGLE)
1 212.82.100.181 34010 (YAHOO-IRD)
2 4 104.16.107.139 13335 (CLOUDFLAR...)
2 104.18.70.113 13335 (CLOUDFLAR...)
4 143.204.89.123 16509 (AMAZON-02)
3 2600:9000:225... 16509 (AMAZON-02)
2 52.222.236.55 16509 (AMAZON-02)
43 20
1    34.117.197.73 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 73.197.117.34.bc.googleusercontent.com
trans.edelweiss.co.in
8    52.222.214.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-54.fra56.r.cloudfront.net
onboarding.nuvamawealth.com
1    2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
2    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
2    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
8696767.fls.doubleclick.net
2    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
www.googleadservices.com
1    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
4    104.16.107.139 (None, )

ASN13335 (CLOUDFLARENET, US)
v2.zopim.com
2    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
4    143.204.89.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-123.fra50.r.cloudfront.net
capsapi.nuvamawealth.com
3    2600:9000:2250:2400:16:152c:ba40:93a1 (United States)

ASN16509 (AMAZON-02, US)
in.wzrkt.com
2    52.222.236.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-55.fra56.r.cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
Apex Domain
Subdomains		 Transfer
12 nuvamawealth.com
onboarding.nuvamawealth.com
capsapi.nuvamawealth.com
3 MB
4 zopim.com
v2.zopim.com — Cisco Umbrella Rank: 9793
245 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
8696767.fls.doubleclick.net
3 KB
3 wzrkt.com
in.wzrkt.com — Cisco Umbrella Rank: 151590
2 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 73
2 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 357
12 KB
2 cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
11 KB
2 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 1803
ekr.zdassets.com — Cisco Umbrella Rank: 2092
8 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 163
18 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 105
239 B
2 google.de
www.google.de — Cisco Umbrella Rank: 6149
563 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
136 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 466
7 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
136 KB
1 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1186
633 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
20 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 693
24 KB
1 edelweiss.co.in
trans.edelweiss.co.in
311 B
43 18
Domain Requested by
8 onboarding.nuvamawealth.com onboarding.nuvamawealth.com
4 capsapi.nuvamawealth.com onboarding.nuvamawealth.com
4 v2.zopim.com 2 redirects onboarding.nuvamawealth.com
3 in.wzrkt.com onboarding.nuvamawealth.com
3 bat.bing.com onboarding.nuvamawealth.com
bat.bing.com
2 d2r1yp2w7bby2u.cloudfront.net onboarding.nuvamawealth.com
2 www.googleadservices.com 8696767.fls.doubleclick.net
www.googleadservices.com
2 www.facebook.com onboarding.nuvamawealth.com
2 www.google.de onboarding.nuvamawealth.com
8696767.fls.doubleclick.net
2 www.google.com 1 redirects onboarding.nuvamawealth.com
2 8696767.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 connect.facebook.net onboarding.nuvamawealth.com
connect.facebook.net
2 s.yimg.com onboarding.nuvamawealth.com
s.yimg.com
2 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
2 www.googletagmanager.com onboarding.nuvamawealth.com
www.googletagmanager.com
1 ekr.zdassets.com v2.zopim.com
1 static.zdassets.com onboarding.nuvamawealth.com
1 sp.analytics.yahoo.com onboarding.nuvamawealth.com
1 adservice.google.com 8696767.fls.doubleclick.net
1 www.google-analytics.com www.googletagmanager.com
1 code.jquery.com onboarding.nuvamawealth.com
1 trans.edelweiss.co.in 1 redirects
43 22

This site contains no links.

Subject Issuer Validity Valid
*.nuvamawealth.com
GlobalSign RSA OV SSL CA 2018		 2022-10-21 -
2023-11-22		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-01-19 -
2023-03-08		 2 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-03-03		 2 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-01-03 -
2023-06-28		 6 months crt.sh
zdassets.com
Cloudflare Inc ECC CA-3		 2022-11-10 -
2023-11-09		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-30 -
2023-05-30		 a year crt.sh
in.wzrkt.com
Amazon		 2022-04-06 -
2023-05-05		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh

This page contains 4 frames:

Primary Page: https://onboarding.nuvamawealth.com/
Frame ID: ACA2A7A96AADEC44B3ABB5400307091D
Requests: 35 HTTP requests in this frame

Frame: https://8696767.fls.doubleclick.net/activityi;dc_pre=CNXi8uaTrf0CFY2wUQodKzoK4w;src=8696767;type=invmedia;cat=edelw000;ord=8135014514399;gtm=45fe32m0;auiddc=506151258.1677207225;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F
Frame ID: 382D28DC64A5B4FBD60DE9FAFB578BF0
Requests: 5 HTTP requests in this frame

Frame: https://v2.zopim.com/widget/images/avatar_simple_visitor.png
Frame ID: 680C0E8B8A49463F946C41E869C3A011
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: EF188422F24CCC462DE7CC8126AAC489
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nuvama

Page URL History Show full URLs

  1. http://trans.edelweiss.co.in/YNUPGRJZM?id=25974=cU8IVFQBCFRXTFZVAQgKDAcLWgcHUg4CVlQBA1QCB1ECAQBRUAYGVlQIV... HTTP 302
    https://onboarding.nuvamawealth.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • v2\.zopim\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

