nordvpn.com Open in urlscan Pro
104.19.159.190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.swagtrk.com/C5PWF1/71KJTLJT/
Effective URL:
https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_camp...
Submission Tags: @ecarlesi possiblethreat phishing nordvpn Search All
Submission: On September 28 via api (September 28th 2024, 3:24:19 am UTC) from IT — Scanned from IT

Summary HTTP 60 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 6 domains to perform 60 HTTP transactions. The main IP is 104.19.159.190, located in and belongs to CLOUDFLARENET, US. The main domain is nordvpn.com. The Cisco Umbrella rank of the primary domain is 14233.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 18th 2023. Valid for: a year.

This is the only time nordvpn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.241.26.240 35.241.26.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	52.210.134.198 52.210.134.198	16509 (AMAZON-02) (AMAZON-02)
2 36	104.19.159.190 104.19.159.190	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6810:9b6f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700::68... 2606:4700::6810:9c6f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	104.16.208.203 104.16.208.203	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:264... 2600:9000:2644:9200:6:e337:e340:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3	142.250.185.200 142.250.185.200	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
60	10

1 35.241.26.240 (Mountain View, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.26.241.35.bc.googleusercontent.com

www.swagtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.134.198 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-134-198.eu-west-1.compute.amazonaws.com

go.nordvpn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 104.19.159.190 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

visit.nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9b6f (United States)

ASN13335 (CLOUDFLARENET, US)

s1.nordcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6810:9c6f (United States)

ASN13335 (CLOUDFLARENET, US)

ic.nordcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.208.203 (None, )

ASN13335 (CLOUDFLARENET, US)

d.nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2644:9200:6:e337:e340:93a1 (United States)

ASN16509 (AMAZON-02, US)

sb.nordcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	nordvpn.com 2 redirects visit.nordvpn.com — Cisco Umbrella Rank: 591873 nordvpn.com — Cisco Umbrella Rank: 14233 d.nordvpn.com — Cisco Umbrella Rank: 270841 cm.nordvpn.com — Cisco Umbrella Rank: 307642	98 KB
17	nordcdn.com s1.nordcdn.com — Cisco Umbrella Rank: 158134 ic.nordcdn.com — Cisco Umbrella Rank: 378018 sb.nordcdn.com — Cisco Umbrella Rank: 211009	371 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 57	465 KB
3	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 ade.googlesyndication.com — Cisco Umbrella Rank: 335	955 B
1	nordvpn.net 1 redirects go.nordvpn.net — Cisco Umbrella Rank: 343454	2 KB
1	swagtrk.com 1 redirects www.swagtrk.com	685 B
60	6

	Domain	Requested by
25	nordvpn.com	1 redirects nordvpn.com
10	ic.nordcdn.com	nordvpn.com
7	d.nordvpn.com	s1.nordcdn.com
6	s1.nordcdn.com	nordvpn.com
5	www.googletagmanager.com	nordvpn.com www.googletagmanager.com
4	cm.nordvpn.com	www.googletagmanager.com nordvpn.com
2	ade.googlesyndication.com	1 redirects
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	sb.nordcdn.com	nordvpn.com
1	visit.nordvpn.com	1 redirects
1	go.nordvpn.net	1 redirects
1	www.swagtrk.com	1 redirects
60	12

This site contains links to these domains. Also see Links.

Domain
www.av-test.org
twitter.com
www.youtube.com
www.forbes.com
www.independent.co.uk
support.nordvpn.com
my.nordaccount.com

Subject Issuer	Validity	Valid
*.nordvpn.com AlphaSSL CA - SHA256 - G4	`2023-09-18` - `2024-10-19`	a year	crt.sh
*.nordcdn.com GlobalSign GCC R6 AlphaSSL CA 2023	`2024-03-13` - `2025-04-14`	a year	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
nordsecurity.bynder.com Amazon RSA 2048 M02	`2024-02-06` - `2025-03-06`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203
Frame ID: 1DF1EB923E7E7BABB13FBEDE42A3A377
Requests: 62 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Risparmia e ricevi 3 mesi extra | NordVPN

Page URL History Show full URLs

https://www.swagtrk.com/C5PWF1/71KJTLJT/ HTTP 302
https://go.nordvpn.net/aff_c?offer_id=20&aff_id=69203&url_id=2494&aff_sub=42fd9646b40f46a294d3a061d... HTTP 302
https://visit.nordvpn.com/?offer_id=20&aff_id=69203&aff_transaction_id=10222a47ec517236c955b4fefbe60e&... HTTP 302
https://nordvpn.com/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061... HTTP 302
https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a... Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

60
Requests

97 %
HTTPS

36 %
IPv6

6
Domains

12
Subdomains

10
IPs

4
Countries

1037 kB
Transfer

2368 kB
Size

23
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.av-test.org/fileadmin/pdf/reports/AV-TEST_NordVPN_Comparative_Test_Report_September_2020.pdf
Title: il rapporto completo

Search URL Search Domain Scan URL

URL: https://twitter.com/Alch3m1s7/status/1639579744550133760/?s=20
Title: A|ch3m1st @Alch3m1s7 @NordVPN the new meshnet is mind-blowingly amazing piece of tech 🚀 , with unlimited bottomless use cases. God bless ya all! 🙌 12:47 PM · Mar 25, 2023

Search URL Search Domain Scan URL

URL: https://twitter.com/MrNathanCorliss/status/1636840377494933504/
Title: Nathan Corliss @MrNathanCorliss This is completely unsolicited praise, @NordVPN, is very helpful as an advertiser testing search ads, and as a work-anywhere person who needs to ensure I have a safe internet connection. Great value. So easy to use, I actually use it. Keep up the good work. 11:22 PM · Mar 17, 2023

Search URL Search Domain Scan URL

URL: https://twitter.com/PedroTheKiwi/status/1633502224721793024/
Title: Pedro @PedroTheKiwi I’ve been using NordVPN and their other products for the last 4 years. Absolutely outstanding product and service 10:25 AM · Mar 8, 2023

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch/?v=e4MrEMYNgiw&t=283s
Title: Guarda su YouTube

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch/?v=jl3O7KO8VB8&t=280s
Title: Guarda su YouTube

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch/?v=Yl8aKmuF2k4&t=3s
Title: Guarda su YouTube

Search URL Search Domain Scan URL

URL: https://www.forbes.com/advisor/business/software/best-vpn/
Title: Forbes Advisor

Search URL Search Domain Scan URL

URL: https://www.independent.co.uk/advisor/vpn/nordvpn-review/
Title: Independent Advisor

Search URL Search Domain Scan URL

URL: https://support.nordvpn.com/hc/it
Title: Centro assistenza

Search URL Search Domain Scan URL

URL: https://my.nordaccount.com/legal/terms-of-service/
Title: Termini di servizio

Search URL Search Domain Scan URL

URL: https://my.nordaccount.com/legal/cookie-policy/
Title: Informativa sui cookie

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.swagtrk.com/C5PWF1/71KJTLJT/ HTTP 302
https://go.nordvpn.net/aff_c?offer_id=20&aff_id=69203&url_id=2494&aff_sub=42fd9646b40f46a294d3a061d140f47f&aff_sub2=224&aff_sub3= HTTP 302
https://visit.nordvpn.com/?offer_id=20&aff_id=69203&aff_transaction_id=10222a47ec517236c955b4fefbe60e&source=&params[ho_asub1]=42fd9646b40f46a294d3a061d140f47f&url_id=1503 HTTP 302
https://nordvpn.com/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203 HTTP 302
https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://ade.googlesyndication.com/ddm/activity/src=12123059;type=retar0;cat=purea0;ord=402134338673;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe49p0v9181811535z86894354za201zb6894354;gcs=G101;gcd=13p3tPp2p7l1;dma_cps=-;dma=1;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fnordvpn.com%2Fit%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%3D42fd9646b40f46a294d3a061d140f47f%26utm_campaign%3Doff20%26utm_source%3Daff69203 HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=12123059;dc_pre=CJr4p4zY5IgDFQ9hHgIdZmIXsw;type=retar0;cat=purea0;ord=402134338673;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe49p0v9181811535z86894354za201zb6894354;gcs=G101;gcd=13p3tPp2p7l1;dma_cps=-;dma=1;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fnordvpn.com%2Fit%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%3D42fd9646b40f46a294d3a061d140f47f%26utm_campaign%3Doff20%26utm_source%3Daff69203

