urlscan.io logo urlscan.io
SecurityTrails logo

analyze.nw-click.com Open in urlscan Pro
2600:9000:206f:6e00:c:d509:13c0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://email.devotionaloftheday.com/c/eJxFkkmOpDAQRU-TuUQesDELFqVu1Ql6nzIesBls8AA2p29q0y3FKvT-Dyn01AAppQDDluG3HFqlR_a2AwIIQQA7yDBEuI...
Effective URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditio...
Submission: On October 17 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 4 countries across 22 domains to perform 82 HTTP transactions. The main IP is 2600:9000:206f:6e00:c:d509:13c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is analyze.nw-click.com. The Cisco Umbrella rank of the primary domain is 675380.
TLS certificate: Issued by Amazon on August 25th 2022. Valid for: a year.
This is the only time analyze.nw-click.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.127.83.42 396982 (GOOGLE-CL...)
1 1 18.214.171.162 14618 (AMAZON-AES)
1 1 34.200.117.186 14618 (AMAZON-AES)
1 1 18.210.69.85 14618 (AMAZON-AES)
1 1 52.210.123.14 16509 (AMAZON-02)
21 2600:9000:206... 16509 (AMAZON-02)
9 104.18.42.63 13335 (CLOUDFLAR...)
9 52.21.227.162 14618 (AMAZON-AES)
1 6 54.167.80.156 14618 (AMAZON-AES)
2 2600:9000:223... 16509 (AMAZON-02)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 52.222.206.45 16509 (AMAZON-02)
1 54.166.70.103 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2600:1f18:24e... 14618 (AMAZON-AES)
4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 18.66.97.37 16509 (AMAZON-02)
3 184.86.103.17 20940 (AKAMAI-ASN1)
3 2a03:2880:f02... 32934 (FACEBOOK)
1 108.157.4.45 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 18.66.147.116 16509 (AMAZON-02)
1 18.66.112.15 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 44.240.88.7 16509 (AMAZON-02)
82 22
1    34.127.83.42 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.83.127.34.bc.googleusercontent.com
email.devotionaloftheday.com
1    18.214.171.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-171-162.compute-1.amazonaws.com
track.insight.devotionalcheckin.com
1    34.200.117.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-117-186.compute-1.amazonaws.com
wkwkero.com
1    18.210.69.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-69-85.compute-1.amazonaws.com
speedtrkzone.com
1    52.210.123.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-123-14.eu-west-1.compute.amazonaws.com
tracking.plpro.co
21    2600:9000:206f:6e00:c:d509:13c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
analyze.nw-click.com
9    104.18.42.63 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
www.nerdwallet.com
9    52.21.227.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-227-162.compute-1.amazonaws.com
leadid.onthebarrelhead.com
6    54.167.80.156 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-80-156.compute-1.amazonaws.com
api.trustedform.com
2    2600:9000:223d:6c00:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.trustedform.com
4    2606:4700:20::681a:21 (United States)

ASN13335 (CLOUDFLARENET, US)
api.onthebarrelhead.com
1    52.222.206.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-45.fra56.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
1    54.166.70.103 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-70-103.compute-1.amazonaws.com
deviceid.trueleadid.com
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
4    2600:1f18:24e6:b901:82bf:7748:2922:b37f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rum.browser-intake-datadoghq.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net
static.hotjar.com
3    184.86.103.17 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-103-17.deploy.static.akamaitechnologies.com
analytics.tiktok.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    108.157.4.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-45.dus51.r.cloudfront.net
script.hotjar.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    18.66.147.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-116.fra60.r.cloudfront.net
vars.hotjar.com
1    18.66.112.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-15.fra56.r.cloudfront.net
vc.hotjar.io
2    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    44.240.88.7 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-88-7.us-west-2.compute.amazonaws.com
api2.amplitude.com
Apex Domain
Subdomains		 Transfer
21 nw-click.com
analyze.nw-click.com — Cisco Umbrella Rank: 675380
1 MB
13 onthebarrelhead.com
leadid.onthebarrelhead.com — Cisco Umbrella Rank: 529254
api.onthebarrelhead.com — Cisco Umbrella Rank: 589263
11 KB
9 nerdwallet.com
www.nerdwallet.com — Cisco Umbrella Rank: 36960
58 KB
8 trustedform.com
api.trustedform.com — Cisco Umbrella Rank: 25908
cdn.trustedform.com — Cisco Umbrella Rank: 29116
42 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 379
12 KB
4 browser-intake-datadoghq.com
rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 2895
4 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 362
184 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
132 KB
3 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 872
97 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 619
script.hotjar.com — Cisco Umbrella Rank: 789
vars.hotjar.com — Cisco Umbrella Rank: 916
69 KB
2 amplitude.com
api2.amplitude.com — Cisco Umbrella Rank: 1497
287 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
222 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
135 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2195
259 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2668
342 B
1 trueleadid.com
deviceid.trueleadid.com — Cisco Umbrella Rank: 15510
2 KB
1 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
2 KB
1 plpro.co
tracking.plpro.co — Cisco Umbrella Rank: 772108
2 KB
1 speedtrkzone.com
speedtrkzone.com — Cisco Umbrella Rank: 766674
872 B
1 wkwkero.com
wkwkero.com
308 B
1 devotionalcheckin.com
track.insight.devotionalcheckin.com — Cisco Umbrella Rank: 701658
467 B
1 devotionaloftheday.com
email.devotionaloftheday.com
721 B
82 22
Domain Requested by
21 analyze.nw-click.com analyze.nw-click.com
cdn.trustedform.com
9 leadid.onthebarrelhead.com analyze.nw-click.com
deviceid.trueleadid.com
9 www.nerdwallet.com analyze.nw-click.com
cdn.trustedform.com
6 api.trustedform.com 1 redirects api.trustedform.com
cdn.trustedform.com
4 bat.bing.com www.googletagmanager.com
bat.bing.com
analyze.nw-click.com
4 rum.browser-intake-datadoghq.com analyze.nw-click.com
4 maps.googleapis.com analyze.nw-click.com
maps.googleapis.com
4 api.onthebarrelhead.com analyze.nw-click.com
3 connect.facebook.net analyze.nw-click.com
connect.facebook.net
3 analytics.tiktok.com analyze.nw-click.com
analytics.tiktok.com
2 api2.amplitude.com analyze.nw-click.com
2 www.facebook.com analyze.nw-click.com
2 www.googletagmanager.com analyze.nw-click.com
www.googletagmanager.com
2 cdn.trustedform.com analyze.nw-click.com
api.trustedform.com
1 vc.hotjar.io analyze.nw-click.com
1 vars.hotjar.com static.hotjar.com
1 region1.google-analytics.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.googletagmanager.com
1 deviceid.trueleadid.com d2m2wsoho8qq12.cloudfront.net
1 d2m2wsoho8qq12.cloudfront.net analyze.nw-click.com
1 tracking.plpro.co 1 redirects
1 speedtrkzone.com 1 redirects
1 wkwkero.com 1 redirects
1 track.insight.devotionalcheckin.com 1 redirects
1 email.devotionaloftheday.com 1 redirects
82 26
Subject Issuer Validity Valid
*.analyze.nw-click.com
Amazon		 2022-08-25 -
2023-09-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-08 -
2023-04-07		 a year crt.sh
leadid.onthebarrelhead.com
R3		 2022-09-14 -
2022-12-13		 3 months crt.sh
onthebarrelhead.com
Cloudflare Inc ECC CA-3		 2022-04-30 -
2023-04-30		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
deviceid.trueleadid.com
Amazon		 2022-01-07 -
2023-02-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.browser-intake-datadoghq.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-21 -
2023-07-22		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-27 -
2022-10-25		 3 months crt.sh
*.hotjar.io
Amazon		 2022-07-18 -
2023-08-16		 a year crt.sh
*.trustedform.com
Amazon		 2022-09-11 -
2023-10-09		 a year crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2022-01-28 -
2023-02-28		 a year crt.sh
cdn.trustedform.com
Amazon		 2022-04-14 -
2023-05-13		 a year crt.sh

This page contains 6 frames:

Primary Page: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
Frame ID: 85576BDFDDD5182051B7C062D1DF1E65
Requests: 70 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=F496C4F2-3E3F-FD11-7BA8-4165FB00D6C5&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Frame ID: 7FD0DF896A429A1ADCEFB279391D8C3B
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=F496C4F2-3E3F-FD11-7BA8-4165FB00D6C5&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Frame ID: 8580C900BBC3D1FAB3146F1B8BB881F7
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: DA26797C7AD6DA84351512C149B790CD
Requests: 1 HTTP requests in this frame

Frame: https://api.trustedform.com/certs
Frame ID: BE51BF74DCF59AFF33488AB6147BE803
Requests: 1 HTTP requests in this frame

Frame: https://api.trustedform.com/certs/a87a4b49e1f6a6b08c8cd3491fef02ccd9e13630/snapshot
Frame ID: 529FF529104F7B269B62510F2840F890
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NerdWallet: Make all the right money movesNerdWalletNerdWallet