93 %
HTTPS

55 %
IPv6

18
Domains

22
Subdomains

20
IPs

6
Countries

3837 kB
Transfer

6055 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://trans.edelweiss.co.in/YNUPGRJZM?id=25974=cU8IVFQBCFRXTFZVAQgKDAcLWgcHUg4CVlQBA1QCB1ECAQBRUAYGVlQIVlNSVl1QAw9FVQ5RWF9SRVNQUxhIHXJHWxdIV14OHwFTVAMACQADDgwFUQMBCAMGSlxDFRZeHRxMFgdaQk0GVAAPQ1VQRkEXWllIXVgeanljZHAzLD5/DFEAGkIC&fl=WkdMFBUOHkwMXgcMVUJdXFxeF1gTQldcUkBTVVsVDkpRXFVL HTTP 302
    https://onboarding.nuvamawealth.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://8696767.fls.doubleclick.net/activityi;src=8696767;type=invmedia;cat=edelw000;ord=8135014514399;gtm=45fe32m0;auiddc=506151258.1677207225;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F HTTP 302
  • https://8696767.fls.doubleclick.net/activityi;dc_pre=CNXi8uaTrf0CFY2wUQodKzoK4w;src=8696767;type=invmedia;cat=edelw000;ord=8135014514399;gtm=45fe32m0;auiddc=506151258.1677207225;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F
Request Chain 23
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/800386472/?random=1273336366&cv=9&fst=1677207225131&num=1&npa=1&label=kqBBCMrtpYgDEKjb0_0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8696767.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCNXi8uaTrf0CFY2wUQodKzoK4w%3Bsrc%3D8696767%3Btype%3Dinvmedia%3Bcat%3Dedelw000%3Bord%3D8135014514399%3Bgtm%3D45fe32m0%3Bauiddc%3D506151258.1677207225%3B~oref%3Dhttps%253A%252F%252Fonboarding.nuvamawealth.com%252F%3F&ref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=uSb4Y6_ZCPWO9u8PrLewuAg&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/800386472/?random=1273336366&cv=9&fst=1677207225131&num=1&npa=1&label=kqBBCMrtpYgDEKjb0_0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8696767.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCNXi8uaTrf0CFY2wUQodKzoK4w%3Bsrc%3D8696767%3Btype%3Dinvmedia%3Bcat%3Dedelw000%3Bord%3D8135014514399%3Bgtm%3D45fe32m0%3Bauiddc%3D506151258.1677207225%3B~oref%3Dhttps%253A%252F%252Fonboarding.nuvamawealth.com%252F%3F&ref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=uSb4Y6_ZCPWO9u8PrLewuAg&cid=CAQSKQDUE5ym7YGsx4m6wyFl10NcRPOsGHKGwwdWi1of1A2xNIZ_QZbaOSrZ&random=3414234323&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/800386472/?random=1273336366&cv=9&fst=1677207225131&num=1&npa=1&label=kqBBCMrtpYgDEKjb0_0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8696767.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCNXi8uaTrf0CFY2wUQodKzoK4w%3Bsrc%3D8696767%3Btype%3Dinvmedia%3Bcat%3Dedelw000%3Bord%3D8135014514399%3Bgtm%3D45fe32m0%3Bauiddc%3D506151258.1677207225%3B~oref%3Dhttps%253A%252F%252Fonboarding.nuvamawealth.com%252F%3F&ref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=uSb4Y6_ZCPWO9u8PrLewuAg&cid=CAQSKQDUE5ym7YGsx4m6wyFl10NcRPOsGHKGwwdWi1of1A2xNIZ_QZbaOSrZ&random=3414234323&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Request Chain 24
  • https://v2.zopim.com/?41MH0WLFP1PIiJh5X3GVaJmPkKi5A6EP HTTP 302
  • https://static.zdassets.com/ekr/asset_composer.js
Request Chain 35
  • https://v2.zopim.com/w?41MH0WLFP1PIiJh5X3GVaJmPkKi5A6EP HTTP 302
  • https://v2.zopim.com/bin/v/widget_v2.334.js

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
onboarding.nuvamawealth.com/
Redirect Chain
  • http://trans.edelweiss.co.in/YNUPGRJZM?id=25974=cU8IVFQBCFRXTFZVAQgKDAcLWgcHUg4CVlQBA1QCB1ECAQBRUAYGVlQIVlNSVl1QAw9FVQ5RWF9SRVNQUxhIHXJHWxdIV14OHwFTVAMACQADDgwFUQMBCAMGSlxDFRZeHRxMFgdaQk0GVAAPQ1VQR...
  • https://onboarding.nuvamawealth.com/
3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-54.fra56.r.cloudfront.net
Software
Microsoft-IIS/8.5 /
Resource Hash
f881fd7a9ee8be6acdd9cfc7f8a9a6f981198be3daf2b50b1025f31f95f30f22

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
3488
content-type
text/html
date
Fri, 24 Feb 2023 02:53:44 GMT
etag
"5e9d6b72ec32d91:0"
last-modified
Sat, 28 Jan 2023 07:45:09 GMT
server
Microsoft-IIS/8.5
vary
Accept-Encoding
via
1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
x-amz-cf-id
341Xi_3qtyVE5WHAmHmPnqxNG0EtrsuF_Y4CeTPHi8KRegS6JWFoXQ==
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront

Redirect headers

Content-Type
text/html
Date
Fri, 24 Feb 2023 02:53:44 GMT
Location
https://onboarding.nuvamawealth.com/
Server
nginx
Strict-Transport-Security
max-age=7200
Transfer-Encoding
chunked
Via
1.1 google
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
jquery-3.4.1.slim.min.js
code.jquery.com/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.slim.min.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f

Request headers

Referer
https://onboarding.nuvamawealth.com/
Origin
https://onboarding.nuvamawealth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 02:53:44 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-1157d"
vary
Accept-Encoding
x-hw
1677207224.dop267.fr8.t,1677207224.cds227.fr8.hn,1677207224.cds326.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
24328
2.c61ffb77.chunk.css
onboarding.nuvamawealth.com/static/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onboarding.nuvamawealth.com/static/css/2.c61ffb77.chunk.css
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-54.fra56.r.cloudfront.net
Software
Microsoft-IIS/8.5 /
Resource Hash
ed5eec662b27f7c117c1536a39f5b625803802584062245468a9558fea0aa336

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 02:53:44 GMT
via
1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
last-modified
Sat, 28 Jan 2023 07:45:09 GMT
server
Microsoft-IIS/8.5
x-amz-cf-pop
FRA56-P3
etag
"e7896b72ec32d91:0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
3790
x-amz-cf-id
JXn770tJEev3e8Fv7p_yBWIRRltWpgCL98M-7o1o0pzh1RGQjz5esQ==
main.74beff27.chunk.css
onboarding.nuvamawealth.com/static/css/ 		177 KB
178 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onboarding.nuvamawealth.com/static/css/main.74beff27.chunk.css
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-54.fra56.r.cloudfront.net
Software
Microsoft-IIS/8.5 /
Resource Hash
1d495b44495409a61717a45e86717e1b860bec17610f726adcff7a500e6b7364