60 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
nordvpn.com/it/special/
Redirect Chain

https://www.swagtrk.com/C5PWF1/71KJTLJT/
https://go.nordvpn.net/aff_c?offer_id=20&aff_id=69203&url_id=2494&aff_sub=42fd9646b40f46a294d3a061d140f47f&aff_sub2=224&aff_sub3=
https://visit.nordvpn.com/?offer_id=20&aff_id=69203&aff_transaction_id=10222a47ec517236c955b4fefbe60e&source=&params[ho_asub1]=42fd9646b40f46a294d3a061d140f47f&url_id=1503
https://nordvpn.com/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203
https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

156 KB
35 KB

131ms
131ms

Document
text/html

104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b950c1ac3b8708db9aab6a7f21039c6e5157a3b19fe644a0e8d795e25c793ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 1932
cf-cache-status: HIT
cf-ray: 8ca09e73c9be0d65-MXP
content-encoding: br
content-type: text/html
date: Sat, 28 Sep 2024 03:24:10 GMT
last-modified: Thu, 26 Sep 2024 08:59:23 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding

Redirect headers

cache-control: no-store, no-cache, must-revalidate
cf-ray: 8ca09e73698a0d65-MXP
content-length: 0
date: Sat, 28 Sep 2024 03:24:10 GMT
expires: 0
location: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding

GET
H2 200 index.js Show response
s1.nordcdn.com/d/nordvpn/prod/ 16 KB
7 KB 128ms
39ms Script
application/javascript 2606:4700::6810:9b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/d/nordvpn/prod/index.js?cu=https://d.nordvpn.com/1/cc&p=nordvpn&cv=nordvpn-main@0.142.7

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9b6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

667202343cf34ff2c5f662962f4be5b7f10e97513f5aa6fbc803b4d640abefb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=604800
content-encoding: gzip
cf-cache-status: HIT
age: 155582
cf-ray: 8ca09e753d490e97-MXP
access-control-allow-origin: *
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: application/javascript
last-modified: Mon, 02 Sep 2024 14:26:02 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 init.js Show response
s1.nordcdn.com/d/consent/prod/ 4 KB
2 KB 128ms
40ms Script
application/javascript 2606:4700::6810:9b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/d/consent/prod/init.js?isGdpr=true

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9b6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cac3b60c321f2493e73a2573f9fd876b71a9ecc7569732086e55ab501771762c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=604800
content-encoding: gzip
cf-cache-status: HIT
age: 753450
cf-ray: 8ca09e753d480e97-MXP
access-control-allow-origin: *
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: application/javascript
last-modified: Tue, 03 Sep 2024 14:39:57 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 main.js Show response
s1.nordcdn.com/d/consent/prod/ 128 KB
32 KB 41ms
40ms Script
application/javascript 2606:4700::6810:9b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/d/consent/prod/main.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9b6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

506afc2ef2b3fde67c6304a98f3b302f0ab531729b0b06804b62301736e066ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=604800
content-encoding: gzip
cf-cache-status: HIT
age: 753450
cf-ray: 8ca09e758d760e97-MXP
access-control-allow-origin: *
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: application/javascript
last-modified: Tue, 03 Sep 2024 14:39:57 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 main.css
s1.nordcdn.com/d/consent/prod/ 8 KB
2 KB 127ms
38ms Stylesheet
text/css 2606:4700::6810:9b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/d/consent/prod/main.css

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9b6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12cfa0eadf781e50f24dab93efc97bdbbd11984500209850461e010e558478e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=604800
content-encoding: gzip
cf-cache-status: HIT
age: 917788
cf-ray: 8ca09e753d470e97-MXP
access-control-allow-origin: *
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: text/css
last-modified: Tue, 03 Sep 2024 14:39:57 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 200 _slug_.FucA7EZL.css
nordvpn.com/static/ 115 KB
20 KB 60ms
59ms Stylesheet
text/css 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/_slug_.FucA7EZL.css

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5f822cc513de748077c29ce42d8a94e51c02134daf7dc5b9a69822936872aef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
content-encoding: br
cf-cache-status: HIT
etag: W/"66f51714-1ccdd"
age: 155072
cf-ray: 8ca09e74aa630d65-MXP
expires: Wed, 02 Apr 2025 03:24:10 GMT
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: text/css
last-modified: Thu, 26 Sep 2024 08:11:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 hoisted.BcRZYHo1.js Show response
nordvpn.com/static/ 23 KB
8 KB 60ms
59ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/hoisted.BcRZYHo1.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc6115497e84b72902eabd532a7c2cf82ce86aa4a9b8a42aaa3ecde526e7daf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
content-encoding: br
cf-cache-status: HIT
etag: W/"66f51714-5b20"
age: 155063
cf-ray: 8ca09e74aa660d65-MXP
expires: Wed, 02 Apr 2025 03:24:10 GMT
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 08:11:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 sale-woman-bubble-phone-discount-xs.png
ic.nordcdn.com/v1/fr_auto,q_70/https://sb.nordcdn.com/m/75e5073ba1b7131e/original/ 60 KB
61 KB 151ms
63ms Image
image/avif 2606:4700::6810:9c6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/fr_auto,q_70/https://sb.nordcdn.com/m/75e5073ba1b7131e/original/sale-woman-bubble-phone-discount-xs.png?X-Nord-Credential=T4PcHqfACi8Naxvulzf4IE8XT4oypRTi0blOOGwbK2A8L4fcPw52k3qkvbkYH&X-Nord-Signature=wHyCmiEnWrdhRPZwYdP%2B0GKBMomEQAjan%2FZ53UXEFYM%3D

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

097d6e813efb2eb9fbde49ca6b42dd7857fba4868a4efc2dbcf6a9593d6e47ac

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

cf-cache-status: HIT
etag: "cfApfdzWltaVhJqMytrvfXJ9rGCvHN2RGDlYXWZjJbDQ"
cf-bgj: imgq:70,h2pri
cf-resized: internal=ram/- q=0 n=0+0 c=0+0 v=2024.9.4 l=61542
x-content-type-options: nosniff
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: image/avif
last-modified: Fri, 27 Sep 2024 16:26:50 GMT
vary: Accept, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=172800
via: 1.1 43f52b151d7f370fd29eece1c460d312.cloudfront.net (CloudFront)
cf-ray: 8ca09e7538180e1d-MXP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 61542
server: cloudflare

GET
H2 200 aranzulla-image.png
ic.nordcdn.com/v1/fr_auto,q_70/https://sb.nordcdn.com/m/6491bed074eaf3f1/original/ 4 KB
5 KB 138ms
51ms Image
image/avif 2606:4700::6810:9c6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/fr_auto,q_70/https://sb.nordcdn.com/m/6491bed074eaf3f1/original/aranzulla-image.png?X-Nord-Credential=T4PcHqfACi8Naxvulzf4IE8XT4oypRTi0blOOGwbK2A8L4fcPw52k3qkvbkYH&X-Nord-Signature=097friF1pWYYXxY1FZ%2Bo51yL4jw%2FPPNGoG34w81t8sg%3D

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e9b84f3831b3fbe2dc492f557d514b1caed8d575f0b484d26ae0f9543b2578e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

cf-cache-status: HIT
etag: "cfvxnwlLRkF2jQNu0r9kDj1nGtCvHN2RGDlYXWZjJbDQ"
cf-bgj: imgq:70,h2pri
cf-resized: internal=ok/h q=0 n=14+187 c=0+0 v=2024.9.4 l=3955 f=false
x-content-type-options: nosniff
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: image/avif
last-modified: Thu, 26 Sep 2024 15:53:35 GMT
vary: Accept, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=172800
via: 1.1 f18ba74dbeda670076234c3588daf92a.cloudfront.net (CloudFront)
cf-ray: 8ca09e75381d0e1d-MXP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3955
server: cloudflare