Page URL History Show full URLs

  1. http://email.devotionaloftheday.com/c/eJxFkkmOpDAQRU-TuUQesDELFqVu1Ql6nzIesBls8AA2p29q0y3FKvT-Dyn01AAppQDDluG3HF... HTTP 302
    http://track.insight.devotionalcheckin.com/?xtl=vfypxfitn30jrncvobezn5npzkbdgao27xwfag6isse57jvzzs0eb054x6ydc9llx1vzxhl... HTTP 302
    http://wkwkero.com/?E=QSBALucJonI1vncQhFBWi8Ce%2bTPVyvQIDbfaF54T%2fx8%3d&s1=2ATC&s2=1666031482-... HTTP 302
    https://speedtrkzone.com/?E=QSBALucJonI1vncQhFBWi8Ce%2bTPVyvQIDbfaF54T%2fx8%3d&s1=2ATC&s2=1666031482-... HTTP 302
    http://tracking.plpro.co/aff_c?offer_id=99&aff_id=1006&aff_sub=42575&aff_sub2=2ATC&aff_sub3=383939476... HTTP 302
    https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=Ne... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

82
Requests

98 %
HTTPS

38 %
IPv6

22
Domains

26
Subdomains

22
IPs

4
Countries

1853 kB
Transfer

6607 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://email.devotionaloftheday.com/c/eJxFkkmOpDAQRU-TuUQesDELFqVu1Ql6nzIesBls8AA2p29q0y3FKvT-Dyn01AAppQDDluG3HFqlR_a2AwIIQQA7yDBEuIEaS9pBwDtJEWT9qwVSnT5Z7_jqdTJK8toIv73NQBHnmEgpmMSCU6kgxC2RgLRaISzEex1MSvsLf73Q9zMpcLE01kU7mdT8rxVGicW6n9YfEH-XtL7w71PXvWibHAZzcOL0o7odcfu9jHLiHnXl0nyiNkZFuvm87wjU-BwvtErRr2uB513MetkD5pG4zeYkfcvMxuYjuHS0KJx3Gn3OWk7TGIFAKGwLL96gaaeov8aRVb7NjDlfOZ6B6I9MI68s2FZs7XjWe6GjUibbSkC69lvzHqlQO7lAsh5YAkTAbnRP8l2dNqlDXYRhXhQqJoZW6KDPfUf35c4YzBZEnyMBCnciXnCiRpPWbLyGgLm78XXrC3OY7h3Vi3m19jv3_ZZldhPRL0SVNc_jsJoj0ZCKWvc9t6VDk-45W1Ni6cIGbbPujoeWPPGo0kd4qZ4Y-vrz69l6UT46O_GxoccblwrAUow9Tvgw_xRC7zBc3EnenCpI-2jihYlOhcaH6Z2G0oT5VB406Jx1A5qjjNCTxqQ-pa3pGM1LQxQa-WPcvPwFK1PjrA HTTP 302
    http://track.insight.devotionalcheckin.com/?xtl=vfypxfitn30jrncvobezn5npzkbdgao27xwfag6isse57jvzzs0eb054x6ydc9llx1vzxhlwiq1ub5nmiutdo48hm8jqrntq42rvztbouufdggbs0c22rmkaxoh2gp629wbb8yamj88noya3j0c9qu6say8ri4cm4bvyzk6beehuiy50twpzfa92ery7dk15lq3d0250phf95uzynfht727s1rjke2xhsr4cfrfvpp2zwnvsrhmrc9us50e37csw1g6hf54hmayrr3anz3wzfw3a1tzp2yw8oel9pao9mudung5f&eih=3ejs5f16cyyppu4x72gf9a8ltt8tw3h2mjf7q&dataset_code=2ATC&ocx_func_ir93made01xxhiqv1=1666031482 HTTP 302
    http://wkwkero.com/?E=QSBALucJonI1vncQhFBWi8Ce%2bTPVyvQIDbfaF54T%2fx8%3d&s1=2ATC&s2=1666031482-101722 HTTP 302
    https://speedtrkzone.com/?E=QSBALucJonI1vncQhFBWi8Ce%2bTPVyvQIDbfaF54T%2fx8%3d&s1=2ATC&s2=1666031482-101722&ckmguid=f8c15f67-85c0-4d40-86c3-9e0506bf9bb7 HTTP 302
    http://tracking.plpro.co/aff_c?offer_id=99&aff_id=1006&aff_sub=42575&aff_sub2=2ATC&aff_sub3=383939476&aff_sub4=1666031482-101722&aff_sub5= HTTP 302
    https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16660365134640.29363098178177327&invert_field_sensitivity=false HTTP 301
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16660365134640.29363098178177327&invert_field_sensitivity=false

82 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request personal-loan
analyze.nw-click.com/
Redirect Chain
  • http://email.devotionaloftheday.com/c/eJxFkkmOpDAQRU-TuUQesDELFqVu1Ql6nzIesBls8AA2p29q0y3FKvT-Dyn01AAppQDDluG3HFqlR_a2AwIIQQA7yDBEuIEaS9pBwDtJEWT9qwVSnT5Z7_jqdTJK8toIv73NQBHnmEgpmMSCU6kgxC2RgLRaISz...
  • http://track.insight.devotionalcheckin.com/?xtl=vfypxfitn30jrncvobezn5npzkbdgao27xwfag6isse57jvzzs0eb054x6ydc9llx1vzxhlwiq1ub5nmiutdo48hm8jqrntq42rvztbouufdggbs0c22rmkaxoh2gp629wbb8yamj88noya3j0c9q...
  • http://wkwkero.com/?E=QSBALucJonI1vncQhFBWi8Ce%2bTPVyvQIDbfaF54T%2fx8%3d&s1=2ATC&s2=1666031482-101722
  • https://speedtrkzone.com/?E=QSBALucJonI1vncQhFBWi8Ce%2bTPVyvQIDbfaF54T%2fx8%3d&s1=2ATC&s2=1666031482-101722&ckmguid=f8c15f67-85c0-4d40-86c3-9e0506bf9bb7
  • http://tracking.plpro.co/aff_c?offer_id=99&aff_id=1006&aff_sub=42575&aff_sub2=2ATC&aff_sub3=383939476&aff_sub4=1666031482-101722&aff_sub5=
  • https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId...
1 KB
972 B 		Document
General
Check archive.org
Download Go to
Full URL
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38a90e4f4ecd3208b29b98998e078ab123edd00110f374519fcaac46e912ef77

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=0, s-maxage=2
content-encoding
gzip
content-type
text/html
date
Mon, 17 Oct 2022 19:55:14 GMT
etag
W/"1f90c52f97fe3d7ac015d760ff2f25c5"
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
x-amz-cf-id
PLkWLWLJxUpmWa_XlsKoZQhSTQkqhOcPs7Tpve3aFWtLBUQNUOb52w==
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront

Redirect headers

Access-Control-Allow-Headers
Tune-SDK-Version
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
588
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 17 Oct 2022 19:55:12 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx
Tracking_id
102d90eee936ffbe3b339dbab7a0ea
X-Request-Id
79885a7d6b25bf7410b8552ad11045d6
X-Robots-Tag
noindex, nofollow
Gotham-Medium--critical.ee5c613487.woff2
www.nerdwallet.com/cdn/fonts/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/cdn/fonts/Gotham-Medium--critical.ee5c613487.woff2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.42.63 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18157870a65e487555dce9077bd3351b73a34fbdb844c4619b6fb5c530d58273

Request headers

Referer
https://analyze.nw-click.com/
Origin
https://analyze.nw-click.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
x-amz-version-id
WGxNQy8mBtoftWr2HdFv7vIcvFCp7NaI
cf-cache-status
HIT
x-amz-request-id
AQ77KH1FY8N311SR
age
3749377
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9436
x-amz-id-2
r884Kwl/DkGDZS69Cf2QTOCBD/9EUNXy6MV/ojlhy48/ssdbRhrwrzARRdX7FQaWNl55mmEAQOs=
last-modified
Mon, 22 Mar 2021 20:57:27 GMT
server
cloudflare
etag
"ee5c6134876f0895658e48bb0bda8971"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
75bb972ffe0bbbcb-FRA
x-nerd
Edge
Gotham-Book--critical.fdbad282be.woff2
www.nerdwallet.com/cdn/fonts/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/cdn/fonts/Gotham-Book--critical.fdbad282be.woff2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.42.63 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba8be65746ca30fadff7deb639117ec587a44e0428f89218d70bc5e4888ac308

Request headers

Referer
https://analyze.nw-click.com/
Origin
https://analyze.nw-click.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
x-amz-version-id
YqixNq.3i6.6M4vrHwt_2_NRU9maJc4k
cf-cache-status
HIT
x-amz-request-id
H0EG4TG0YT58AQB7
age
2499085
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9492
x-amz-id-2
YP59zSDFOJJ/oN30BzvVs8/SutyBaYhnx9X5rWz/RaD4VXpqcS7xUJVLfgosWbB+y+DbNp+40uo=
last-modified
Mon, 22 Mar 2021 20:57:29 GMT
server
cloudflare
etag
"fdbad282bee3da1c38146487b9c2f412"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
75bb972ffe0ebbcb-FRA
x-nerd
Edge
Gotham-Bold--critical.dcf83fb890.woff2
www.nerdwallet.com/cdn/fonts/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/cdn/fonts/Gotham-Bold--critical.dcf83fb890.woff2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.42.63 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ae4bbc3bbd5733dcaf9302940b4115e5871733f71ab3f3e7250e693b4d05f6d