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 02:53:44 GMT
via
1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
last-modified
Sat, 28 Jan 2023 07:45:09 GMT
server
Microsoft-IIS/8.5
x-amz-cf-pop
FRA56-P3
etag
"97f26a72ec32d91:0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
181655
x-amz-cf-id
teZiyBXgJvv8Pq5lL5xx5pMhZrOFUIoiNrSBfpGSTKujSDKS0QAweQ==
2.49b29dd0.chunk.js
onboarding.nuvamawealth.com/static/js/ 		440 KB
441 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onboarding.nuvamawealth.com/static/js/2.49b29dd0.chunk.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-54.fra56.r.cloudfront.net
Software
Microsoft-IIS/8.5 /
Resource Hash
3943ced17e3e77e5606dd8c3aa73c7405cb17b71c4ebaddb306d6b181f8ca994

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 02:53:44 GMT
via
1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
last-modified
Sat, 28 Jan 2023 07:45:09 GMT
server
Microsoft-IIS/8.5
x-amz-cf-pop
FRA56-P3
etag
"5e9d6b72ec32d91:0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
450843
x-amz-cf-id
KK2Fy5B0N2XqsSE9FzfArzGt6KmEYcTPdxEmdav8mOrWYTMKMJPvew==
main.f5939583.chunk.js
onboarding.nuvamawealth.com/static/js/ 		586 KB
587 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onboarding.nuvamawealth.com/static/js/main.f5939583.chunk.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-54.fra56.r.cloudfront.net
Software
Microsoft-IIS/8.5 /
Resource Hash
42f6d50e37d9f753f598b66b1bd285d568bf831fed110a625615ccf48956c156