GET
H2 200 aranzulla-logo.png
ic.nordcdn.com/v1/fr_auto,q_70/https://sb.nordcdn.com/m/24776e8496786a9b/original/ 3 KB
3 KB 143ms
56ms Image
image/avif 2606:4700::6810:9c6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/fr_auto,q_70/https://sb.nordcdn.com/m/24776e8496786a9b/original/aranzulla-logo.png?X-Nord-Credential=T4PcHqfACi8Naxvulzf4IE8XT4oypRTi0blOOGwbK2A8L4fcPw52k3qkvbkYH&X-Nord-Signature=W0gmXijyjm2qywfU2raSk9a3i%2FboexYyxcTAWRAg1R4%3D

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be71fba16305ef09fef342c1a16ede4e03b2e18baae1ea7d7108809fe67dc2bf

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

cf-cache-status: HIT
etag: "cf9bsM79_LGNYfVhhLlyCfBxSJCvHN2RGDlYXWZjJbDQ"
cf-bgj: imgq:70,h2pri
cf-resized: internal=ok/h q=0 n=29+51 c=0+51 v=2024.9.4 l=2865 f=false
x-content-type-options: nosniff
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: image/avif
last-modified: Thu, 26 Sep 2024 19:12:47 GMT
vary: Accept, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=172800
via: 1.1 5c5f81392ed550ce51a08ea0f3bd8dec.cloudfront.net (CloudFront)
cf-ray: 8ca09e75381f0e1d-MXP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2865
server: cloudflare

GET
H2 200 threat-protection-secure-access-bubble-female-md.svg
ic.nordcdn.com/v1/https://sb.nordcdn.com/m/d642e7338b6a459/original/ 14 KB
6 KB 118ms
54ms Image
image/svg+xml 2606:4700::6810:9c6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/https://sb.nordcdn.com/m/d642e7338b6a459/original/threat-protection-secure-access-bubble-female-md.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

133d9660262505884ba3e7beb7b22543fdb3887633f59225c15ecb262f665e70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 44871
x-content-type-options: nosniff
expires: Mon, 30 Sep 2024 03:24:10 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: n_NmIsLXNQyqu1VhwoBzq9RM2Atiqbd_IdvbJvPQ79MLrCuLK6Sw8Q==
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: image/svg+xml
content-disposition: inline
vary: Accept-Encoding
last-modified: Fri, 27 Sep 2024 14:56:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-api-correlation-id: fc0caa9d-4d2e-fbe9-5bd2-fc94b6aa9a7f
cache-control: public, max-age=172800
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 92f3d3fb9fe3ca5166aa49ba6fcab7b6.cloudfront.net (CloudFront)
cf-ray: 8ca09e7538190e1d-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
x-amz-cf-pop: MXP53-P4
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 301 KB
102 KB 207ms
109ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

46461084bbdbb34b6c223ca40c98a266d4016594a733ca68036a261cf4bb11fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 28 Sep 2024 03:24:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 103774
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 Countdown.DV8NBFnC.js Show response
nordvpn.com/static/ 2 KB
1 KB 60ms
60ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/Countdown.DV8NBFnC.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e051519cbdf661282307bdfcaffd95403333c7ffb478e5941f97580e738d40a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
content-encoding: br
cf-cache-status: HIT
etag: W/"66f51714-8de"
age: 155074
cf-ray: 8ca09e758b2f0d65-MXP
expires: Wed, 02 Apr 2025 03:24:10 GMT
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 08:11:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 client.82SX67Fm.js Show response
nordvpn.com/static/ 1 KB
946 B 65ms
64ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/client.82SX67Fm.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f98f0e70e357a57fcd80d0bebb0a6397808962f9869f907c5870402b54a64a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
content-encoding: br
cf-cache-status: HIT
etag: W/"66f51714-4c7"
age: 155074
cf-ray: 8ca09e758b300d65-MXP
expires: Wed, 02 Apr 2025 03:24:10 GMT
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 08:11:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 sale-woman-bubble-phone-2xl.png
ic.nordcdn.com/v1/fr_auto,q_70/https://sb.nordcdn.com/m/7eb8622de45c45c2/original/ 125 KB
126 KB 47ms
46ms Image
image/webp 2606:4700::6810:9c6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/fr_auto,q_70/https://sb.nordcdn.com/m/7eb8622de45c45c2/original/sale-woman-bubble-phone-2xl.png?X-Nord-Credential=T4PcHqfACi8Naxvulzf4IE8XT4oypRTi0blOOGwbK2A8L4fcPw52k3qkvbkYH&X-Nord-Signature=LVhWA24W%2BTFOQV%2Bsfn7lea%2BuTPlbX2VwK5jTBHutV7w%3D

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57593f257a8b72ac4e339ca80af43a86b969a49f553d65a3f14e2dc1364f746d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

cf-cache-status: HIT
etag: "cfYpvE2CVYjY8yFiO483LvYsGwCvHN2RGDlYXWZjJbDQ"
cf-bgj: imgq:71,h2pri
cf-resized: internal=ok/h q=0 n=148+300 c=0+0 v=2024.9.4 l=128264 f=false
warning: cf-images 299 "image too large for AVIF"
x-content-type-options: nosniff
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: image/webp
last-modified: Thu, 26 Sep 2024 07:48:45 GMT
vary: Accept, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=172800
via: 1.1 2fb3ffc33eb22f3ef34dcbe535744fea.cloudfront.net (CloudFront)
cf-ray: 8ca09e75a8620e1d-MXP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 128264
server: cloudflare

GET
H3 200 sendTracyEvent.BQpiQXIH.js Show response
nordvpn.com/static/ 2 KB
2 KB 70ms
68ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/sendTracyEvent.BQpiQXIH.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcff9741d420ec6a34f235561bf76b7fda7e1395388907c5dc4352ab94f9871e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/hoisted.BcRZYHo1.js

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
content-encoding: br
cf-cache-status: HIT
etag: W/"66f51714-988"
age: 155074
cf-ray: 8ca09e75bb4a0d65-MXP
expires: Wed, 02 Apr 2025 03:24:10 GMT
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 08:11:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 sendEvent.C-gzx-WA.js Show response
nordvpn.com/static/ 2 KB
1 KB 72ms
70ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/sendEvent.C-gzx-WA.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a08d9af388bdf4d74e9ad1be83b25e51205cf97273d0749b483bf0442ec1893

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/hoisted.BcRZYHo1.js

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
content-encoding: br
cf-cache-status: HIT
etag: W/"66f51714-774"
age: 155074
cf-ray: 8ca09e75bb4b0d65-MXP
expires: Wed, 02 Apr 2025 03:24:10 GMT
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 08:11:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 throttle.BHUakWLq.js Show response
nordvpn.com/static/ 523 B
570 B 81ms
79ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/throttle.BHUakWLq.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1e0dfff04d33b3fae75e7423191961913ccf793a81b45189387e1efb73b62a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/hoisted.BcRZYHo1.js

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
content-encoding: br
cf-cache-status: HIT
etag: W/"66f51714-20b"
age: 155074
cf-ray: 8ca09e75bb4d0d65-MXP
expires: Wed, 02 Apr 2025 03:24:10 GMT
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 08:11:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 _sentry-release-injection-file.CeQ6aOVi.js Show response
nordvpn.com/static/ 492 B
514 B 65ms
63ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/_sentry-release-injection-file.CeQ6aOVi.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c7c227659998898780ee840b83f921840a62f077f526d3ff3185cebd142343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/hoisted.BcRZYHo1.js

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
content-encoding: br
cf-cache-status: HIT
etag: W/"66f51714-1ec"
age: 155074
cf-ray: 8ca09e75bb4e0d65-MXP
expires: Wed, 02 Apr 2025 03:24:10 GMT
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 08:11:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 getCookieValue.Dh0gWuIX.js Show response
nordvpn.com/static/ 751 B
719 B 64ms
62ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/getCookieValue.Dh0gWuIX.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93fd8b5d0a4f650fa30295931975757a7be7b5e35015c0abdd5015e85a738e2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/hoisted.BcRZYHo1.js