Request headers

Referer
https://analyze.nw-click.com/
Origin
https://analyze.nw-click.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
x-amz-version-id
csXDMdMerAERSVKnyZV8Lz_tNycn6X8X
cf-cache-status
HIT
x-amz-request-id
EZKDZYZKZQQ5QCQV
age
5996273
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=FxmSJ.JBTEE9mKKCmrm0cpVzcT.ZW60l9NXXZth5YuI-1666036513-0-AZNzwZ1j1FiZvIsovHNO0qhExp13Zm-SE0N2TaP5-svOyHtAjPI8uFSp_b2MeMo5P-M3NNiLeRGxyQVVxVY07R9MyiNTUxkcN9EGJ-MMCEQu; report-to cf-csp-endpoint
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9112
x-amz-id-2
cCOT8OQL+6eQKpsecEIfbWDDmv4KfABHu7L3j1MKAG4NV4u1T1RJDKy3pZ6qvUAU4hMoN5WsfLQ=
last-modified
Mon, 22 Mar 2021 20:57:29 GMT
server
cloudflare
etag
"dcf83fb8902adcc5fd75fdf6da548573"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=FxmSJ.JBTEE9mKKCmrm0cpVzcT.ZW60l9NXXZth5YuI-1666036513-0-AZNzwZ1j1FiZvIsovHNO0qhExp13Zm-SE0N2TaP5-svOyHtAjPI8uFSp_b2MeMo5P-M3NNiLeRGxyQVVxVY07R9MyiNTUxkcN9EGJ-MMCEQu"}],"group":"cf-csp-endpoint","max_age":86400}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
75bb972ffe10bbcb-FRA
x-nerd
Edge
ChronicleDisplay-Semibold--critical.2c31edcaf3.woff2
www.nerdwallet.com/cdn/fonts/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/cdn/fonts/ChronicleDisplay-Semibold--critical.2c31edcaf3.woff2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.42.63 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c45992da4f0169a7651346ef0a4cb27efe93b28a3b80d230a6f428a0e242db65

Request headers

Referer
https://analyze.nw-click.com/
Origin
https://analyze.nw-click.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
x-amz-version-id
hxLS9BBjDUYsoPEtm4oIowkdM_ODkcgf
cf-cache-status
HIT
x-amz-request-id
CAXDEAN7QJEC7YW7
age
2028275
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11012
x-amz-id-2
ntcq8BP8zbtzO5K5ZMSxfLnXBKbXnVv7Xf2MwbyBx7y6Gd+NeCXWWuXvQ6LQe67pL5q9Bc8Uzms=
last-modified
Mon, 22 Mar 2021 20:57:29 GMT
server
cloudflare
etag
"2c31edcaf37bc7ca0ca1103d29b5f5f1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
75bb972ffe12bbcb-FRA
x-nerd
Edge
ChronicleDisplay-Roman--critical.835fdb1566.woff2
www.nerdwallet.com/cdn/fonts/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/cdn/fonts/ChronicleDisplay-Roman--critical.835fdb1566.woff2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.42.63 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
159c6b1e9f2d3b4d2fc9530c5da40152f37a34551bd0a7fb528f7ff6e3d9d83a

Request headers

Referer
https://analyze.nw-click.com/
Origin
https://analyze.nw-click.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
x-amz-version-id
TByrbO0kqrqPKmq32uLn3LcxEk8692TL
cf-cache-status
HIT
x-amz-request-id
CAX5R41YN93AXAH6
age
2028275
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10240
x-amz-id-2
KeZBZeGRqqJc83jsqHRGDF2BOJB/VjgU+lCZiUbh5hBGBqEfQMBVxwVDlrRG1bsVaq/LDu+MaC0=
last-modified
Mon, 22 Mar 2021 20:57:28 GMT
server
cloudflare
etag
"835fdb1566f032e3c41742af1a1ebc3c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
75bb972ffe13bbcb-FRA
x-nerd
Edge
nerdwallet.fddd0e9f.css
analyze.nw-click.com/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analyze.nw-click.com/nerdwallet.fddd0e9f.css
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5421dc0e3f4bff0e2f63bd5b0ef1de5eeefbca93253cebacca55a7847f95823f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
content-encoding
gzip
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
1
x-amz-server-side-encryption
AES256
etag
W/"d698d768548a88516a778635bae28b7d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
2qDuntQb_mDq-bp8iLz6lIVSfliQ3aZp46tfNnc769EzdBUiB6N4xw==
nw-pixel-v1.gif
www.nerdwallet.com/blog/wp-content/themes/nerdwallet/assets/tracking/ 		42 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nerdwallet.com/blog/wp-content/themes/nerdwallet/assets/tracking/nw-pixel-v1.gif
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.42.63 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
content-security-policy
frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42
x-xss-protection
1; mode=block;
last-modified
Mon, 10 Oct 2022 14:42:35 GMT
server
cloudflare
etag
"63442f5b-2a"
x-frame-options
SAMEORIGIN
vary
Origin, Origin
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
75bb97300fb9920e-FRA
x-nerd
Edge
expires
Thu, 31 Dec 2037 23:55:55 GMT
nerdwallet.b70d6938.js
analyze.nw-click.com/ 		4 MB
965 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analyze.nw-click.com/nerdwallet.b70d6938.js
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b5c1ca37e9516661f3389aa8e7a0605d17c9102482a75398864017093ccf107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
content-encoding
gzip
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
1
x-amz-server-side-encryption
AES256
etag
W/"d30970fb844b55ae95cf3bae9ea5081b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
kWdqfQQNyurE1k5H3MeSt9ybym0KpQPg1kTgWEC__9uDj1vVLBOSPQ==
GenerateToken
leadid.onthebarrelhead.com/2.11.9/ 		36 B
992 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/GenerateToken?msn=1&pid=a7b2f977-5781-4f8c-9358-74f1f6151686&_=339861140
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-227-162.compute-1.amazonaws.com
Software
envoy /
Resource Hash
c791750daaad26bd6bf7e095b882e28a7d9a13e7ffabfe23ff3f2fec49b9f62f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 17 Oct 2022 19:55:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
54
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bootstrap.js
cdn.trustedform.com/
Redirect Chain
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16660365134640.29363098178177327&invert_field_sensitivity=false
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16660365134640.29363098178177327&invert_field_sensitivity=false
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16660365134640.29363098178177327&invert_field_sensitivity=false
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
Protocol
H2
Server
2600:9000:223d:6c00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d80f782c175ee34155d9df75ffb2ebeff7e968fa049ed143ccf65e517a5c1b9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
x-amz-version-id
to7EtxbNw4wTQ51GTUC55F9UIeZCxiGL
content-encoding
gzip
last-modified
Mon, 03 Oct 2022 18:12:40 GMT
server
AmazonS3
via
1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
etag
W/"ba4b583161aee0d60d41a21495f9f7f2"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
gxCKg882yoe-7UrWbGAJ6cuKlfgLwBEIOGE4IxbHNuO0uneIRD2RyQ==

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16660365134640.29363098178177327&invert_field_sensitivity=false
date
Mon, 17 Oct 2022 19:55:13 GMT
server
awselb/2.0
content-length
134
content-type
text/html
session
api.onthebarrelhead.com/api/v1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.onthebarrelhead.com/api/v1/session
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74062f99543afef3e2f4b6424232d80c104a07853e914403687d5b077f06e0bb