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 02:53:44 GMT
via
1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
last-modified
Sat, 28 Jan 2023 07:45:09 GMT
server
Microsoft-IIS/8.5
x-amz-cf-pop
FRA56-P3
etag
"c486b72ec32d91:0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
599770
x-amz-cf-id
BkXf64XIKYjuPaWOJlG3DUE-8nEHv-chxDJXPe6MbpUfbbuMYiwpvQ==
gtm.js
www.googletagmanager.com/ 		296 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-52S6X2
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4b769774ce2aefaef75b0f125cc78c8fe7e4675557d358a3d499f8da08ada571
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 02:53:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93985
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 01:24:32 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 24 Feb 2023 02:53:44 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S6X2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Feb 2023 02:14:50 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
2334
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 24 Feb 2023 04:14:50 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/994734298/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994734298/?random=1677207224823&cv=11&fst=1677207224823&bg=ffffff&guid=ON&async=1&gtm=45He32m0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fonboarding.nuvamawealth.com%2F&tiba=Nuvama&auid=506151258.1677207225&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S6X2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfe8941b9a1edcc657f42f47fd803a2440c4ea0566979488ab2cc61380e0f995
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 02:53:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
851
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ytc.js
s.yimg.com/wi/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 02:53:23 GMT
x-amz-version-id
.QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
1XCM3PNVA5N7N2DP
age
22
x-amz-server-side-encryption
AES256
x-amz-id-2
tiXqAdEuwef1sLVQ/ZoaQnOB6dE5BQlAUdDbLhmP9EkXBM6teQvefjdXwNs3ZiVm8UESUeZARyFe8h+MSt0yaw==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Tue, 14 Jun 2022 12:21:31 GMT
server
ATS
etag
"6a624022b5d271dcefb070b0b6670abc-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
bat.js
bat.bing.com/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 24 Feb 2023 02:53:44 GMT
last-modified
Thu, 16 Feb 2023 18:31:53 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BBCBD70A0E4749198A68EDCFEB6892E5 Ref B: FRA31EDGE0708 Ref C: 2023-02-24T02:53:44Z
etag
"8072cff03442d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11894
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8696767
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S6X2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f2cc24a09986d6073472255b691b5557171b0dcac2ee4d6502c1e3e86216cc93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 02:53:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44757
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 01:24:32 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 24 Feb 2023 02:53:44 GMT
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 24 Feb 2023 02:53:44 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27843
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
3RNmE1VtDpjwQ19TROsUJCX7gMEdfX6xqfHLMJT2ryw60TwE8WRuEZ/K8hHecY8XgIwErZqO+TgvZHeeRNAyTg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
activityi;dc_pre=CNXi8uaTrf0CFY2wUQodKzoK4w;src=8696767;type=invmedia;cat=edelw000;ord=8135014514399;gtm=45fe32m0;auiddc=506151258.1677207225;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F
8696767.fls.doubleclick.net/ Frame 382D
Redirect Chain
  • https://8696767.fls.doubleclick.net/activityi;src=8696767;type=invmedia;cat=edelw000;ord=8135014514399;gtm=45fe32m0;auiddc=506151258.1677207225;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F?
  • https://8696767.fls.doubleclick.net/activityi;dc_pre=CNXi8uaTrf0CFY2wUQodKzoK4w;src=8696767;type=invmedia;cat=edelw000;ord=8135014514399;gtm=45fe32m0;auiddc=506151258.1677207225;~oref=https%3A%2F%2...
1 KB
832 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8696767.fls.doubleclick.net/activityi;dc_pre=CNXi8uaTrf0CFY2wUQodKzoK4w;src=8696767;type=invmedia;cat=edelw000;ord=8135014514399;gtm=45fe32m0;auiddc=506151258.1677207225;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8696767
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
9bf8557b926def5cd339ce7609924c262b3d9fc6bfd01758d7c973e5339859d6
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onboarding.nuvamawealth.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
494
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Feb 2023 02:53:45 GMT
expires
Fri, 24 Feb 2023 02:53:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Feb 2023 02:53:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8696767.fls.doubleclick.net/activityi;dc_pre=CNXi8uaTrf0CFY2wUQodKzoK4w;src=8696767;type=invmedia;cat=edelw000;ord=8135014514399;gtm=45fe32m0;auiddc=506151258.1677207225;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
516773232307253
connect.facebook.net/signals/config/ 		378 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/516773232307253?v=2.9.97&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cca3d75672ed655b4231f517610d6f5cd68ed2f53cec89e625a6b35dd0c09461
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 24 Feb 2023 02:53:44 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
pdFvbtq3Be2uy96nkJrDXaIHOj6bqohPzGyqUdjoqPnNsd9FxoHZPPLQ71Jdm0pPvrutOMiJKOH9q93YYBgViw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
5550104.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5550104.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Fri, 24 Feb 2023 02:53:44 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7D24FD28B0274E02BFDA3A733F069BF7 Ref B: FRA31EDGE0708 Ref C: 2023-02-24T02:53:44Z
x-cache
CONFIG_NOCACHE
10017891.json
s.yimg.com/wi/config/ 		2 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10017891.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 02:53:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
9SHMJEF9NXF62YTM
age
3
content-length
22
x-amz-id-2
M2Xcz2RWLWTZHkuJhiopWpsXSEWowrRCDgdJyzrYfKmRd3HHq/GwsIas9rQPTLGIkEj2Pyjm/RR7RzZiLerOTA==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
/
www.google.com/pagead/1p-user-list/994734298/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/994734298/?random=1677207224823&cv=11&fst=1677204000000&bg=ffffff&guid=ON&async=1&gtm=45He32m0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fonboarding.nuvamawealth.com%2F&tiba=Nuvama&fmt=3&is_vtc=1&random=2299220555&rmt_tld=0&ipr=y
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 02:53:44 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/994734298/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/994734298/?random=1677207224823&cv=11&fst=1677204000000&bg=ffffff&guid=ON&async=1&gtm=45He32m0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fonboarding.nuvamawealth.com%2F&tiba=Nuvama&fmt=3&is_vtc=1&random=2299220555&rmt_tld=1&ipr=y
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 02:53:44 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=516773232307253&ev=PageView&dl=https%3A%2F%2Fonboarding.nuvamawealth.com%2F&rl=&if=false&ts=1677207225016&sw=1600&sh=1200&v=2.9.97&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1677207225015.293193637&it=1677207224923&coo=false&rqm=GET
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 24 Feb 2023 02:53:45 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
conversion.js
www.googleadservices.com/pagead/ Frame 382D 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 8696767.fls.doubleclick.net
URL: https://8696767.fls.doubleclick.net/activityi;dc_pre=CNXi8uaTrf0CFY2wUQodKzoK4w;src=8696767;type=invmedia;cat=edelw000;ord=8135014514399;gtm=45fe32m0;auiddc=506151258.1677207225;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ab60df6b60e2d9c6eb41d43c3c97b97419384c2fde934bf655e73e59ca237b41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8696767.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 02:53:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16998
x-xss-protection
0
server
cafe
etag
6765087244414729774
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 24 Feb 2023 02:53:45 GMT
dc_pre=CNXi8uaTrf0CFY2wUQodKzoK4w;src=8696767;type=invmedia;cat=edelw000;ord=8135014514399;gtm=45fe32m0;auiddc=*;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F
adservice.google.com/ddm/fls/z/ Frame 382D 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CNXi8uaTrf0CFY2wUQodKzoK4w;src=8696767;type=invmedia;cat=edelw000;ord=8135014514399;gtm=45fe32m0;auiddc=*;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F
Requested by
Host: 8696767.fls.doubleclick.net
URL: https://8696767.fls.doubleclick.net/activityi;dc_pre=CNXi8uaTrf0CFY2wUQodKzoK4w;src=8696767;type=invmedia;cat=edelw000;ord=8135014514399;gtm=45fe32m0;auiddc=506151258.1677207225;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8696767.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 02:53:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2024%20Feb%202023%2002%3A53%3A45%20GMT&n=0&b=Nuvama&.yp=10017891&f=https%3A%2F%2Fonboarding.nuvamawealth.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 02:53:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Fri, 24 Feb 2023 02:53:45 GMT
/
www.googleadservices.com/pagead/conversion/800386472/ Frame 382D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/800386472/?random=1677207225131&cv=9&fst=1677207225131&num=1&npa=1&label=kqBBCMrtpYgDEKjb0_0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8696767.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCNXi8uaTrf0CFY2wUQodKzoK4w%3Bsrc%3D8696767%3Btype%3Dinvmedia%3Bcat%3Dedelw000%3Bord%3D8135014514399%3Bgtm%3D45fe32m0%3Bauiddc%3D506151258.1677207225%3B~oref%3Dhttps%253A%252F%252Fonboarding.nuvamawealth.com%252F%3F&ref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
589f71b2c407a5284ac96c6af6e4ae64074b24ed060e0d7d818c6089cae4f430
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8696767.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 02:53:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1186
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/800386472/ Frame 382D
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/800386472/?random=1273336366&cv=9&fst=1677207225131&num=1&npa=1&label=kqBBCMrtpYgDEKjb0_0C&guid=ON&resp=GooglemKTybQhCsO&eid=3756032...
  • https://www.google.com/pagead/1p-conversion/800386472/?random=1273336366&cv=9&fst=1677207225131&num=1&npa=1&label=kqBBCMrtpYgDEKjb0_0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925&u_h=12...
  • https://www.google.de/pagead/1p-conversion/800386472/?random=1273336366&cv=9&fst=1677207225131&num=1&npa=1&label=kqBBCMrtpYgDEKjb0_0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925&u_h=120...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/800386472/?random=1273336366&cv=9&fst=1677207225131&num=1&npa=1&label=kqBBCMrtpYgDEKjb0_0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8696767.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCNXi8uaTrf0CFY2wUQodKzoK4w%3Bsrc%3D8696767%3Btype%3Dinvmedia%3Bcat%3Dedelw000%3Bord%3D8135014514399%3Bgtm%3D45fe32m0%3Bauiddc%3D506151258.1677207225%3B~oref%3Dhttps%253A%252F%252Fonboarding.nuvamawealth.com%252F%3F&ref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=uSb4Y6_ZCPWO9u8PrLewuAg&cid=CAQSKQDUE5ym7YGsx4m6wyFl10NcRPOsGHKGwwdWi1of1A2xNIZ_QZbaOSrZ&random=3414234323&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Requested by
Host: 8696767.fls.doubleclick.net
URL: https://8696767.fls.doubleclick.net/activityi;dc_pre=CNXi8uaTrf0CFY2wUQodKzoK4w;src=8696767;type=invmedia;cat=edelw000;ord=8135014514399;gtm=45fe32m0;auiddc=506151258.1677207225;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F?
Protocol
H2
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8696767.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 02:53:45 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Feb 2023 02:53:45 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/800386472/?random=1273336366&cv=9&fst=1677207225131&num=1&npa=1&label=kqBBCMrtpYgDEKjb0_0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8696767.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCNXi8uaTrf0CFY2wUQodKzoK4w%3Bsrc%3D8696767%3Btype%3Dinvmedia%3Bcat%3Dedelw000%3Bord%3D8135014514399%3Bgtm%3D45fe32m0%3Bauiddc%3D506151258.1677207225%3B~oref%3Dhttps%253A%252F%252Fonboarding.nuvamawealth.com%252F%3F&ref=https%3A%2F%2Fonboarding.nuvamawealth.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=uSb4Y6_ZCPWO9u8PrLewuAg&cid=CAQSKQDUE5ym7YGsx4m6wyFl10NcRPOsGHKGwwdWi1of1A2xNIZ_QZbaOSrZ&random=3414234323&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
asset_composer.js
static.zdassets.com/ekr/
Redirect Chain
  • https://v2.zopim.com/?41MH0WLFP1PIiJh5X3GVaJmPkKi5A6EP
  • https://static.zdassets.com/ekr/asset_composer.js
23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/asset_composer.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 02:53:46 GMT
x-amz-version-id
57KHzv0Z81imwMa0XxScJAmcLiHhq1Ku
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
SJFE11F2VBQ0FR08
age
26
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
weoZO/ehm8ZJJbyDKYC/7MZFwTUKOQ6cnq/QUsslvwS9xH+LaWPrA7dacdYre81GAy+1ScA92WA=
last-modified
Thu, 28 Jul 2022 23:44:02 GMT
server
cloudflare
etag
W/"5cae6ce528dce0c327b2bcbaad459fdb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Axy3XjhCdAn4%2FHo5sZV6Q9oaHA4dmf5708Ye8NZSi49swLhCkrQywnf0RAHsbTr1foiaOY%2FDUftdzKh1HwTMNPFSm9OPsaVN72xIFF3qUB%2BDpc33qDG6LVZ73SZ7UDbofGXiMn0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
cf-ray
79e4e9ae597e2c02-FRA