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
content-encoding: br
cf-cache-status: HIT
etag: W/"66f51714-2ef"
age: 155074
cf-ray: 8ca09e75bb4f0d65-MXP
expires: Wed, 02 Apr 2025 03:24:10 GMT
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 08:11:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 getExperiments.DdPq_-XE.js Show response
nordvpn.com/static/ 559 B
589 B 71ms
69ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/getExperiments.DdPq_-XE.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06eaf37ec5aa47ae5f5380de0cbd1df5ccc914c6e87b00a3ed6394f32b4c4138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/hoisted.BcRZYHo1.js

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
content-encoding: br
cf-cache-status: HIT
etag: W/"66f51714-22f"
age: 155074
cf-ray: 8ca09e75bb500d65-MXP
expires: Wed, 02 Apr 2025 03:24:10 GMT
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 08:11:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 constants.DjzmnRrj.js Show response
nordvpn.com/static/ 540 B
588 B 64ms
63ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/constants.DjzmnRrj.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5b6dc1ddac2ba2eaf7939b011ac980ce50004c73b37e92d6493da6d8e4bbfb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/hoisted.BcRZYHo1.js

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
content-encoding: br
cf-cache-status: HIT
etag: W/"66f51714-21c"
age: 155074
cf-ray: 8ca09e75bb520d65-MXP
expires: Wed, 02 Apr 2025 03:24:10 GMT
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 08:11:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 StatusBox.BDRe8qmi.js Show response
nordvpn.com/static/ 7 KB
3 KB 70ms
69ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/StatusBox.BDRe8qmi.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4df5ebd2d270dcd0b7faf487aed7a47db3696d053339fe0509cb1c8eba1e8ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
content-encoding: br
cf-cache-status: HIT
etag: W/"66f51714-1a6c"
age: 155062
cf-ray: 8ca09e75bb550d65-MXP
expires: Wed, 02 Apr 2025 03:24:10 GMT
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 08:11:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 TabsProvider.DvZZ_utm.js Show response
nordvpn.com/static/ 2 KB
1 KB 67ms
67ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/TabsProvider.DvZZ_utm.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c0059f2b07375a2edbf501889313d6c4d29e0e91d214b15319ee156ed24ed8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
content-encoding: br
cf-cache-status: HIT
etag: W/"66f51714-80e"
age: 155074
cf-ray: 8ca09e75bb560d65-MXP
expires: Wed, 02 Apr 2025 03:24:10 GMT
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 08:11:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 nordvpn-default.svg
ic.nordcdn.com/v1/https://sb.nordcdn.com/m/1431cb1f1a5ca2c9/original/ 2 KB
1 KB 55ms
54ms Image
image/svg+xml 2606:4700::6810:9c6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/https://sb.nordcdn.com/m/1431cb1f1a5ca2c9/original/nordvpn-default.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75f28438681332b67561059131289f90d029016eec52cb8fc0f2a5b37ab7d08c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 36771
x-content-type-options: nosniff
expires: Mon, 30 Sep 2024 03:24:10 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: SHzMqZwhYhAiM_2nIQcCvzqfr0tLV9gaRogoksvCIputpJtnYH4QhQ==
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: image/svg+xml
content-disposition: inline
vary: Accept-Encoding
last-modified: Fri, 27 Sep 2024 17:11:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-api-correlation-id: ecf196b2-653d-f704-64f0-74d38e76d1f6
cache-control: public, max-age=172800
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 4438d80ecceaff2bd58c75a723959ddc.cloudfront.net (CloudFront)
cf-ray: 8ca09e75f8960e1d-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
x-amz-cf-pop: MXP53-P4
server: cloudflare

GET
H2 200 table-expressvpn-logo.svg
ic.nordcdn.com/v1/https://sb.nordcdn.com/m/6a6a63c28e036c45/original/ 5 KB
3 KB 50ms
49ms Image
image/svg+xml 2606:4700::6810:9c6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/https://sb.nordcdn.com/m/6a6a63c28e036c45/original/table-expressvpn-logo.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71867ba089cf906c39bb6a75c67ee28a3f833ec3d4bb70d8e7208a47269286e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 67239
x-content-type-options: nosniff
expires: Mon, 30 Sep 2024 03:24:10 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: vt4uLdR75YenDza8iDG46YHXRL0fTj7kh35fHnuuYCGxMXnwENG2Sg==
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: image/svg+xml
content-disposition: inline
vary: Accept-Encoding
last-modified: Fri, 27 Sep 2024 08:43:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-api-correlation-id: 94ac1e3b-ed01-3bbf-f486-45a0ff9d4b60
cache-control: public, max-age=172800
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 2d79ad1754df559bcdb8cc1ffa8e62f6.cloudfront.net (CloudFront)
cf-ray: 8ca09e75f89a0e1d-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
x-amz-cf-pop: MXP53-P4
server: cloudflare

GET
H2 200 table-privatevpn-logo.svg
ic.nordcdn.com/v1/https://sb.nordcdn.com/m/5581e5a9bfc2b47a/original/ 11 KB
8 KB 55ms
54ms Image
image/svg+xml 2606:4700::6810:9c6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/https://sb.nordcdn.com/m/5581e5a9bfc2b47a/original/table-privatevpn-logo.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44d73d6b245a7f0b3f6c0c540b39d7cb75094e1b930984d23a1982709c5f5d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 67021
x-content-type-options: nosniff
expires: Mon, 30 Sep 2024 03:24:10 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: SCDQwlu43-ANjZ3b4MsNMsUjtU7WQrWODq9uTvZLlJBGnzWNutwezA==
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: image/svg+xml
content-disposition: inline
vary: Accept-Encoding
last-modified: Fri, 27 Sep 2024 08:47:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-api-correlation-id: 11f97f5e-5b4b-5138-2b70-fce987d20af2
cache-control: public, max-age=172800
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 a366fd20fbfe4c17553696da0b2bf4ee.cloudfront.net (CloudFront)
cf-ray: 8ca09e75f89d0e1d-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
x-amz-cf-pop: MXP53-P4
server: cloudflare

GET
H2 200 table-protonvpn-logo.svg
ic.nordcdn.com/v1/https://sb.nordcdn.com/m/181e90885a5e30d7/original/ 6 KB
3 KB 55ms
55ms Image
image/svg+xml 2606:4700::6810:9c6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/https://sb.nordcdn.com/m/181e90885a5e30d7/original/table-protonvpn-logo.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d392f9691ae4316fa5b8f7fbe9fa46f46d5854472cfc87ec4c265d348f47b78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 67022
x-content-type-options: nosniff
expires: Mon, 30 Sep 2024 03:24:10 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: aPbQ9xGMclYeIIXQfkxwSRel1x92HyfnHvGz_q0dkrZnpD7UEn_TYA==
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: image/svg+xml
content-disposition: inline
vary: Accept-Encoding
last-modified: Fri, 27 Sep 2024 08:47:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-api-correlation-id: 5dbf2aa8-e311-73db-b596-eaba4583ef4d
cache-control: public, max-age=172800
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 9886a995a4cb6582b02075d6a33ca978.cloudfront.net (CloudFront)
cf-ray: 8ca09e75f89f0e1d-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
x-amz-cf-pop: MXP53-P4
server: cloudflare

GET
H2 200 table-purevpn-logo.svg
ic.nordcdn.com/v1/https://sb.nordcdn.com/m/30228f737077932d/original/ 9 KB
4 KB 55ms
54ms Image
image/svg+xml 2606:4700::6810:9c6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/https://sb.nordcdn.com/m/30228f737077932d/original/table-purevpn-logo.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8e24310b0e306003276b69c77726f8c30d61ab75bc1cac841e36e999c43bb0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 67022
x-content-type-options: nosniff
expires: Mon, 30 Sep 2024 03:24:10 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: uyO54Ly9_XMYNYj8KL27VE4dy2Y2eVQCpLAIgC2WZHyC3XaFv1ewYQ==
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: image/svg+xml
content-disposition: inline
vary: Accept-Encoding
last-modified: Fri, 27 Sep 2024 08:47:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-api-correlation-id: 29f7ec84-0383-59a1-6a3a-b1bc93752cee
cache-control: public, max-age=172800
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 6e27017724d8145835604ed9e5137574.cloudfront.net (CloudFront)
cf-ray: 8ca09e75f8a00e1d-MXP
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
x-amz-cf-pop: MXP53-P4
server: cloudflare