Request headers

Accept
application/json, text/plain, */*
Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 17 Oct 2022 19:55:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
origin,accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cf%2B%2BATf5jjbfyKwgj2dxzweWp%2Fs7684J12pcedG0UU%2FJd8zXd8sDm%2BawY1vkXOIArrfobl2UsU2vrmbyVuD9VPU6ydNhhwAjlrZtP4RkVkA%2FWOGb9Px81cxvDEiMbkOTNcNZaHFzWRlViRizf33fJszqWbRi"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
cf-ray
75bb973668a268e9-FRA
session
api.onthebarrelhead.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.onthebarrelhead.com/api/v1/session
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://analyze.nw-click.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match
access-control-allow-methods
POST
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75bb97348ced68e9-FRA
date
Mon, 17 Oct 2022 19:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CAvlBbJ4sYHMuMuJ98%2B6ckxggRJ0qHYJQS%2BVXRDf1vWf5vhJlIWbD7%2F1pjlF%2FR%2BWQ0ZqM792KSmA%2BGhcsezChLo09DcxqqN8ng4R6mt1XT302Mxt62%2FqsvSk0r26VRUBbRgpuQjV1Pb4v916QJX8YmBdnXnx"}],"group":"cf-nel","max_age":604800}
server
cloudflare
95e16d67-4900-4878-bbd7-d37de39b0a6e
https://analyze.nw-click.com/ 		25 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://analyze.nw-click.com/95e16d67-4900-4878-bbd7-d37de39b0a6e
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48da1f3149b6e00e95d8ef4a57e773ab558a864b77c96f6019e4cfebe19106a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
25754
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 7FD0 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=F496C4F2-3E3F-FD11-7BA8-4165FB00D6C5&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-45.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
62051
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 17 Oct 2022 02:41:03 GMT
ETag
W/"63472048-dbb"
Last-Modified
Wed, 12 Oct 2022 20:15:04 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
X-Amz-Cf-Id
nS4XSSmz9A2RyUbdCdKclLSM-Sy6fJqlye2I4k1YZW5tu2oMvItJPw==
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Hit from cloudfront
SaveDom
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/SaveDom?msn=2&pid=a7b2f977-5781-4f8c-9358-74f1f6151686&token=F496C4F2-3E3F-FD11-7BA8-4165FB00D6C5&_=339861141
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-227-162.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 17 Oct 2022 19:55:14 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
6
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
iframe.html
deviceid.trueleadid.com/ Frame 8580 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deviceid.trueleadid.com/iframe.html?token=F496C4F2-3E3F-FD11-7BA8-4165FB00D6C5&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Requested by
Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=F496C4F2-3E3F-FD11-7BA8-4165FB00D6C5&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.70.103 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-70-103.compute-1.amazonaws.com
Software
nginx /
Resource Hash
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer
https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=86400 public
content-encoding
gzip
content-type
text/html
date
Mon, 17 Oct 2022 19:55:14 GMT
etag
W/"632c7ff9-1049"
expires
Tue, 18 Oct 2022 19:55:14 GMT
last-modified
Thu, 22 Sep 2022 15:32:09 GMT
p3p
CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server
nginx
Snap
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/Snap?msn=3&pid=a7b2f977-5781-4f8c-9358-74f1f6151686&token=F496C4F2-3E3F-FD11-7BA8-4165FB00D6C5&_=339861142
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-227-162.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 17 Oct 2022 19:55:14 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
6
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Snap
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/Snap?msn=4&pid=a7b2f977-5781-4f8c-9358-74f1f6151686&token=F496C4F2-3E3F-FD11-7BA8-4165FB00D6C5&_=339861143
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-227-162.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 17 Oct 2022 19:55:14 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
5
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
gtm.js
www.googletagmanager.com/ 		198 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MNTN8H2
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cc388194bf123ec4bfc0ed8e8098023bc1cd8453d94729986d711a6f522040ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69279
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Oct 2022 19:55:14 GMT
js
maps.googleapis.com/maps/api/ 		169 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyDS-PiX0T0HhN3K_69LEvUOYySpGxNAaGk&libraries=places
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
deaf4755d9da347b937b7b0ca90f0c5b811f380f4f9386b3ba081f73e5dec1e5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:14 GMT
content-encoding
gzip
server
mafe
vary
Accept-Language
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=26
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56573
x-xss-protection
0
expires
Mon, 17 Oct 2022 20:25:14 GMT
upgrade.28544a93.png
analyze.nw-click.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/upgrade.28544a93.png
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
37473b44ff83bdebfe4656b14121fcf6213f1ab9c96be74e0b060f3cd9c11c11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"b422751a04be77117bf763c033cc4353"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
2903
x-amz-cf-id
EnJmJpbfRJ_fJT3BHVnfrBv4MfAZcXNlpLJnj8UFdwk7UunQZT0_ig==
sofi.1a9e3ad8.png
analyze.nw-click.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/sofi.1a9e3ad8.png
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
209bbba6f7163b259848583858ea8e1cb5761089ad194de95a97e9601f9d7ccc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"c4ce1ffe77ee99b77622a8ce267fd01e"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
1598
x-amz-cf-id
G-PqVTjpXyvJBRXTAZJvdIPxQY7C_h1liQz75eHwl508xU0UwV4sWQ==
lendingclub.9d282818.png
analyze.nw-click.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/lendingclub.9d282818.png
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d793e9fc718ea6e7c8e81ddf7cdef6cc4bf5817c4869171b56fddbdee811269

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"bbfb5d51d9a49005840cfba234bf3724"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
5732
x-amz-cf-id
jJRwVOvi-as3ImkoXQMCqa6vmRLxs9x2nAAYEWhG36FZVXdrUpQfwQ==
bestegg.48958c73.png
analyze.nw-click.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/bestegg.48958c73.png
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae68e771989d53e83a9887becea1cf92f05bb050409188d4476e8fe12834eaa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"cabb4579944c8b296d788a5ed918857f"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
3870
x-amz-cf-id
q1DC4wpIa1J9P5mAfBenv2YigTY831-8JdrFd4VMQ0bMq-s3zwZ5qA==
prosper.b70e666b.png
analyze.nw-click.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/prosper.b70e666b.png
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c53686b7318dc68f809d337ab0a9ec82db4d9d77e4f8c2d882151aef6cca082

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"d732796ac77a22219c2f0e4c9c661590"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
4042
x-amz-cf-id
5paudxCxlEyXZWoCWaNJPuWnCc1ek694PAbqSzs_0kEzUsNZvBtOSQ==
graphic.5182f59d.svg
analyze.nw-click.com/ 		56 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/graphic.5182f59d.svg
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d37da68533f0bec1e870616609117f51870aa044e96f81c85bfb24a32e3253e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
content-encoding
gzip
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"ac26fc1d0e12f359d738a22e75ea1be3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
tmjrC0Bk0My73YG1GUN-r1flnE6g8LhmP_6ty97EgLLHnmZLF6hFew==
step1.4798433f.svg
analyze.nw-click.com/ 		28 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/step1.4798433f.svg
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df7d904b769cd337e322637742dc8a004200cc4142d7b4fb40f1b3c222191774

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
content-encoding
gzip
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"b1ff304176046161d4322acb12f5a3ea"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
rVG5WEQuCpXh2m8Jilapb-RknMrXBu16vPPh5Lhn6S_Ijo928ER36w==
step2.951bb7f4.svg
analyze.nw-click.com/ 		13 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/step2.951bb7f4.svg
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b71779fb6bf169b8f365ad4ed7bb2559e122941f613cc69e6cd2004635f92fc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
content-encoding
gzip
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"b0de2862c933fecd011c45411876b971"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
1s_qwfYUjFI415SYHF7vR4ofEfuM-JPfDo_Q3DDdQECfd5UJ2cGdjQ==
step3.837fc13e.svg
analyze.nw-click.com/ 		40 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/step3.837fc13e.svg
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d925fff8efab019e1af1ff0f17536c75c75a98d4a3a4e2a0da301bb7e43488fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
content-encoding
gzip
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"a798479fcc047df801b207b7f84457a5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
Mn8YkdWapzZotL5IRIAkic7zRB_yF9QtxvUHRErbAiLXDOe1wxFfbw==
events
api.onthebarrelhead.com/api/v1/session/ 		150 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.onthebarrelhead.com/api/v1/session/events
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70588ac082957dde0611e68e883ca8be737c93b8451b4b88a63f8280dee71af3