Redirect headers

location
https://static.zdassets.com/ekr/asset_composer.js
date
Fri, 24 Feb 2023 02:53:46 GMT
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server
cloudflare
cf-ray
79e4e9ae1bff3643-FRA
vary
Accept-Encoding
expires
Thu, 01 Jan 1970 00:00:01 GMT
Nuvama_Identity_RGB_Positive.607aa283.jpg
onboarding.nuvamawealth.com/static/media/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onboarding.nuvamawealth.com/static/media/Nuvama_Identity_RGB_Positive.607aa283.jpg
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-54.fra56.r.cloudfront.net
Software
Microsoft-IIS/8.5 /
Resource Hash
334792603e185228465fe1600d535be07b105133ea2b84c3df86f4d120dd1b07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 02:53:46 GMT
via
1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
last-modified
Sat, 28 Jan 2023 07:45:09 GMT
server
Microsoft-IIS/8.5
x-amz-cf-pop
FRA56-P3
etag
"8f846672ec32d91:0"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
91886
x-amz-cf-id
Ll3U9DRpT9qupS8dnyEL0P407wSrm-gSrtid8k-dmPO7-R6UO8AtWg==
regBanner.61a6dd18.jpeg
onboarding.nuvamawealth.com/static/media/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onboarding.nuvamawealth.com/static/media/regBanner.61a6dd18.jpeg
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-54.fra56.r.cloudfront.net
Software
Microsoft-IIS/8.5 /
Resource Hash
5f4bffb30dae62c3c4a5d9c0138e73279a787cfa1661f7b3829e43ba700d4635

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 02:53:46 GMT
via
1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
last-modified
Sat, 28 Jan 2023 07:45:09 GMT
server
Microsoft-IIS/8.5
x-amz-cf-pop
FRA56-P3
etag
"2dbd6672ec32d91:0"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
1760353
x-amz-cf-id
bNuMsJtyyj20razjMNBC7r2xrfqNXzzj8GpJRBJM_s59f2OsUSZ6-g==
GetCity
capsapi.nuvamawealth.com/DIYAPI/api/MastersData/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://capsapi.nuvamawealth.com/DIYAPI/api/MastersData/GetCity
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-123.fra50.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
api-key,content-type
Access-Control-Request-Method
GET
Origin
https://onboarding.nuvamawealth.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers
api-key,content-type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
date
Fri, 24 Feb 2023 02:53:46 GMT
server
Microsoft-IIS/8.5
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-amz-cf-id
eDccaImuygbQ1LZcltxNOetyx85x5UF9TA7Mfhy9Y31JoggNCLdkyw==
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-powered-by
ASP.NET
GetCity
capsapi.nuvamawealth.com/DIYAPI/api/MastersData/ 		784 KB
130 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://capsapi.nuvamawealth.com/DIYAPI/api/MastersData/GetCity
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/static/js/main.f5939583.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-123.fra50.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4d5823cae31104e8110e7f664af2694847c54cb0d1b1cbe4b146dbb58a0a62d2

Request headers

Referer
https://onboarding.nuvamawealth.com/
api-key
c41121ed-b6fb-c9a6-bc9b-574c82929e7e
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Feb 2023 22:19:40 GMT
content-encoding
br
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
server
Microsoft-IIS/8.5
x-amz-cf-pop
FRA50-C1
age
16447
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-amz-cf-id
nYmQBtwDrs2FOYSMu9UlCx54JHx0Z6nHZn6NGGYkBM8WfKJIhuIAPw==
Errormessages
capsapi.nuvamawealth.com/DIYAPI/api/MastersData/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://capsapi.nuvamawealth.com/DIYAPI/api/MastersData/Errormessages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-123.fra50.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
api-key,content-type
Access-Control-Request-Method
POST
Origin
https://onboarding.nuvamawealth.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers
api-key,content-type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
date
Fri, 24 Feb 2023 02:53:46 GMT
server
Microsoft-IIS/8.5
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-amz-cf-id
e_ZyZ3U1bObArnMmxcduwAvuYCtl-goLjPDNrj_dLPfvqXDTtIfD3g==
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-powered-by
ASP.NET
Errormessages
capsapi.nuvamawealth.com/DIYAPI/api/MastersData/ 		7 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://capsapi.nuvamawealth.com/DIYAPI/api/MastersData/Errormessages
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/static/js/main.f5939583.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-123.fra50.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b98d29c330f8b31fa996a11e2d08eb9717dccd66a9eb52dbf6a54278d40f8431