GET
H3 200 web.D5Staf6r.js Show response
nordvpn.com/static/ 22 KB
9 KB 59ms
59ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/web.D5Staf6r.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81854351b4bcb1d3c443c5af497c86a3055b8cc2a6ee7afc33958d4ff8412465

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/Countdown.DV8NBFnC.js

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
content-encoding: br
cf-cache-status: HIT
etag: W/"66f51714-568f"
age: 155074
cf-ray: 8ca09e760b920d65-MXP
expires: Wed, 02 Apr 2025 03:24:10 GMT
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 08:11:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 StatusBar.Bsaa9k2Y.js Show response
nordvpn.com/static/ 3 KB
2 KB 69ms
68ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/StatusBar.Bsaa9k2Y.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4eb0c184758be673b4b4ae8c4523a14a885300cf758a92c8be8a2939279c6717

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
content-encoding: br
cf-cache-status: HIT
etag: W/"66f51714-d78"
age: 155074
cf-ray: 8ca09e762ba30d65-MXP
expires: Wed, 02 Apr 2025 03:24:10 GMT
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 08:11:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 constants.8WOGEVir.js Show response
nordvpn.com/static/ 824 B
647 B 171ms
170ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/constants.8WOGEVir.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95baa73896ad8205183cfb398b66b18b7a97b2e9f52595e197b254dc7ce91648

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/TabsProvider.DvZZ_utm.js

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
content-encoding: br
cf-cache-status: HIT
etag: W/"66f51714-338"
age: 155074
cf-ray: 8ca09e762ba40d65-MXP
expires: Wed, 02 Apr 2025 03:24:10 GMT
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 08:11:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 BPP2V2OU.Cs1yf8i_.js Show response
nordvpn.com/static/ 7 KB
3 KB 140ms
139ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/BPP2V2OU.Cs1yf8i_.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52afbd9c16506239b4a25df5b17fad24bf65714c07310b57f96e6392259259ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/StatusBox.BDRe8qmi.js

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
content-encoding: br
cf-cache-status: HIT
etag: W/"66f51714-1b4f"
age: 155062
cf-ray: 8ca09e762ba60d65-MXP
expires: Wed, 02 Apr 2025 03:24:10 GMT
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 08:11:00 GMT
vary: Accept-Encoding
server: cloudflare

OPTIONS
H3 204 cc
d.nordvpn.com/1/ 0
0 208ms
146ms Preflight 104.16.208.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.208.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nordvpn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://nordvpn.com
access-control-max-age: 600
cf-cache-status: DYNAMIC
cf-ray: 8ca09e76bb220e6f-MXP
content-length: 0
date: Sat, 28 Sep 2024 03:24:10 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET
H2 200 en-woff2 Show response
sb.nordcdn.com/m/1f322001e9afbdc5/original/ 139 KB
106 KB 160ms
48ms XHR
text/css 2600:9000:2644:9200:6:e337:e340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sb.nordcdn.com/m/1f322001e9afbdc5/original/en-woff2

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/static/hoisted.BcRZYHo1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2644:9200:6:e337:e340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1470fbce81226e1cf7776b3c45e31fb4cb8d7bf11a1e8c00881b1dcd3c151d37

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

content-encoding: gzip
age: 94229
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: kSHa23VDZh9_omQPuJWk_1WHfHpCo3jZp2fLC9G9oWmMr25qBARPBQ==
date: Fri, 27 Sep 2024 01:13:41 GMT
content-type: text/css
content-disposition: attachment;filename="en-woff2.css"
strict-transport-security: max-age=63072000; includeSubdomains
x-api-correlation-id: 3a45b34b-1c1b-e166-90c2-c9abe336d676
cache-control: public, max-age=172800
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 fc486e72455da7c1d3be4472dd5ba8b2.cloudfront.net (CloudFront)
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P6
server: nginx

POST
H3 202 cc
d.nordvpn.com/1/ 0
319 B 247ms
247ms Ping
text/plain 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/d/nordvpn/prod/index.js?cu=https://d.nordvpn.com/1/cc&p=nordvpn&cv=nordvpn-main@0.142.7

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-id: ea2ddc8d3410ec18c4a489f4855aaa60
access-control-max-age: 600
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-ray: 8ca09e779ccc0d65-MXP
access-control-allow-origin: https://nordvpn.com
content-length: 0
date: Sat, 28 Sep 2024 03:24:11 GMT
server: cloudflare
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H3 200 Link.jUC04TwE.js Show response
nordvpn.com/static/ 3 KB
2 KB 62ms
61ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/Link.jUC04TwE.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64041610c756b296ff9d7e794495c8d4288c1def40250cc1e3d3080b4d6ac611

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/StatusBar.Bsaa9k2Y.js

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
content-encoding: br
cf-cache-status: HIT
etag: W/"66f51714-cb8"
age: 155073
cf-ray: 8ca09e776ca90d65-MXP
expires: Wed, 02 Apr 2025 03:24:10 GMT
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 08:11:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Text.crRaZlzV.js Show response
nordvpn.com/static/ 1 KB
871 B 64ms
63ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/Text.crRaZlzV.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85beb082079eadd6791b428f7a1e9e3b904aef6d301493f4765a563946a6edf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/StatusBar.Bsaa9k2Y.js

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
content-encoding: br
cf-cache-status: HIT
etag: W/"66f51714-5cd"
age: 155073
cf-ray: 8ca09e776caa0d65-MXP
expires: Wed, 02 Apr 2025 03:24:10 GMT
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 08:11:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Tooltip.BmBVmfXZ.js Show response
nordvpn.com/static/ 2 KB
1 KB 56ms
55ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/Tooltip.BmBVmfXZ.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ceaa69b22bcab303949c1cd0897e34e5e78b49b0bf30a637ffb2c00f9283cf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/StatusBar.Bsaa9k2Y.js

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
content-encoding: br
cf-cache-status: HIT
etag: W/"66f51714-942"
age: 155073
cf-ray: 8ca09e776cab0d65-MXP
expires: Wed, 02 Apr 2025 03:24:10 GMT
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 08:11:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 buildGAExtraAttributes.DTXgp7xv.js Show response
nordvpn.com/static/ 1 KB
1 KB 58ms
57ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/buildGAExtraAttributes.DTXgp7xv.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f9befa768cf4f2401a862b6e88164783ebd32be093d45ebbe5514fcb5c8dc36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/StatusBar.Bsaa9k2Y.js

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
content-encoding: br
cf-cache-status: HIT
etag: W/"66f51714-5da"
age: 155073
cf-ray: 8ca09e776cac0d65-MXP
expires: Wed, 02 Apr 2025 03:24:10 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 08:11:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 admin-ajax.php Show response
nordvpn.com/wp-admin/ 292 B
540 B 156ms
155ms Fetch
application/json 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/wp-admin/admin-ajax.php?action=get_user_info_data

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/static/StatusBox.BDRe8qmi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb1a64fc0b432b690930ed6d77ffd5e3e305173489eda4ba3301670dbe16ec89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Response headers

x-robots-tag: noindex
content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
x-generator: front-eu-web-5
expires: Wed, 11 Jan 1984 05:00:00 GMT
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate, max-age=0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ca09e777cb20d65-MXP
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 338 KB
114 KB 60ms
60ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

120c509eb4a1abf59cbc4f0c10eba77d0e45097fb244550a731b781a8301f0ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 28 Sep 2024 03:24:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Sep 2024 03:24:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 116412
x-xss-protection: 0
server: Google Tag Manager