Request headers

Accept
application/json, text/plain, */*
Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
Authorization
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI4MjM4YTMxYTNiMTU0MGUwYTdhYmRmOWM3ZjUwMTU5NSIsImlhdCI6MTY2NjAzNjUxNCwiZXhwIjoxNjY2MTIyOTE0LCJ2IjoiMiIsInN1YiI6Njg5MTkzMjl9.MtPe82798nZVyYd-3VFlcYSEfmFK5vODj7giXvIVQl8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 17 Oct 2022 19:55:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCncEHESmj07Diq2yE8jR0HjN2Xu6hDwJWLbjLMvJhwO2cbzwD3I3ffqC8lKOtRdlfCQfjsAt8A6A0Nj3K9HmkmrEOsakYgRqLhT9uNrIkyTxFxfviMskhqGNp0bjnLg87AaaWSBg1ve0iDd%2BU65OGTf8iHb"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
cf-ray
75bb9739ae8868e9-FRA
content-length
150
query0
www.nerdwallet.com/api/ 		51 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/api/query0
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.42.63 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb9e9fef68b5e9d72ae30f7a82d7d8aba8034672cd49059ffd4d9ed64dcc24ae
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/json, text/plain, */*
Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
X-Caller-Client-ID
analyze
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
X-Client-Platform
web
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-security-policy
frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
server
cloudflare
etag
W/"33-s5cngptRtWdwa40P6GTKLptVFug"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
75bb973a59c2bbb9-FRA
x-nerd
Edge
events
api.onthebarrelhead.com/api/v1/session/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.onthebarrelhead.com/api/v1/session/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://analyze.nw-click.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match
access-control-allow-methods
POST
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75bb9738acdd68e9-FRA
date
Mon, 17 Oct 2022 19:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0d2JbYt%2Bmf%2Fh4Hl90kIoyEdGTQeOtJqr2jDX0OmP9bsBVMzYeDJ2Kte5jc2nQRRjyn8q1Sm2UfWoVKK8sP15EoAJpEx%2FkZo7zA5YJG7Iyal1zmtzIFMe2Vyx1qI25ZWeoGDBivyTA0Cw8HhXo86vVcxozr0A"}],"group":"cf-nel","max_age":604800}
server
cloudflare
query0
www.nerdwallet.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.nerdwallet.com/api/query0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.42.63 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-caller-client-id,x-client-platform
Access-Control-Request-Method
POST
Origin
https://analyze.nw-click.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-caller-client-id,x-client-platform
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75bb9738aa40bbcb-FRA
content-security-policy
frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=qtCHwNOcJA.LxSkivMSsMjS6GIyznvreveOzPYjLC8E-1666036514-0-AVYEqO1q-0URpU_4J_VBzluo74alM1EqxP2ZQm_Q6qJwt9Y6lTr8eLQDjQAsvdAXoOE0Mvy5QAU6qhEfZDSAuP8MQJJ3pugBb4KrXB6NBtCi; report-to cf-csp-endpoint
date
Mon, 17 Oct 2022 19:55:14 GMT
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=qtCHwNOcJA.LxSkivMSsMjS6GIyznvreveOzPYjLC8E-1666036514-0-AVYEqO1q-0URpU_4J_VBzluo74alM1EqxP2ZQm_Q6qJwt9Y6lTr8eLQDjQAsvdAXoOE0Mvy5QAU6qhEfZDSAuP8MQJJ3pugBb4KrXB6NBtCi"}],"group":"cf-csp-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Access-Control-Request-Headers, Origin, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-nerd
Edge
x-xss-protection
1; mode=block;
SaveDeviceId.js
leadid.onthebarrelhead.com/2.11.9/ Frame 8580 		0
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/SaveDeviceId.js?lac=22813350-8774-3000-19AC-FC31C47988BB&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&methods=48&token=F496C4F2-3E3F-FD11-7BA8-4165FB00D6C5&uuid=f83959a6fc914fb595a519283ce100dc
Requested by
Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=F496C4F2-3E3F-FD11-7BA8-4165FB00D6C5&apiurl=https%3A%2F%2Fleadid.onthebarrelhead.com%2F2.11.9&lck=6A646C57-A079-2DAF-11AA-FA12E35CE4D2&lac=22813350-8774-3000-19AC-FC31C47988BB
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-227-162.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deviceid.trueleadid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 19:55:14 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
10
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
rum
rum.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.17.1%2Cservice%3Aanalyze-front-end&dd-api-key=puba17748089e0d77f22b4c6dfedca76a53&dd-evp-origin-version=4.17.1&dd-evp-origin=browser&dd-request-id=3089d3cb-1d91-4935-aa2e-e7f00c5c36a2&batch_time=1666036514670
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:82bf:7748:2922:b37f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNTN8H2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 17 Oct 2022 19:55:14 GMT
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 794723A5DA6347599219C0C497AACC09 Ref B: FRA31EDGE0207 Ref C: 2022-10-17T19:55:14Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11367
hotjar-542041.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-542041.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNTN8H2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-37.fra56.r.cloudfront.net
Software
/
Resource Hash
7e6c865ab64d2cd8c6bc7faf32005647387728a6510bd27d097131aa3beae88a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:13 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/528a80df8aad59bf3701a7574102ead2
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
x-amz-cf-id
9OIGifhag_L7UBmu6tzjxWafx4c8ixagigHqcRNWXbUFXt2v6vcMFw==
events.js
analytics.tiktok.com/i18n/pixel/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9682D3C77U9N0P9530G&lib=ttq
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-103-17.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ce6bc560b05dfbd3518479bfe62f74f38a38939bc9bac10033160a3b589a86ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-akamai-request-id
4f0f01a0
date
Mon, 17 Oct 2022 19:55:15 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a184-86-102-17.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=96
content-length
990
pragma
no-cache
server
nginx
x-tt-logid
2022101719551593B4873BC40F446B717C
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
96,184.86.102.17
x-tt-trace-host
01e10739828fc0dcde6074192940a8d74e56dc9fcef58a663cbc1a42ed62e63201c1d5232f929b20212a53ca1ff7797edaa8c106a8b8b90bfc6594c5d2bf847a636c41cd6f347e00e717c7542aad96606d
expires
Mon, 17 Oct 2022 19:55:15 GMT
js
www.googletagmanager.com/gtag/ 		183 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X4363VV9ZN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNTN8H2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a6c34d0f59a8618fc0508f93c6eb3118bb71c9cd9b7aa60680454cea18820b2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
67947
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 17 Oct 2022 19:55:14 GMT
fbevents.js
connect.facebook.net/en_US/ 		102 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
df95c359e3559c219087fcb7d390b577cbd6577c0338d18644bd275149c62a86
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 17 Oct 2022 19:55:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
27029
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
+uilPwaHmXALpDp+hu5Z6tjIyXKOzACTWYqnm9PytBcMP2ZCUNTXZY9AbKbRVfQk4yaGAyin+1usSN9Cd8WUkg==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://analyze.nw-click.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23
x-xss-protection
0
modules.db0fd5db80f832174879.js
script.hotjar.com/ 		254 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.db0fd5db80f832174879.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-542041.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-45.dus51.r.cloudfront.net
Software
/
Resource Hash
10e59eebc56bdd8afae70a6ed3187b25317a7a8993374b539fa45b8277443274
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 08:42:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 5db4f6b1c04035a37ba6548e89b362be.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
age
40389
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
66081
last-modified
Mon, 17 Oct 2022 08:41:52 GMT
etag
"5278d8852118d6fae8702063aa272573"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
yCGqNn-tFj9hNZYMi7GyU3KrQlTnTUhPisbjOYmV9fMbdcKYpPC9Sg==
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.85
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 17 Oct 2022 19:55:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
20715
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
mBj3cEY/agF6FkGAwa8xcIuFvrjst3QwLGd0wX1XKucWp2YGf0xe560W/1SyAu65MZDQw6Z92jxqqPiUM6dCoA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
145605262667436
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/145605262667436?v=2.9.85&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5f2918a3837e166689fe62eae82565780f8e4e447790a9cf643e36f3817cf3d1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 17 Oct 2022 19:55:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Qutny+Q5PTUmbTD9ir+GizXoiICzwyIhZWgF5QAkCLVcOqYNCSlJ3k9gpdWmc8OiXGOJ/SFelTIHbFng5ULNVA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
5715165.js
bat.bing.com/p/action/ 		0
119 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5715165.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Mon, 17 Oct 2022 19:55:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 288F12E5D46D499B8CA458D4324F2655 Ref B: FRA31EDGE0207 Ref C: 2022-10-17T19:55:14Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5715165&tm=gtm002&Ver=2&mid=66d1f1af-8d8f-464a-82ca-a369d230c0ee&sid=9e13a1e04e5511eda85a1b178ccda071&vid=9e13c2f04e5511ed87342d005e952028&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=NerdWallet%3A%20Make%20all%20the%20right%20money%20moves&p=https%3A%2F%2Fanalyze.nw-click.com%2Fpersonal-loan%3Futm_source%3DDA%26utm_medium%3Daffiliate%26utm_campaign%3D42575%26offer%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26affiliateId%3D1006%26affiliateName%3DDA%26subId1%3D42575%26subId2%3D2ATC%26subId3%3D383939476%26subId4%3D1666031482-101722%26subId5%3D%26subId6%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26hoTid%3D102d90eee936ffbe3b339dbab7a0ea%26hoOfferId%3D99&r=&lt=3180&evt=pageLoad&sv=1&rn=204350
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 17 Oct 2022 19:55:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9BC484A0A99249FE9E65437FD0FF37A5 Ref B: FRA31EDGE0207 Ref C: 2022-10-17T19:55:14Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
rum.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.17.1%2Cservice%3Aanalyze-front-end&dd-api-key=puba17748089e0d77f22b4c6dfedca76a53&dd-evp-origin-version=4.17.1&dd-evp-origin=browser&dd-request-id=d0dc2128-6f56-4cef-a101-1083b7d9ed11&batch_time=1666036514975
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:82bf:7748:2922:b37f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
collect
region1.google-analytics.com/g/ 		0
342 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-X4363VV9ZN&gtm=2oeaa0&_p=1097514643&cid=915833780.1666036515&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666036514&sct=1&seg=0&dl=https%3A%2F%2Fanalyze.nw-click.com%2Fpersonal-loan%3Futm_source%3DDA%26utm_medium%3Daffiliate%26utm_campaign%3D42575%26offer%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26affiliateId%3D1006%26affiliateName%3DDA%26subId1%3D42575%26subId2%3D2ATC%26subId3%3D383939476%26subId4%3D1666031482-101722%26subId5%3D%26subId6%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26hoTid%3D102d90eee936ffbe3b339dbab7a0ea%26hoOfferId%3D99&dt=NerdWallet%3A%20Make%20all%20the%20right%20money%20moves&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X4363VV9ZN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 19:55:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://analyze.nw-click.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-69edcc3187336f9b0a3fbb4c73be9fe6.html
vars.hotjar.com/ Frame DA26 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-542041.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-116.fra60.r.cloudfront.net
Software
/
Resource Hash
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://analyze.nw-click.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1160827
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 09:28:08 GMT
etag
"f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified
Tue, 04 Oct 2022 07:09:34 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
x-amz-cf-id
uuRqYEY-FDudYbHP0oOZCmRKoJHDaWAd09skzig-NuwcjCZZs6fzDg==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
none
542041
vc.hotjar.io/sessions/ 		0
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/542041?s=0.25&r=0.00646259443725139
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-15.fra56.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
UtElZ_M_Prhj5b-OgCwknb6TTRISjCtCKHb6VWGRCNQO4cHOndaruA==
/
www.facebook.com/tr/ 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=145605262667436&ev=PageView&dl=https%3A%2F%2Fanalyze.nw-click.com%2Fpersonal-loan%3Futm_source%3DDA%26utm_medium%3Daffiliate%26utm_campaign%3D42575%26offer%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26affiliateId%3D1006%26affiliateName%3DDA%26subId1%3D42575%26subId2%3D2ATC%26subId3%3D383939476%26subId4%3D1666031482-101722%26subId5%3D%26subId6%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26hoTid%3D102d90eee936ffbe3b339dbab7a0ea%26hoOfferId%3D99&rl=&if=false&ts=1666036515206&sw=1600&sh=1200&v=2.9.85&r=stable&ec=0&o=30&fbp=fb.1.1666036515205.377311243&it=1666036514956&coo=false&rqm=GET
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 17 Oct 2022 19:55:15 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
main.Mi4wLjAuNTZfMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		336 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNTZfMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9682D3C77U9N0P9530G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-103-17.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e9bd9db83268ae9694965b94341b1ac5c2da802cfb7d87ed5b1b2727d8ea5ed2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-akamai-request-id
4f0f044a
date
Mon, 17 Oct 2022 19:55:15 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202210111320017856E2A8DA4E6B2158AF
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a184-86-102-17.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01c92c41b98df5c6d4b2df48227384b0ce747217b81816add7bebee464d71630c6ffbf8d7a694154114a7f6e7961b0e26a864e4f440f3bd01105d5524e80e3a9effa9511dc3fa3707e8b4493bf637a4f6b
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length
96859
pixel
analytics.tiktok.com/api/v2/ 		0
546 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNTZfMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-103-17.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 19:55:15 GMT
x-akamai-request-id
4f0f07a5
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
2022101719551559F82B56B2756C4010E4
x-cache
TCP_MISS from a184-86-102-17.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
112,184.86.102.17
x-tt-trace-host
01e10739828fc0dcde6074192940a8d74e56dc9fcef58a663cbc1a42ed62e63201e354896c1b7321567068407df3180e70dfd026ce202d1df135a80bdfd04e7e09f3d88b9cf6a1a46a6cb570ca029cd250
server-timing
inner; dur=16, cdn-cache; desc=MISS, edge; dur=16, origin; dur=112
content-length
0
expires
Mon, 17 Oct 2022 19:55:15 GMT
certs
api.trustedform.com/ Frame BE51 		475 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16660365134640.29363098178177327&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.80.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-80-156.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
3a3c6188ca3ed6430b756cd083c9044c849e11f77095a67c725a8fcd4abd71e4