Request headers

Referer
https://onboarding.nuvamawealth.com/
api-key
c41121ed-b6fb-c9a6-bc9b-574c82929e7e
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 24 Feb 2023 02:53:46 GMT
content-encoding
br
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
server
Microsoft-IIS/8.5
x-amz-cf-pop
FRA50-C1
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-amz-cf-id
1Eqd9k8k9A_xRgk0522clk11WuPhRpS_PLCvG8G1DQf9RNK4b-4UGw==
clevertap.js
onboarding.nuvamawealth.com/lib/ 		42 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onboarding.nuvamawealth.com/lib/clevertap.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/static/js/main.f5939583.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-54.fra56.r.cloudfront.net
Software
Microsoft-IIS/8.5 /
Resource Hash
9cc4ec8ad664968577c80aa7105c2d2e849906fa95b8b8c92004c80f18f2692f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 02:53:46 GMT
via
1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
last-modified
Wed, 15 Dec 2021 09:58:11 GMT
server
Microsoft-IIS/8.5
x-amz-cf-pop
FRA56-P3
etag
"6e6be9449af1d71:0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
43433
x-amz-cf-id
AluTtAfkJRM79BgT7yKvl7NrZKI_uw4XxCY6uKs66eFghlhzZPOKMg==
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=516773232307253&ev=Microdata&dl=https%3A%2F%2Fonboarding.nuvamawealth.com%2F&rl=&if=false&ts=1677207226569&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Nuvama%22%2C%22meta%3Adescription%22%3A%22Nuvama%20Account%20Opening%20Application%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.97&r=stable&ec=1&o=30&fbp=fb.1.1677207225015.293193637&it=1677207224923&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 24 Feb 2023 02:53:46 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5550104&Ver=2&mid=45a9ca46-5007-489e-99f5-2d5cd270c777&sid=750e1a70b3ee11edb6902d92f1680944&vid=750e5f90b3ee11ed81520de4f7ad99a8&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Nuvama&p=https%3A%2F%2Fonboarding.nuvamawealth.com%2F&r=&lt=2547&evt=pageLoad&sv=1&rn=266993
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 24 Feb 2023 02:53:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 36164E98456A40D6A71BA8CE05974E91 Ref B: FRA31EDGE0708 Ref C: 2023-02-24T02:53:46Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
41MH0WLFP1PIiJh5X3GVaJmPkKi5A6EP
ekr.zdassets.com/compose/zopim_chat/ 		193 B
1008 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/zopim_chat/41MH0WLFP1PIiJh5X3GVaJmPkKi5A6EP
Requested by
Host: v2.zopim.com
URL: https://v2.zopim.com/?41MH0WLFP1PIiJh5X3GVaJmPkKi5A6EP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb0e234d1e9f5a9cdf9d4a2deff29d9bbd1729826ac477f418a8055736c0c26e
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 02:53:46 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
status
200 OK
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
79e00605e8413642-FRA, 79e00605e8413642-FRA
x-runtime
0.002381
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"bb0e234d1e9f5a9cdf9d4a2deff29d9b"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EjyD60WMZn7WTijvsdJOsgRCgHYKu4IVBToe6gga4WNSud0nTY32r5NUTyBk%2FB88TsPH7LlAydd21FhHhljs4DAG0VScFeRLFmPsfDh8DqHxwJO2T3XbEJU1bY2jvxxnTj8%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
vary
Origin, Accept-Encoding
cf-ray
79e4e9aeabbd367b-FRA
widget_v2.334.js
v2.zopim.com/bin/v/
Redirect Chain
  • https://v2.zopim.com/w?41MH0WLFP1PIiJh5X3GVaJmPkKi5A6EP
  • https://v2.zopim.com/bin/v/widget_v2.334.js
1 MB
244 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v2.zopim.com/bin/v/widget_v2.334.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Server
104.16.107.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fa5d7a0efd9855a9a16af74de30a4cafd2d58d687033e6c042499498195987d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 02:53:46 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 27 Jul 2022 03:35:19 GMT
server
cloudflare
age
1298366
etag
W/"62e0b277-10301f"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=315360000
cf-ray
79e4e9affd603643-FRA
expires
Mon, 21 Feb 2033 02:53:46 GMT

Redirect headers

date
Fri, 24 Feb 2023 02:53:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
etag
"62e9bace-0"
content-type
application/octet-stream
location
https://v2.zopim.com/bin/v/widget_v2.334.js
cache-control
max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
cf-ray
79e4e9afdd4d3643-FRA
content-length
0
expires
Fri, 24 Feb 2023 06:53:46 GMT
avatar_simple_visitor.png
v2.zopim.com/widget/images/ Frame 680C 		638 B
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v2.zopim.com/widget/images/avatar_simple_visitor.png
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.107.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59b0b341f2377d03855e6151484cc22019c58f997a11577715121d710fd2386c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 02:53:47 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Thu, 02 Mar 2017 11:22:19 GMT
server
cloudflare
age
88739
cf-polished
origSize=1922
etag
"58b8006b-782"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
79e4e9b22f093643-FRA
content-length
638
expires
Fri, 03 Mar 2023 02:53:47 GMT
truncated
/ Frame EF18 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2d83ad40a286051bd88ec3207cfeccf2e94ad85e777d9fe84708256f37ace14