POST
H3 202 cc
d.nordvpn.com/1/ 0
319 B 179ms
178ms Ping
text/plain 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/d/nordvpn/prod/index.js?cu=https://d.nordvpn.com/1/cc&p=nordvpn&cv=nordvpn-main@0.142.7

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-id: 79f7262aa33a3ed2cabb4c70ad55e397
access-control-max-age: 600
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-ray: 8ca09e77acda0d65-MXP
access-control-allow-origin: https://nordvpn.com
content-length: 0
date: Sat, 28 Sep 2024 03:24:10 GMT
server: cloudflare
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

POST
H3 202 cc
d.nordvpn.com/1/ 0
319 B 171ms
170ms Ping
text/plain 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/d/nordvpn/prod/index.js?cu=https://d.nordvpn.com/1/cc&p=nordvpn&cv=nordvpn-main@0.142.7

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-id: 8dd6461716669f6c85ae02a9aae0d09c
access-control-max-age: 600
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-ray: 8ca09e77bce60d65-MXP
access-control-allow-origin: https://nordvpn.com
content-length: 0
date: Sat, 28 Sep 2024 03:24:10 GMT
server: cloudflare
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

POST
H3 202 cc
d.nordvpn.com/1/ 0
319 B 168ms
167ms Ping
text/plain 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/d/nordvpn/prod/index.js?cu=https://d.nordvpn.com/1/cc&p=nordvpn&cv=nordvpn-main@0.142.7

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-id: d4d957ea1b62e7a7df48f274dfb237cb
access-control-max-age: 600
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-ray: 8ca09e77bce90d65-MXP
access-control-allow-origin: https://nordvpn.com
content-length: 0
date: Sat, 28 Sep 2024 03:24:10 GMT
server: cloudflare
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

POST
H3 200 collect
cm.nordvpn.com/g/ 0
0 213ms
202ms Fetch 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.nordvpn.com/g/collect?v=2&tid=G-LEXMJ1N516&gtm=45je49p0v874252800za200&_p=1727493850796&gcs=G101&gcd=13p3tPp2p7l1&npa=1&dma_cps=-&dma=1&tag_exp=101671035~101747727&cid=1230531430.1727493851&ul=it-it&sr=1600x1200&_fplc=0&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&_s=1&sid=1727493850&sct=1&seg=0&dl=https%3A%2F%2Fnordvpn.com%2Fit%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%3D42fd9646b40f46a294d3a061d140f47f%26utm_campaign%3Doff20%26utm_source%3Daff69203&dt=Risparmia%20e%20ricevi%203%20mesi%20extra%20%7C%20NordVPN&en=scroll&_fv=1&_nsi=1&_ss=2&_ee=1&ep.consent_ver=v2gdpr&ep.cf_country=IT&ep.product=nordvpn&ep.version=nordvpn-main%400.142.7&ep.page_lang=IT&ep.section_id=00&ep.section_name=Header&tfd=1430

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 8ca09e781d240d65-MXP
content-length: 0
cf-cache-status: DYNAMIC
date: Sat, 28 Sep 2024 03:24:11 GMT
server: cloudflare

GET
DATA 200
OK truncated
/ 36 KB
36 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d23cbff70dd4a68416bff0bb406a57ddfb40dbce28e2eb9baa9957d2a841c1a6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 33 KB
33 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cd46bd882ff69696adb5cf7d4efba4fde6068e5265a58c019c1574751087a62

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 36 KB
36 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 428cf1a8dc0d1063a7576688d547bf7ebc70aee941fc033c659173da0d4293e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer

Response headers

Content-Type: font/woff2

GET
H3 200 admin-ajax.php Show response
nordvpn.com/wp-admin/ 292 B
540 B 3076ms
3075ms Fetch
application/json 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/wp-admin/admin-ajax.php?action=get_user_info_data

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/static/StatusBar.Bsaa9k2Y.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb1a64fc0b432b690930ed6d77ffd5e3e305173489eda4ba3301670dbe16ec89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Response headers

x-robots-tag: noindex
content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
x-generator: front-eu-web-3
expires: Wed, 11 Jan 1984 05:00:00 GMT
date: Sat, 28 Sep 2024 03:24:11 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate, max-age=0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ca09e78ad700d65-MXP
server: cloudflare

POST
H3 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
64 B 3053ms
2973ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G101&gcd=13p3t3p2p5l1&tag_exp=101671035~101686684~101747727&rnd=691619071.1727493851&url=https%3A%2F%2Fnordvpn.com%2Fit%2Fspecial%2F&dma_cps=-&dma=1&npa=1&gtm=45He49p0n71WX5CH8v6894354za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 28 Sep 2024 03:24:11 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 234 KB
84 KB 51ms
51ms Script
application/javascript 142.250.185.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-950534254&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e2089c825bb917a42e3e64cdce5fca4326541c5314ae42cd416b3e151ddd442e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sat, 28 Sep 2024 03:24:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Sep 2024 03:24:11 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 85923
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 242 KB
86 KB 61ms
60ms Script
application/javascript 142.250.185.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-386034582&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d13ae929f0cad3c5b595e939b590a92b8b8675394b03631a42554f8063d242de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sat, 28 Sep 2024 03:24:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Sep 2024 03:24:11 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 88080
x-xss-protection: 0
server: Google Tag Manager

POST
H3 202 cc
d.nordvpn.com/1/ 0
319 B 3033ms
3032ms Ping
text/plain 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/d/nordvpn/prod/index.js?cu=https://d.nordvpn.com/1/cc&p=nordvpn&cv=nordvpn-main@0.142.7

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-id: 8823732d72a79fab1077d8b51fd3811e
access-control-max-age: 600
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-ray: 8ca09e78eda00d65-MXP
access-control-allow-origin: https://nordvpn.com
content-length: 0
date: Sat, 28 Sep 2024 03:24:11 GMT
server: cloudflare
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H3 200 collect
cm.nordvpn.com/ 0
117 B 3031ms
3030ms Image
text/plain 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?ev=pv&pu=https%3A%2F%2Fnordvpn.com%2Fit%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%3D42fd9646b40f46a294d3a061d140f47f%26utm_campaign%3Doff20%26utm_source%3Daff69203&pp=%2Fit%2Fspecial%2F&pr=&pt=Risparmia%20e%20ricevi%203%20mesi%20extra%20%7C%20NordVPN&dc=desktop&gtmcb=316180067

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=42fd9646b40f46a294d3a061d140f47f&utm_campaign=off20&utm_source=aff69203

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 8ca09e78eda30d65-MXP
content-length: 0
cf-cache-status: DYNAMIC
date: Sat, 28 Sep 2024 03:24:11 GMT
server: cloudflare

POST
H3 200 collect
cm.nordvpn.com/g/ 0
0 3025ms
3023ms Fetch 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.nordvpn.com/g/collect?v=2&tid=G-LEXMJ1N516&gtm=45je49p0v874252800za200&_p=1727493850796&gcs=G101&gcd=13p3tPp2p7l1&npa=1&dma_cps=-&dma=1&tag_exp=101671035~101747727&cid=1230531430.1727493851&ul=it-it&sr=1600x1200&_fplc=0&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&sid=1727493850&sct=1&seg=0&dl=https%3A%2F%2Fnordvpn.com%2Fit%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%3D42fd9646b40f46a294d3a061d140f47f%26utm_campaign%3Doff20%26utm_source%3Daff69203&dt=Risparmia%20e%20ricevi%203%20mesi%20extra%20%7C%20NordVPN&_s=2&tfd=1579

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 8ca09e78fdad0d65-MXP
content-length: 0
cf-cache-status: DYNAMIC
date: Sat, 28 Sep 2024 03:24:11 GMT
server: cloudflare

POST
H3 200 collect
cm.nordvpn.com/g/ 0
0 223ms
223ms Fetch 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.nordvpn.com/g/collect?v=2&tid=G-LEXMJ1N516&gtm=45je49p0v874252800z86894354za200&_p=1727493850796&gcs=G101&gcd=13p3tPp2p7l1&npa=1&dma_cps=-&dma=1&tag_exp=101671035~101747727&cid=1230531430.1727493851&ul=it-it&sr=1600x1200&_fplc=0&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&sid=1727493850&sct=1&seg=0&dl=https%3A%2F%2Fnordvpn.com%2Fit%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%3D42fd9646b40f46a294d3a061d140f47f%26utm_campaign%3Doff20%26utm_source%3Daff69203&dt=Risparmia%20e%20ricevi%203%20mesi%20extra%20%7C%20NordVPN&_s=3&tfd=4613