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 17 Oct 2022 19:55:15 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
475
InitFormData
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/InitFormData?msn=5&pid=a7b2f977-5781-4f8c-9358-74f1f6151686&token=F496C4F2-3E3F-FD11-7BA8-4165FB00D6C5&_=339861144
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-227-162.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 17 Oct 2022 19:55:15 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
6
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
rum
rum.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.17.1%2Cservice%3Aanalyze-front-end&dd-api-key=puba17748089e0d77f22b4c6dfedca76a53&dd-evp-origin-version=4.17.1&dd-evp-origin=browser&dd-request-id=6d3b47b9-0755-4f73-9caa-0334912993d3&batch_time=1666036515577
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:82bf:7748:2922:b37f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
httpapi
api2.amplitude.com/2/ 		94 B
287 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.88.7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-88-7.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
99aa1e9b4d8c564e1082aeeb7104e50483fada954c481c29035bd95735e19af2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 17 Oct 2022 19:55:16 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-634db324-15d1576d18bde12855343f46
content-length
94
access-control-allow-methods
GET, POST
content-type
application/json
httpapi
api2.amplitude.com/2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.88.7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-88-7.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://analyze.nw-click.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-length
0
date
Mon, 17 Oct 2022 19:55:16 GMT
strict-transport-security
max-age=15768000
trustedform-1.8.29.js
cdn.trustedform.com/ 		99 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/trustedform-1.8.29.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16660365134640.29363098178177327&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:6c00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de10e6e1737b7031c84053fb8500a554901034dac8169e816b2a9d19dea8e27c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
oPelQ0fGWdbo7iDIXPghW4XZAnyuy5Ov
content-encoding
gzip
via
1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
date
Mon, 17 Oct 2022 19:55:15 GMT
last-modified
Mon, 03 Oct 2022 18:12:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
25
etag
W/"05c5bc479b5cc70fc03787ab4e8d8dec"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
wszej6TkP357gXstp8Tugkh_cRyDksmGlTWlHYbpvnQr2OvzXrFL9Q==
snapshot
api.trustedform.com/certs/a87a4b49e1f6a6b08c8cd3491fef02ccd9e13630/ Frame 529F 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/a87a4b49e1f6a6b08c8cd3491fef02ccd9e13630/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.80.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-80-156.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 17 Oct 2022 19:55:16 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
upgrade.28544a93.png
analyze.nw-click.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/upgrade.28544a93.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
37473b44ff83bdebfe4656b14121fcf6213f1ab9c96be74e0b060f3cd9c11c11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:17 GMT
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"b422751a04be77117bf763c033cc4353"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
2903
x-amz-cf-id
X0pGu4EqVPsrxL30hbw64QJqod8KcWSmJs5a8M_wCn-0tGlnTrMEOA==
sofi.1a9e3ad8.png
analyze.nw-click.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/sofi.1a9e3ad8.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
209bbba6f7163b259848583858ea8e1cb5761089ad194de95a97e9601f9d7ccc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:17 GMT
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"c4ce1ffe77ee99b77622a8ce267fd01e"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
1598
x-amz-cf-id
7aRu8JSP2JqAU0rIuDF44a2KY8HDaKIvtmMdLpMoGYzLEUIVqvoYwg==
lendingclub.9d282818.png
analyze.nw-click.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/lendingclub.9d282818.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d793e9fc718ea6e7c8e81ddf7cdef6cc4bf5817c4869171b56fddbdee811269

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:17 GMT
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"bbfb5d51d9a49005840cfba234bf3724"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
5732
x-amz-cf-id
e6NQf245vl_H7jZMFtdQzTfcfIDtTMqUcUJGuSa9xD1yTZRVleLADw==
bestegg.48958c73.png
analyze.nw-click.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/bestegg.48958c73.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae68e771989d53e83a9887becea1cf92f05bb050409188d4476e8fe12834eaa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:17 GMT
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"cabb4579944c8b296d788a5ed918857f"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
3870
x-amz-cf-id
RlsYI_eRVYm22Fa0V1uyX5tqr1tcWApK4A3s2VyrBpIr_9CR0lgxiQ==
prosper.b70e666b.png
analyze.nw-click.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/prosper.b70e666b.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c53686b7318dc68f809d337ab0a9ec82db4d9d77e4f8c2d882151aef6cca082

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:17 GMT
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"d732796ac77a22219c2f0e4c9c661590"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
4042
x-amz-cf-id
0sdmif05nT4CeXnU5eF__6PzaZR2lQEZbAuUvs72AwsRC_VeFyLNrw==
graphic.5182f59d.svg
analyze.nw-click.com/ 		56 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/graphic.5182f59d.svg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d37da68533f0bec1e870616609117f51870aa044e96f81c85bfb24a32e3253e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:17 GMT
content-encoding
gzip
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"ac26fc1d0e12f359d738a22e75ea1be3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
VNBrQqzsfhcK0Ehf_XdnnK0B4KBL1uDCqOh4gO-tyQFtfwpxRWW6Vw==
step1.4798433f.svg
analyze.nw-click.com/ 		28 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/step1.4798433f.svg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df7d904b769cd337e322637742dc8a004200cc4142d7b4fb40f1b3c222191774