Request headers

Referer
Origin
https://onboarding.nuvamawealth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
application/font-woff
a
in.wzrkt.com/ 		316 B
833 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.wzrkt.com/a?t=94&type=push&d=N4IgLgngDgpiBcIoCcD2AzAlgGzgGiTS1wVAGMwB9VKMVAVzAXQENsBnGAXwMwBMEIAGwBpAJwBaEQHUA7BNkAWAKwAtEASgBzBAEYuQAAA%3D&optOut=false&rn=1&i=1677207227&sn=0&r=1677207227572
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/lib/clevertap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:2400:16:152c:ba40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0c42f7874320d5b8463c196fb7f8df8172ad7cc7f326343e297440c90b0f3047
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Feb 2023 02:53:47 GMT
Strict-Transport-Security
max-age=31536000;includeSubDomains;preload
Content-Encoding
gzip
Via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript;charset=utf-8
Vary
Accept-Encoding, User-Agent
X-Cache
Miss from cloudfront
Cache-Control
no-cache, no-store, no-cache, no-store
Connection
keep-alive
X-Amz-Cf-Id
jWGhQFqqOI-dtwThm4FG4fY_8rprzJ5TYs_y13U6cS8BZGGuSym2Rg==
Expires
0
a
in.wzrkt.com/ 		268 B
827 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.wzrkt.com/a?t=94&type=push&d=N4IgLgngDgpiBcIYDcYDswgDROWAcgIYC2ci%2BMA7gPoCCAxvQPYCuG1A8rGgJZoDmAAgA%2BggDIxCAE2oAFQvxgjBAZTAwo1NYQBOmHCjAARQmEIJQAUVQYipBCAo0GzNmE7c%2BQ0ROlyFSqJqGlpmetggAKoAKgCyWhyRAEoAwpYOETHxsZZGAJKRsRk4WdQptLGytHkA4vjFICksOjroYPKKDgAWYGBQAM7wAPRDTGgARky6Ul4AdGgsyCSElJIANmBds8zEQxGya6YAZkw6xA4A6jDj%2FTzq1EYw%2FQDWYExQIAC%2BODxSDgBsAGkAJwAWkBFwA7KDIQAWACsAC0IlB%2BAgAIw4C6IpKAsoVWQWECUYgfeAABhwYDW9AQAG0ALqfT5AAA%3D%3D&rn=2&i=1677207227&sn=0&gc=813741414fee4ff5982fac2d21e7a33b&arp=N4IgVg%2BgdiBcIC0DuBeFIA0ICW06IHUBGbAYwHMB7ACQCEkBNdLAEwgBcBnOABlYAteWAG5wiWSN3jAABAF9MOFvgBsAaQCcAWjUEA7Fr0AWAKwJFAUw5S%2BIAE7WxKvXoBMPN671ygA%3D&r=1677207227776
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/lib/clevertap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:2400:16:152c:ba40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f65589a8773c67e6abfca12ec62612451ac774af0543268bbb29ccf4853c4d56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Feb 2023 02:53:47 GMT
Strict-Transport-Security
max-age=31536000;includeSubDomains;preload
Content-Encoding
gzip
Via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript;charset=utf-8
Vary
Accept-Encoding, User-Agent
X-Cache
Miss from cloudfront
Cache-Control
no-cache, no-store, no-cache, no-store
Connection
keep-alive
X-Amz-Cf-Id
hFAa4C_Yt2xWX9ExFy4hQCqOKPEsLmggpXbSWQdEmnOKWXkQ-5CaSw==
Expires
0
a
in.wzrkt.com/ 		303 B
844 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.wzrkt.com/a?t=94&type=page&d=N4IglgJiBcIGwGkCcBaBB1A7CzAWArAFogA0IADgOYwCMZAxlTCABYAub5AztAPS8B7AHYAjAQEMAThDBDKAOiEBXAG7iAtuIDuAU3EAbNi3n0B63qRDpCAJQQB9AMIBBALIAFGKC3ryMAAxkbPr0MADaALoAvlFAAA%3D&rn=3&i=1677207227&sn=1&gc=813741414fee4ff5982fac2d21e7a33b&arp=N4IgVg%2BgdiBcIC0DuBeFIA0ICW06IHUBGbAYwHMB7ACQCEkBNdLAEwgBcBnOABlYAteWAG5wiWSN3jAABAF9MOFvgBsAaQCcAWjUEA7Fr0AWAKwJFAUw5S%2BIAE7WxKvXoBMPN671ygA%3D&r=1677207227777
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/lib/clevertap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:2400:16:152c:ba40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5caac503483ca4eb240a01025d7694835cb3b482f1b00350eb72d8c23e248d55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Feb 2023 02:53:47 GMT
Strict-Transport-Security
max-age=31536000;includeSubDomains;preload
Content-Encoding
gzip
Via
1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript;charset=utf-8
Vary
Accept-Encoding, User-Agent
X-Cache
Miss from cloudfront
Cache-Control
no-cache, no-store, no-cache, no-store
Connection
keep-alive
X-Amz-Cf-Id
dyI-kaZSSKoxHd6h2ZfnHbXxEsLKQCu5W0TWZbpwxu6U7MzQyT_59g==
Expires
0
wzrk_dialog.min.js
d2r1yp2w7bby2u.cloudfront.net/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2r1yp2w7bby2u.cloudfront.net/js/wzrk_dialog.min.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/lib/clevertap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5a31e088ca5323f5198d7a8642d71c8f98f28fe4c3602dd6dec3d6050cddba2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 02:49:25 GMT
Content-Encoding
gzip
Via
1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P4
Age
275
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 02 Feb 2023 10:21:09 GMT
Server
AmazonS3
ETag
W/"d88c7f215ede5f1df721205a700d563e"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1800, private
X-Amz-Cf-Id
0W-uRcLoJH6jHxdvKl4tzJNZfBzBYkDxlLBHd_6MqM9X2_ai6gVbEw==
PB_CT_new.png
d2r1yp2w7bby2u.cloudfront.net/js/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2r1yp2w7bby2u.cloudfront.net/js/PB_CT_new.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5815f8715aa038803c4aa101915b811fdc1e935fe4617a0da7a4f6586775071

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 02:52:17 GMT
Via
1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P4
Age
93
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
8497
Last-Modified
Thu, 02 Feb 2023 10:21:13 GMT
Server
AmazonS3
ETag
"178040ad9cf7040646d09a3a33c5ac4a"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=1800, private
Accept-Ranges
bytes
X-Amz-Cf-Id
nmjoWRf8xTMVL6p0bobUnuDKXpFW1AY88OYZeO4xyJUDs3cD3QjbLA==

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless function| $ function| jQuery object| dataLayer object| clevertap boolean| refreshKeyPressed boolean| modifierPressed object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| GooglebQhCsO function| createCookie function| readCookie function| eraseCookie object| dotq object| uetq function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData function| gtag function| UET function| UET_init function| UET_push object| ueto_07d449c79f object| YAHOO object| webpackJsonpao_ecosystem object| regeneratorRuntime function| $zopim function| getCookie function| getCookie1 boolean| trafficsrc string| URL1 string| ref function| getQueryVariable string| src1 string| med1 string| cam1 boolean| uat_present undefined| ref1 undefined| search_engine function| onYouTubeIframeAPIReady object| zEWebpackACJsonp function| zE function| zEmbed boolean| zEACLoaded object| wizrocket object| $WZRK_WR object| $CLTP_WR object| wzrkPermissionPopup