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 8ca09e8beb990d65-MXP
content-length: 0
cf-cache-status: DYNAMIC
date: Sat, 28 Sep 2024 03:24:14 GMT
server: cloudflare

POST
H3 202 cc
d.nordvpn.com/1/ 0
319 B 174ms
173ms Ping
text/plain 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/d/nordvpn/prod/index.js?cu=https://d.nordvpn.com/1/cc&p=nordvpn&cv=nordvpn-main@0.142.7

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-id: 26cb72c13ee44c46b60a34b87f2ca09a
access-control-max-age: 600
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-ray: 8ca09e8bfba40d65-MXP
access-control-allow-origin: https://nordvpn.com
content-length: 0
date: Sat, 28 Sep 2024 03:24:14 GMT
server: cloudflare
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 220 KB
79 KB 71ms
71ms Script
application/javascript 142.250.185.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-12123059&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f5c9120d107d545b6c42cbec6e72c16609511914286b69bbd3027afb000b0a96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sat, 28 Sep 2024 03:24:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Sep 2024 03:24:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 80365
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 favicon-32x32.svg
s1.nordcdn.com/nordvpn/media/1.2234.0/images/global/favicon/ 391 B
435 B 65ms
64ms Other
image/svg+xml 2606:4700::6810:9b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2234.0/images/global/favicon/favicon-32x32.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9b6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f07ae41649f6aee6b4bfe6828ec64649140ac86dfa6c489df17444c0b8d8459

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=16070400, immutable
content-encoding: br
cf-cache-status: HIT
etag: W/"66042cfb-187"
age: 27572
cf-ray: 8ca09e8c3c000e97-MXP
access-control-allow-origin: *
date: Sat, 28 Sep 2024 03:24:14 GMT
content-type: image/svg+xml
last-modified: Wed, 27 Mar 2024 14:28:11 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 favicon-32x32.ico
s1.nordcdn.com/nordvpn/media/1.2234.0/images/global/favicon/ 41 KB
2 KB 43ms
42ms Other
image/x-icon 2606:4700::6810:9b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2234.0/images/global/favicon/favicon-32x32.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9b6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76fb3f4294c214670a9e8b8c98ebd45052a3943464856b63814c8010f609b77e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=16070400, immutable
content-encoding: br
cf-cache-status: HIT
etag: W/"66042cfb-a2be"
age: 1063
cf-ray: 8ca09e8cac4e0e97-MXP
access-control-allow-origin: *
date: Sat, 28 Sep 2024 03:24:14 GMT
content-type: image/x-icon
last-modified: Wed, 27 Mar 2024 14:28:11 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2

200

src=12123059;dc_pre=CJr4p4zY5IgDFQ9hHgIdZmIXsw;type=retar0;cat=purea0;ord=402134338673;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe49p0v9181811535z86894354za201zb...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=12123059;type=retar0;cat=purea0;ord=402134338673;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe49p0v9181811535z86...
https://ade.googlesyndication.com/ddm/activity/src=12123059;dc_pre=CJr4p4zY5IgDFQ9hHgIdZmIXsw;type=retar0;cat=purea0;ord=402134338673;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denie...

42 B
118 B

78ms
77ms

Image
image/gif

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=12123059;dc_pre=CJr4p4zY5IgDFQ9hHgIdZmIXsw;type=retar0;cat=purea0;ord=402134338673;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe49p0v9181811535z86894354za201zb6894354;gcs=G101;gcd=13p3tPp2p7l1;dma_cps=-;dma=1;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fnordvpn.com%2Fit%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%3D42fd9646b40f46a294d3a061d140f47f%26utm_campaign%3Doff20%26utm_source%3Daff69203?

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 28 Sep 2024 03:24:14 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://ade.googlesyndication.com/ddm/activity/src=12123059;dc_pre=CJr4p4zY5IgDFQ9hHgIdZmIXsw;type=retar0;cat=purea0;ord=402134338673;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe49p0v9181811535z86894354za201zb6894354;gcs=G101;gcd=13p3tPp2p7l1;dma_cps=-;dma=1;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fnordvpn.com%2Fit%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%3D42fd9646b40f46a294d3a061d140f47f%26utm_campaign%3Doff20%26utm_source%3Daff69203?
pragma: no-cache
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sat, 28 Sep 2024 03:24:14 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

POST collect
cm.nordvpn.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.nordvpn.com
URL: https://cm.nordvpn.com/g/collect?v=2&tid=G-LEXMJ1N516&gtm=45je49p0v874252800za200&_p=1727493850796&gcs=G101&gcd=13p3tPp2p7l1&npa=1&dma_cps=-&dma=1&tag_exp=101671035~101747727&cid=1230531430.1727493851&ul=it-it&sr=1600x1200&_fplc=0&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&sid=1727493850&sct=1&seg=0&dl=https%3A%2F%2Fnordvpn.com%2Fit%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%3D42fd9646b40f46a294d3a061d140f47f%26utm_campaign%3Doff20%26utm_source%3Daff69203&dt=Risparmia%20e%20ricevi%203%20mesi%20extra%20%7C%20NordVPN&_s=4&tfd=9614

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.swagtrk.com/	1970-01-20 23:51:37	Name: uniqueClick_71KJTLJT Value: 2b8d9ac4-58fb-461d-92c8-3c0036dbc976:1727493849
www.swagtrk.com/	1970-01-21 02:01:09	Name: transaction_id Value: 42fd9646b40f46a294d3a061d140f47f
go.nordvpn.net/	1970-01-20 23:53:00	Name: aff_ran_url_20 Value: 2494
go.nordvpn.net/	1970-01-21 00:49:09	Name: enc_aff_session_20 Value: ENC03d1a850c5bb4c6359b1478dd3f5fe9c34894f199bf2c907362e88286218d5a91a182d3ab8400ee5bf8c09c1c421ff0da8aaf9199730cc5a1f8050a575d9e0576183c5cc0cf1b82e5ac8336a047034cd6e2c30b381994864767c7231cd65a5874c4a88c61d7bb02e4f85191cb73b8521d9e611a188a2af68b6370d4c49c915c1730cec3ef6865948a03ea00daca01722729332b89be0377927d3dc081bc1f83cec075fb7d8
go.nordvpn.net/	1970-01-21 09:27:33	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjkiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggWDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTI5LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJpdC1JVCxpdDtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
.nordvpn.com/	1970-01-21 00:34:45	Name: aff_id Value: 69203
.nordvpn.com/	1970-01-21 00:34:45	Name: aff_transaction_id Value: 10222a47ec517236c955b4fefbe60e
.nordvpn.com/	1970-01-21 00:34:45	Name: nordvpn_aff_id Value: 69203
.nordvpn.com/	1970-01-21 00:34:45	Name: nordvpn_aff_transaction_id Value: 10222a47ec517236c955b4fefbe60e
.nordvpn.com/	1970-01-20 23:51:35	Name: __cf_bm Value: 4UjcoJnADG1ehmu49D0jJxlggZSWaTBtyiB0jkuMaEI-1727493850-1.0.1.1-ojf1yiL1Sf7kyTmmWr8BaqKZ4OPKtnQSEFmUKDVwIpd0yHMuBZRi_wCxUziVWBxzJjnbRhQCFC2nGLU4fgPAK8ozNpUxOvrXWrWfvmYzRv0
.nordvpn.com/	1970-01-21 08:37:09	Name: locale Value: it
.nordvpn.com/	1970-01-21 09:27:33	Name: nc Value: 1727528614272
.nordvpn.com/	1970-01-21 09:27:33	Name: nci Value: 26
.nordvpn.com/	1970-01-21 09:27:33	Name: consent Value: ignored%2CES
.nordcdn.com/	1970-01-20 23:51:35	Name: __cf_bm Value: 8opPlHtOkxmrOfvmrk4GpKoW0cQO.kpB8QHCAox5RVA-1727493850-1.0.1.1-La.FPUwg5pZLcroM3mpyvPj5.jkc9XtLu1hdFpb6.s_tXFBxgtYUaikWAyUphk58r2H4b2ZwUDMnq1Y7E0jAvw
.nordvpn.com/	1970-01-21 00:34:45	Name: at Value: a
.nordvpn.com/	1970-01-21 09:27:33	Name: nv_tri Value: TC_00011568740680512057_1727493850494
.nordvpn.com/	1970-01-21 00:01:38	Name: font-css-en Value: true
.nordvpn.com/	1970-01-21 09:27:33	Name: _ga Value: GA1.1.1230531430.1727493851
.nordvpn.com/	1970-01-21 09:27:33	Name: nv_trs Value: 1727493850495_1727493854053_1_6
.nordvpn.com/	1970-01-21 09:27:33	Name: _ga_LEXMJ1N516 Value: GS1.1.1727493850.1.1.1727493854.0.0.0
.nordvpn.com/	1970-01-21 04:13:38	Name: FirstSession Value: source%3Daff69203%26campaign%3Doff20%26medium%3Daffiliate%26term%3D%26content%3D42fd9646b40f46a294d3a061d140f47f%26hostname%3Dnordvpn.com%26date%3D20240928%26query%3Dnull
.nordvpn.com/	1970-01-21 04:13:38	Name: CurrentSession Value: source%3Daff69203%26campaign%3Doff20%26medium%3Daffiliate%26term%3D%26content%3D42fd9646b40f46a294d3a061d140f47f%26hostname%3Dnordvpn.com%26date%3D20240928%26query%3Dnull