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:17 GMT
content-encoding
gzip
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"b1ff304176046161d4322acb12f5a3ea"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
QfnRffFQabzGru-UobV-6bCt9R8BQdE_2dDD_omgMyFrANcJIpcNDw==
step2.951bb7f4.svg
analyze.nw-click.com/ 		13 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/step2.951bb7f4.svg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b71779fb6bf169b8f365ad4ed7bb2559e122941f613cc69e6cd2004635f92fc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:17 GMT
content-encoding
gzip
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"b0de2862c933fecd011c45411876b971"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
1ytOPKbw4Ma8dOcWc2tWq2WnQGk0ZkFxppUiXu8chGNnswhoVDAQOQ==
step3.837fc13e.svg
analyze.nw-click.com/ 		40 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyze.nw-click.com/step3.837fc13e.svg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:c:d509:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d925fff8efab019e1af1ff0f17536c75c75a98d4a3a4e2a0da301bb7e43488fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/personal-loan?utm_source=DA&utm_medium=affiliate&utm_campaign=42575&offer=NerdWallet+PL+Conditional+Form+Submission&affiliateId=1006&affiliateName=DA&subId1=42575&subId2=2ATC&subId3=383939476&subId4=1666031482-101722&subId5=&subId6=NerdWallet+PL+Conditional+Form+Submission&hoTid=102d90eee936ffbe3b339dbab7a0ea&hoOfferId=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:17 GMT
content-encoding
gzip
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 21:05:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"a798479fcc047df801b207b7f84457a5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
Z7FE2ZnGDT1A5dl2j99sSatO4nGVuQ_yGyJJOuQnwCoycAlBp_aY_w==
nw-pixel-v1.gif
www.nerdwallet.com/blog/wp-content/themes/nerdwallet/assets/tracking/ 		42 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nerdwallet.com/blog/wp-content/themes/nerdwallet/assets/tracking/nw-pixel-v1.gif
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.42.63 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:55:16 GMT
content-security-policy
frame-ancestors 'self' *.app.clicktale.com app.optimizely.com analytics.google.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42
x-xss-protection
1; mode=block;
last-modified
Mon, 10 Oct 2022 14:42:35 GMT
server
cloudflare
etag
"63442f5b-2a"
x-frame-options
SAMEORIGIN
vary
Origin, Origin
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
75bb9740fa029076-FRA
x-nerd
Edge
expires
Thu, 31 Dec 2037 23:55:55 GMT
fingerprints
api.trustedform.com/certs/a87a4b49e1f6a6b08c8cd3491fef02ccd9e13630/ Frame 529F 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/a87a4b49e1f6a6b08c8cd3491fef02ccd9e13630/fingerprints
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.80.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-80-156.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 17 Oct 2022 19:55:16 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
0
bat.bing.com/action/ 		0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5715165&tm=gtm002&Ver=2&mid=66d1f1af-8d8f-464a-82ca-a369d230c0ee&sid=9e13a1e04e5511eda85a1b178ccda071&vid=9e13c2f04e5511ed87342d005e952028&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=NerdWallet%3A%20Make%20all%20the%20right%20money%20moves&p=https%3A%2F%2Fanalyze.nw-click.com%2Fpersonal-loan%3Futm_source%3DDA%26utm_medium%3Daffiliate%26utm_campaign%3D42575%26offer%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26affiliateId%3D1006%26affiliateName%3DDA%26subId1%3D42575%26subId2%3D2ATC%26subId3%3D383939476%26subId4%3D1666031482-101722%26subId5%3D%26subId6%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26hoTid%3D102d90eee936ffbe3b339dbab7a0ea%26hoOfferId%3D99&r=&lt=3180&evt=pageLoad&sv=1&rn=204350
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 17 Oct 2022 19:55:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 581C0B9E83D84D7DBDE3C9E6054F5CE2 Ref B: FRA31EDGE0207 Ref C: 2022-10-17T19:55:15Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		10 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
text/javascript
InitFormData
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/InitFormData?msn=6&pid=a7b2f977-5781-4f8c-9358-74f1f6151686&token=F496C4F2-3E3F-FD11-7BA8-4165FB00D6C5&_=339861145
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-227-162.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 17 Oct 2022 19:55:16 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
6
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
rum
rum.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.17.1%2Cservice%3Aanalyze-front-end&dd-api-key=puba17748089e0d77f22b4c6dfedca76a53&dd-evp-origin-version=4.17.1&dd-evp-origin=browser&dd-request-id=a3866ec2-b67e-4ce3-8310-3333cf4b2ee2&batch_time=1666036516498
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:82bf:7748:2922:b37f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
events
api.trustedform.com/certs/a87a4b49e1f6a6b08c8cd3491fef02ccd9e13630/ Frame 529F 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/a87a4b49e1f6a6b08c8cd3491fef02ccd9e13630/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.80.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-80-156.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 17 Oct 2022 19:55:16 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=145605262667436&ev=Microdata&dl=https%3A%2F%2Fanalyze.nw-click.com%2Fpersonal-loan%3Futm_source%3DDA%26utm_medium%3Daffiliate%26utm_campaign%3D42575%26offer%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26affiliateId%3D1006%26affiliateName%3DDA%26subId1%3D42575%26subId2%3D2ATC%26subId3%3D383939476%26subId4%3D1666031482-101722%26subId5%3D%26subId6%3DNerdWallet%2BPL%2BConditional%2BForm%2BSubmission%26hoTid%3D102d90eee936ffbe3b339dbab7a0ea%26hoOfferId%3D99&rl=&if=false&ts=1666036516718&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22NerdWallet%3A%20Make%20all%20the%20right%20money%20moves%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.85&r=stable&ec=1&o=30&fbp=fb.1.1666036515205.377311243&it=1666036514956&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 17 Oct 2022 19:55:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
Snap
leadid.onthebarrelhead.com/2.11.9/ 		0
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/Snap?msn=7&pid=a7b2f977-5781-4f8c-9358-74f1f6151686&token=F496C4F2-3E3F-FD11-7BA8-4165FB00D6C5&_=339861146
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-227-162.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 17 Oct 2022 19:55:17 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
7
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Snap
leadid.onthebarrelhead.com/2.11.9/ 		0
956 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadid.onthebarrelhead.com/2.11.9/Snap?msn=8&pid=a7b2f977-5781-4f8c-9358-74f1f6151686&token=F496C4F2-3E3F-FD11-7BA8-4165FB00D6C5&_=339861147
Requested by
Host: analyze.nw-click.com
URL: https://analyze.nw-click.com/nerdwallet.b70d6938.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-227-162.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://analyze.nw-click.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 17 Oct 2022 19:55:18 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Via
1.1 vegur
Server
envoy
Access-Control-Max-Age
1728000
Transfer-Encoding
chunked
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
X-Envoy-Upstream-Service-Time
10
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Expires
Sat, 26 Jul 1997 05:00:00 GMT
events
api.trustedform.com/certs/a87a4b49e1f6a6b08c8cd3491fef02ccd9e13630/ Frame 529F 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/a87a4b49e1f6a6b08c8cd3491fef02ccd9e13630/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.80.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-80-156.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 17 Oct 2022 19:55:17 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
common.js
maps.googleapis.com/maps-api-v3/api/js/50/9/intl/de_ALL/ 		248 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/50/9/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDS-PiX0T0HhN3K_69LEvUOYySpGxNAaGk&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b02e2d78209325f7d74120d554a8c9e8350e508d99f5053e85daccd792f28acd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:38:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69614
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 19:01:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 19:38:37 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/50/9/intl/de_ALL/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/50/9/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDS-PiX0T0HhN3K_69LEvUOYySpGxNAaGk&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2984c3ba392dc9504b5ffb2c6626852dea7a71c5e1196bcbec4127ca1978d7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyze.nw-click.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:38:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61951
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 19:01:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 19:38:37 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| regeneratorRuntime object| LeadiDconfig object| LeadiD object| DD_RUM function| parcelRequire object| defaultStyleFrame object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording object| analyticsConnectorInstances object| dataLayer object| google_tag_manager object| google_tag_data function| hj object| _hjSettings string| TiktokAnalyticsObject object| ttq function| fbq function| _fbq object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| UET function| UET_init function| UET_push object| ueto_f8e7eccc32 object| uetq object| gaGlobal object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks string| label string| id boolean| sensitiveData