19 Cookies

Domain/Path Name / Value
.nuvamawealth.com/ Name: _gcl_au
Value: 1.1.506151258.1677207225
.nuvamawealth.com/ Name: _ga
Value: GA1.2.1614936933.1677207225
.nuvamawealth.com/ Name: _gid
Value: GA1.2.707621295.1677207225
.nuvamawealth.com/ Name: _fbp
Value: fb.1.1677207225015.293193637
.doubleclick.net/ Name: IDE
Value: AHWqTUmv01k9DhdmMKKcrGVjKruMi2W4MG-c5gA5UXQMwoGl4Q-taSQatRMPGjkKaXo
.yahoo.com/ Name: A3
Value: d=AQABBLkm-GMCEK32fEHb5JVf8vB2jBCccQsFEgEBAQF4-WMCZAAAAAAA_eMAAA&S=AQAAAqunOrAqWJ6A-JkO7n0uKzk
onboarding.nuvamawealth.com/ Name: LP
Value: https://onboarding.nuvamawealth.com/
onboarding.nuvamawealth.com/ Name: trafficsource
Value: Direct|Not set|
onboarding.nuvamawealth.com/ Name: source
Value: Direct
onboarding.nuvamawealth.com/ Name: medium
Value: Not set
onboarding.nuvamawealth.com/ Name: campaign
Value:
onboarding.nuvamawealth.com/ Name: platform
Value: undefined
.nuvamawealth.com/ Name: _uetsid
Value: 750e1a70b3ee11edb6902d92f1680944
.nuvamawealth.com/ Name: _uetvid
Value: 750e5f90b3ee11ed81520de4f7ad99a8
.bing.com/ Name: MUID
Value: 25182BD54BDF6DD4129D39174A736C32
widget-mediator.zopim.com/ Name: AWSALBCORS
Value: PQLmPQG7nZj4jHk1FzhW7GCuNQWWBLEza/OpRyks3IxeqPfyYjQuJQjPwsLc1SGmzcjC6QZ6rujhL75Ftam0kzGwie/iA6MeBjFTCRs/bMj6fVeRWqZxEW8fH8wM
.nuvamawealth.com/ Name: __zlcmid
Value: 1Ealcog03SUrwMp
.nuvamawealth.com/ Name: WZRK_G
Value: 813741414fee4ff5982fac2d21e7a33b
.nuvamawealth.com/ Name: WZRK_S_6K9-KW7-745Z
Value: %7B%22p%22%3A1%2C%22s%22%3A1677207227%2C%22t%22%3A1677207227%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8696767.fls.doubleclick.net
adservice.google.com
bat.bing.com
capsapi.nuvamawealth.com
code.jquery.com
connect.facebook.net
d2r1yp2w7bby2u.cloudfront.net
ekr.zdassets.com
googleads.g.doubleclick.net
in.wzrkt.com
onboarding.nuvamawealth.com
s.yimg.com
sp.analytics.yahoo.com
static.zdassets.com
trans.edelweiss.co.in
v2.zopim.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.16.107.139
104.18.70.113
142.250.185.230
143.204.89.123
172.217.18.2
2001:4de0:ac18::1:a:3a
212.82.100.181
2600:9000:2250:2400:16:152c:ba40:93a1
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:809::2008
2a00:1450:4001:811::200e
2a00:1450:4001:827::2004
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
34.117.197.73
52.222.214.54
52.222.236.55
0c42f7874320d5b8463c196fb7f8df8172ad7cc7f326343e297440c90b0f3047
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
1d495b44495409a61717a45e86717e1b860bec17610f726adcff7a500e6b7364
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
334792603e185228465fe1600d535be07b105133ea2b84c3df86f4d120dd1b07
3943ced17e3e77e5606dd8c3aa73c7405cb17b71c4ebaddb306d6b181f8ca994
42f6d50e37d9f753f598b66b1bd285d568bf831fed110a625615ccf48956c156
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b769774ce2aefaef75b0f125cc78c8fe7e4675557d358a3d499f8da08ada571
4d5823cae31104e8110e7f664af2694847c54cb0d1b1cbe4b146dbb58a0a62d2
589f71b2c407a5284ac96c6af6e4ae64074b24ed060e0d7d818c6089cae4f430
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59b0b341f2377d03855e6151484cc22019c58f997a11577715121d710fd2386c
5caac503483ca4eb240a01025d7694835cb3b482f1b00350eb72d8c23e248d55
5f4bffb30dae62c3c4a5d9c0138e73279a787cfa1661f7b3829e43ba700d4635
8fa5d7a0efd9855a9a16af74de30a4cafd2d58d687033e6c042499498195987d
9bf8557b926def5cd339ce7609924c262b3d9fc6bfd01758d7c973e5339859d6
9cc4ec8ad664968577c80aa7105c2d2e849906fa95b8b8c92004c80f18f2692f
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
ab60df6b60e2d9c6eb41d43c3c97b97419384c2fde934bf655e73e59ca237b41
b5a31e088ca5323f5198d7a8642d71c8f98f28fe4c3602dd6dec3d6050cddba2
b98d29c330f8b31fa996a11e2d08eb9717dccd66a9eb52dbf6a54278d40f8431
bb0e234d1e9f5a9cdf9d4a2deff29d9bbd1729826ac477f418a8055736c0c26e
c2d83ad40a286051bd88ec3207cfeccf2e94ad85e777d9fe84708256f37ace14
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b
cca3d75672ed655b4231f517610d6f5cd68ed2f53cec89e625a6b35dd0c09461
d5815f8715aa038803c4aa101915b811fdc1e935fe4617a0da7a4f6586775071
dfe8941b9a1edcc657f42f47fd803a2440c4ea0566979488ab2cc61380e0f995
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed5eec662b27f7c117c1536a39f5b625803802584062245468a9558fea0aa336
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2cc24a09986d6073472255b691b5557171b0dcac2ee4d6502c1e3e86216cc93
f65589a8773c67e6abfca12ec62612451ac774af0543268bbb29ccf4853c4d56
f881fd7a9ee8be6acdd9cfc7f8a9a6f981198be3daf2b50b1025f31f95f30f22