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
cm.nordvpn.com
d.nordvpn.com
go.nordvpn.net
ic.nordcdn.com
nordvpn.com
pagead2.googlesyndication.com
s1.nordcdn.com
sb.nordcdn.com
visit.nordvpn.com
www.googletagmanager.com
www.swagtrk.com
cm.nordvpn.com
104.16.208.203
104.19.159.190
142.250.184.194
142.250.185.200
142.250.186.130
2600:9000:2644:9200:6:e337:e340:93a1
2606:4700::6810:9b6f
2606:4700::6810:9c6f
2a00:1450:4001:82b::2008
35.241.26.240
52.210.134.198
06eaf37ec5aa47ae5f5380de0cbd1df5ccc914c6e87b00a3ed6394f32b4c4138
097d6e813efb2eb9fbde49ca6b42dd7857fba4868a4efc2dbcf6a9593d6e47ac
0f07ae41649f6aee6b4bfe6828ec64649140ac86dfa6c489df17444c0b8d8459
120c509eb4a1abf59cbc4f0c10eba77d0e45097fb244550a731b781a8301f0ba
12cfa0eadf781e50f24dab93efc97bdbbd11984500209850461e010e558478e0
133d9660262505884ba3e7beb7b22543fdb3887633f59225c15ecb262f665e70
1470fbce81226e1cf7776b3c45e31fb4cb8d7bf11a1e8c00881b1dcd3c151d37
2f9befa768cf4f2401a862b6e88164783ebd32be093d45ebbe5514fcb5c8dc36
428cf1a8dc0d1063a7576688d547bf7ebc70aee941fc033c659173da0d4293e4
44d73d6b245a7f0b3f6c0c540b39d7cb75094e1b930984d23a1982709c5f5d57
46461084bbdbb34b6c223ca40c98a266d4016594a733ca68036a261cf4bb11fc
4a08d9af388bdf4d74e9ad1be83b25e51205cf97273d0749b483bf0442ec1893
4d392f9691ae4316fa5b8f7fbe9fa46f46d5854472cfc87ec4c265d348f47b78
4e051519cbdf661282307bdfcaffd95403333c7ffb478e5941f97580e738d40a
4eb0c184758be673b4b4ae8c4523a14a885300cf758a92c8be8a2939279c6717
506afc2ef2b3fde67c6304a98f3b302f0ab531729b0b06804b62301736e066ee
52afbd9c16506239b4a25df5b17fad24bf65714c07310b57f96e6392259259ae
57593f257a8b72ac4e339ca80af43a86b969a49f553d65a3f14e2dc1364f746d
5c0059f2b07375a2edbf501889313d6c4d29e0e91d214b15319ee156ed24ed8c
5e9b84f3831b3fbe2dc492f557d514b1caed8d575f0b484d26ae0f9543b2578e
64041610c756b296ff9d7e794495c8d4288c1def40250cc1e3d3080b4d6ac611
667202343cf34ff2c5f662962f4be5b7f10e97513f5aa6fbc803b4d640abefb9
6c7c227659998898780ee840b83f921840a62f077f526d3ff3185cebd142343f
71867ba089cf906c39bb6a75c67ee28a3f833ec3d4bb70d8e7208a47269286e7
75f28438681332b67561059131289f90d029016eec52cb8fc0f2a5b37ab7d08c
76fb3f4294c214670a9e8b8c98ebd45052a3943464856b63814c8010f609b77e
81854351b4bcb1d3c443c5af497c86a3055b8cc2a6ee7afc33958d4ff8412465
85beb082079eadd6791b428f7a1e9e3b904aef6d301493f4765a563946a6edf8
93fd8b5d0a4f650fa30295931975757a7be7b5e35015c0abdd5015e85a738e2d
95baa73896ad8205183cfb398b66b18b7a97b2e9f52595e197b254dc7ce91648
9cd46bd882ff69696adb5cf7d4efba4fde6068e5265a58c019c1574751087a62
9ceaa69b22bcab303949c1cd0897e34e5e78b49b0bf30a637ffb2c00f9283cf3
b5f822cc513de748077c29ce42d8a94e51c02134daf7dc5b9a69822936872aef
b950c1ac3b8708db9aab6a7f21039c6e5157a3b19fe644a0e8d795e25c793ec4
be71fba16305ef09fef342c1a16ede4e03b2e18baae1ea7d7108809fe67dc2bf
c8e24310b0e306003276b69c77726f8c30d61ab75bc1cac841e36e999c43bb0f
cac3b60c321f2493e73a2573f9fd876b71a9ecc7569732086e55ab501771762c
d13ae929f0cad3c5b595e939b590a92b8b8675394b03631a42554f8063d242de
d23cbff70dd4a68416bff0bb406a57ddfb40dbce28e2eb9baa9957d2a841c1a6
d4df5ebd2d270dcd0b7faf487aed7a47db3696d053339fe0509cb1c8eba1e8ac
d5b6dc1ddac2ba2eaf7939b011ac980ce50004c73b37e92d6493da6d8e4bbfb4
dc6115497e84b72902eabd532a7c2cf82ce86aa4a9b8a42aaa3ecde526e7daf1
e2089c825bb917a42e3e64cdce5fca4326541c5314ae42cd416b3e151ddd442e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5c9120d107d545b6c42cbec6e72c16609511914286b69bbd3027afb000b0a96
f98f0e70e357a57fcd80d0bebb0a6397808962f9869f907c5870402b54a64a42
fb1a64fc0b432b690930ed6d77ffd5e3e305173489eda4ba3301670dbe16ec89
fcff9741d420ec6a34f235561bf76b7fda7e1395388907c5dc4352ab94f9871e
ff1e0dfff04d33b3fae75e7423191961913ccf793a81b45189387e1efb73b62a

nordvpn.com Open in urlscan Pro 104.19.159.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

97 %HTTPS

36 %IPv6

6 Domains

12 Subdomains

10 IPs

4 Countries

1037 kBTransfer

2368 kBSize

23 Cookies

12 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nordvpn.com Open in urlscan Pro
104.19.159.190 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

97 %
HTTPS

36 %
IPv6

6
Domains

12
Subdomains

10
IPs

4
Countries

1037 kB
Transfer

2368 kB
Size

23
Cookies

60 HTTP transactions
3 data transactions