26 Cookies

Domain/Path Name / Value
.speedtrkzone.com/ Name: sl
Value: bGnjmtLqfmFvWs6/mmTdJBoWnya5eWLf411LSyAZ+MxjvECpKaovMQ==
.speedtrkzone.com/ Name: ti
Value: kR2gFptLk/7SFKe9G4J4WhoWnya5eWLf411LSyAZ+MxjvECpKaovMQ==
.speedtrkzone.com/ Name: c31497
Value: bGnjmtLqfmEtbon8WzqJMyOOuNYFsQqyw6bdXzvo1l4TH8HpcHUPmQ==
.www.nerdwallet.com/ Name: __cf_bm
Value: dPgpxf4BBYXPycq5W9_BWDTJGlIcxuQ_LiWCzTZhTbU-1666036513-0-AQcenLBf6hgBDc1d+tXfVKIjKgrv89LujDq3zja59KRa2LhYCXBr8YKAP1MiyjUSB/siHLtF9g0a1pbM3c3e4J0WpEwblggYFd9JQy6jTskh
.www.nerdwallet.com/ Name: __cfruid
Value: 8fc5fd3cc28c74350308266b78db0450b89b8ee6-1666036513
analyze.nw-click.com/ Name: leadid_token-22813350-8774-3000-19AC-FC31C47988BB-6A646C57-A079-2DAF-11AA-FA12E35CE4D2
Value: F496C4F2-3E3F-FD11-7BA8-4165FB00D6C5
.nw-click.com/ Name: AMP_38544bdf07
Value: JTdCJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJkZXZpY2VJZCUyMiUzQSUyMjA0YTViZjJhLTQzYTQtNDM0OC1iOWNjLTllMDEyYjc5NjdlMSUyMiUyQyUyMmxhc3RFdmVudFRpbWUlMjIlM0ExNjY2MDM2NTE0NjUyJTJDJTIyc2Vzc2lvbklkJTIyJTNBMTY2NjAzNjUxNDU1OSUyQyUyMnVzZXJJZCUyMiUzQSUyMjhhNTNkYjY5NTBlMTRiZGY5NTM2ZDM3ODRkNGMwY2Y1JTIyJTdE
.deviceid.trueleadid.com/ Name: uuid
Value: f83959a6fc914fb595a519283ce100dc
.nw-click.com/ Name: _gcl_au
Value: 1.1.879542126.1666036515
.bing.com/ Name: MUID
Value: 3D97BC641F5C61BC2061AE241ED760C2
.nw-click.com/ Name: _uetsid
Value: 9e13a1e04e5511eda85a1b178ccda071
.nw-click.com/ Name: _uetvid
Value: 9e13c2f04e5511ed87342d005e952028
.nw-click.com/ Name: _ga_X4363VV9ZN
Value: GS1.1.1666036514.1.0.1666036514.0.0.0
.nw-click.com/ Name: _ga
Value: GA1.1.915833780.1666036515
.nw-click.com/ Name: _hjSessionUser_542041
Value: eyJpZCI6ImQwNDM1YmJiLTNjODctNTdhOS1iMGE4LTY5ZTJlNzEwN2M0NiIsImNyZWF0ZWQiOjE2NjYwMzY1MTUxNzQsImV4aXN0aW5nIjpmYWxzZX0=
.nw-click.com/ Name: _hjFirstSeen
Value: 1
analyze.nw-click.com/ Name: _hjIncludedInSessionSample
Value: 0
.nw-click.com/ Name: _hjSession_542041
Value: eyJpZCI6IjE0Y2FlZjM2LTI5NTAtNGUzYS1hZjIwLTEyNGU5MDUzNzBlMSIsImNyZWF0ZWQiOjE2NjYwMzY1MTUxOTUsImluU2FtcGxlIjpmYWxzZX0=
.nw-click.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
.nw-click.com/ Name: _fbp
Value: fb.1.1666036515205.377311243
.nw-click.com/ Name: _tt_enable_cookie
Value: 1
.nw-click.com/ Name: _ttp
Value: d655a600-39da-406f-b89e-6bbe2548654a
www.nerdwallet.com/ Name: AWSALBTGCORS
Value: 9Jo7me3kpcdS0g/sMpnFC7DJ2Cj4Bka5IAgpyGfG4XkGeRRBERtki0GVoIiGZYIGgLmWI/DXC0TabJtML+1P4YVhKv7PKNjp12tRR+DY7a9fi+j6rZCRegr/ebNDHIhMUPEpjkHubZ7mOTgSGzl7K8Yir3ezToOyGWYqJLBh0u6E
www.nerdwallet.com/ Name: AWSALBCORS
Value: Ak8R9n1V/zznmsOdbBTOwb/R2ruJnguTvRUoxXVsM8jeuEW8Ig2NrjFUylr1PXDR51yUulIVUKZWlm1DpdKkW8AzEb6s9FdhcPCkzS6rJ8IZiqmNRNxEX5gv3RnC
.nw-click.com/ Name: AMP_MKTG_38544bdf07
Value: JTdCJTIydXRtX3NvdXJjZSUyMiUzQSUyMkRBJTIyJTJDJTIydXRtX21lZGl1bSUyMiUzQSUyMmFmZmlsaWF0ZSUyMiUyQyUyMnV0bV9jYW1wYWlnbiUyMiUzQSUyMjQyNTc1JTIyJTdE
analyze.nw-click.com/ Name: _dd_s
Value: rum=1&id=673169f7-e67b-4e14-9f6d-f812bd80c1ab&created=1666036513725&expire=1666037413725

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
analyze.nw-click.com
api.onthebarrelhead.com
api.trustedform.com
api2.amplitude.com
bat.bing.com
cdn.trustedform.com
connect.facebook.net
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
email.devotionaloftheday.com
leadid.onthebarrelhead.com
maps.googleapis.com
region1.google-analytics.com
rum.browser-intake-datadoghq.com
script.hotjar.com
speedtrkzone.com
static.hotjar.com
track.insight.devotionalcheckin.com
tracking.plpro.co
vars.hotjar.com
vc.hotjar.io
wkwkero.com
www.facebook.com
www.googletagmanager.com
www.nerdwallet.com
104.18.42.63
108.157.4.45
18.210.69.85
18.214.171.162
18.66.112.15
18.66.147.116
18.66.97.37
184.86.103.17
2001:4860:4802:32::36
2600:1f18:24e6:b901:82bf:7748:2922:b37f
2600:9000:206f:6e00:c:d509:13c0:93a1
2600:9000:223d:6c00:1c:7f1a:6680:93a1
2606:4700:20::681a:21
2620:1ec:c11::200
2a00:1450:4001:827::2008
2a00:1450:4001:82a::200a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.127.83.42
34.200.117.186
44.240.88.7
52.21.227.162
52.210.123.14
52.222.206.45
54.166.70.103
54.167.80.156
10e59eebc56bdd8afae70a6ed3187b25317a7a8993374b539fa45b8277443274
159c6b1e9f2d3b4d2fc9530c5da40152f37a34551bd0a7fb528f7ff6e3d9d83a
18157870a65e487555dce9077bd3351b73a34fbdb844c4619b6fb5c530d58273
1d37da68533f0bec1e870616609117f51870aa044e96f81c85bfb24a32e3253e
209bbba6f7163b259848583858ea8e1cb5761089ad194de95a97e9601f9d7ccc
2984c3ba392dc9504b5ffb2c6626852dea7a71c5e1196bcbec4127ca1978d7e5
2d793e9fc718ea6e7c8e81ddf7cdef6cc4bf5817c4869171b56fddbdee811269
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
37473b44ff83bdebfe4656b14121fcf6213f1ab9c96be74e0b060f3cd9c11c11
38a90e4f4ecd3208b29b98998e078ab123edd00110f374519fcaac46e912ef77
3a3c6188ca3ed6430b756cd083c9044c849e11f77095a67c725a8fcd4abd71e4
48da1f3149b6e00e95d8ef4a57e773ab558a864b77c96f6019e4cfebe19106a6
4ae4bbc3bbd5733dcaf9302940b4115e5871733f71ab3f3e7250e693b4d05f6d
4c53686b7318dc68f809d337ab0a9ec82db4d9d77e4f8c2d882151aef6cca082
5421dc0e3f4bff0e2f63bd5b0ef1de5eeefbca93253cebacca55a7847f95823f
5f2918a3837e166689fe62eae82565780f8e4e447790a9cf643e36f3817cf3d1
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
70588ac082957dde0611e68e883ca8be737c93b8451b4b88a63f8280dee71af3
74062f99543afef3e2f4b6424232d80c104a07853e914403687d5b077f06e0bb
7e6c865ab64d2cd8c6bc7faf32005647387728a6510bd27d097131aa3beae88a
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
99aa1e9b4d8c564e1082aeeb7104e50483fada954c481c29035bd95735e19af2
9b5c1ca37e9516661f3389aa8e7a0605d17c9102482a75398864017093ccf107
a6c34d0f59a8618fc0508f93c6eb3118bb71c9cd9b7aa60680454cea18820b2e
ae68e771989d53e83a9887becea1cf92f05bb050409188d4476e8fe12834eaa4
b02e2d78209325f7d74120d554a8c9e8350e508d99f5053e85daccd792f28acd
b71779fb6bf169b8f365ad4ed7bb2559e122941f613cc69e6cd2004635f92fc0
ba8be65746ca30fadff7deb639117ec587a44e0428f89218d70bc5e4888ac308
c45992da4f0169a7651346ef0a4cb27efe93b28a3b80d230a6f428a0e242db65
c791750daaad26bd6bf7e095b882e28a7d9a13e7ffabfe23ff3f2fec49b9f62f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb9e9fef68b5e9d72ae30f7a82d7d8aba8034672cd49059ffd4d9ed64dcc24ae
cc388194bf123ec4bfc0ed8e8098023bc1cd8453d94729986d711a6f522040ea
ce6bc560b05dfbd3518479bfe62f74f38a38939bc9bac10033160a3b589a86ce
d80f782c175ee34155d9df75ffb2ebeff7e968fa049ed143ccf65e517a5c1b9e
d925fff8efab019e1af1ff0f17536c75c75a98d4a3a4e2a0da301bb7e43488fc
de10e6e1737b7031c84053fb8500a554901034dac8169e816b2a9d19dea8e27c
deaf4755d9da347b937b7b0ca90f0c5b811f380f4f9386b3ba081f73e5dec1e5
df7d904b769cd337e322637742dc8a004200cc4142d7b4fb40f1b3c222191774
df95c359e3559c219087fcb7d390b577cbd6577c0338d18644bd275149c62a86
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047
e9bd9db83268ae9694965b94341b1ac5c2da802cfb7d87ed5b1b2727d8ea5ed2
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629