nordvpn.com Open in urlscan Pro
104.17.50.74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
Effective URL:
https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822
Submission: On December 19 via manual (December 19th 2022, 12:56:57 pm UTC) from FR — Scanned from AU

Summary HTTP 171 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 33 IPs in 7 countries across 34 domains to perform 171 HTTP transactions. The main IP is 104.17.50.74, located in and belongs to CLOUDFLARENET, US. The main domain is nordvpn.com. The Cisco Umbrella rank of the primary domain is 18021.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 4th 2022. Valid for: a year.

This is the only time nordvpn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	172.66.43.149 172.66.43.149	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.194.95 172.217.194.95	15169 (GOOGLE) (GOOGLE)
5	142.250.4.97 142.250.4.97	15169 (GOOGLE) (GOOGLE)
12	74.125.24.154 74.125.24.154	15169 (GOOGLE) (GOOGLE)
3	151.101.1.91 151.101.1.91	54113 (FASTLY) (FASTLY)
1 1	52.210.134.198 52.210.134.198	16509 (AMAZON-02) (AMAZON-02)
1 17	104.17.50.74 104.17.50.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.33.90.60 13.33.90.60	16509 (AMAZON-02) (AMAZON-02)
8	104.22.55.232 104.22.55.232	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
14	172.253.118.113 172.253.118.113	15169 (GOOGLE) (GOOGLE)
1	103.231.98.193 103.231.98.193	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	104.84.162.5 104.84.162.5	16625 (AKAMAI-AS) (AKAMAI-AS)
1	216.130.169.24 216.130.169.24	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2	23.58.140.202 23.58.140.202	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.199.241.50 23.199.241.50	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	104.254.150.228 104.254.150.228	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	54.169.66.1 54.169.66.1	16509 (AMAZON-02) (AMAZON-02)
1 1	8.2.108.175 8.2.108.175	46636 (NATCOWEB) (NATCOWEB)
1	74.125.24.155 74.125.24.155	15169 (GOOGLE) (GOOGLE)
2	142.250.4.155 142.250.4.155	15169 (GOOGLE) (GOOGLE)
1	142.251.12.157 142.251.12.157	15169 (GOOGLE) (GOOGLE)
3	142.251.10.132 142.251.10.132	15169 (GOOGLE) (GOOGLE)
2	104.84.173.189 104.84.173.189	16625 (AKAMAI-AS) (AKAMAI-AS)
1	67.199.150.81 67.199.150.81	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
6	74.125.24.132 74.125.24.132	15169 (GOOGLE) (GOOGLE)
2	142.250.4.95 142.250.4.95	15169 (GOOGLE) (GOOGLE)
2	172.253.118.94 172.253.118.94	15169 (GOOGLE) (GOOGLE)
1 1	142.251.10.154 142.251.10.154	15169 (GOOGLE) (GOOGLE)
1	13.228.111.128 13.228.111.128	16509 (AMAZON-02) (AMAZON-02)
28	104.17.168.30 104.17.168.30	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.194.155 172.217.194.155	15169 (GOOGLE) (GOOGLE)
4	172.217.194.94 172.217.194.94	15169 (GOOGLE) (GOOGLE)
3	172.217.194.147 172.217.194.147	15169 (GOOGLE) (GOOGLE)
1 2	142.251.12.149 142.251.12.149	15169 (GOOGLE) (GOOGLE)
1	23.76.212.222 23.76.212.222	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.33.90.128 13.33.90.128	16509 (AMAZON-02) (AMAZON-02)
171	33

18 172.66.43.149 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

coolrom.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.194.95 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f95.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.4.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.91 (United States)

ASN54113 (FASTLY, US)

spn-v1.revampcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.134.198 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-134-198.eu-west-1.compute.amazonaws.com

go.nordvpn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.17.50.74 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

visit.nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.90.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-90-60.sin2.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.22.55.232 (None, )

ASN13335 (CLOUDFLARENET, US)

c.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.253.118.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f113.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.231.98.193 (Japan)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.84.162.5 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-162-5.deploy.static.akamaitechnologies.com

www.aaxdetect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.130.169.24 (United States)

ASN27257 (WEBAIR-INTERNET, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.58.140.202 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-58-140-202.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.199.241.50 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-241-50.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.254.150.228 (Los Angeles, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.169.66.1 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-66-1.ap-southeast-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.108.175 (United States) 1 redirects

ASN46636 (NATCOWEB, US)

us.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net

adservice.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net

19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.84.173.189 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-173-189.deploy.static.akamaitechnologies.com

l3.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.150.81 (Los Angeles, United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.4.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.118.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.154 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.228.111.128 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-111-128.ap-southeast-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 104.17.168.30 (None, )

ASN13335 (CLOUDFLARENET, US)

s1.nordcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.194.147 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.12.149 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: se-in-f149.1e100.net

12123059.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.76.212.222 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-76-212-222.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.90.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-90-128.sin2.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	nordcdn.com s1.nordcdn.com — Cisco Umbrella Rank: 205496	342 KB
18	coolrom.com.au 1 redirects coolrom.com.au — Cisco Umbrella Rank: 206882	163 KB
17	nordvpn.com 1 redirects visit.nordvpn.com — Cisco Umbrella Rank: 656820 nordvpn.com — Cisco Umbrella Rank: 18021 cm.nordvpn.com — Cisco Umbrella Rank: 334168	67 KB
16	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192 cm.g.doubleclick.net — Cisco Umbrella Rank: 208 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 12123059.fls.doubleclick.net — Cisco Umbrella Rank: 478721	224 KB
14	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	41 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 139	65 KB
10	aaxads.com c.aaxads.com — Cisco Umbrella Rank: 2941 l3.aaxads.com — Cisco Umbrella Rank: 4424	149 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2 Failed	1 KB
5	google.com.au adservice.google.com.au — Cisco Umbrella Rank: 67184 www.google.com.au — Cisco Umbrella Rank: 25340	2 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	295 KB
4	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 449 ads.pubmatic.com — Cisco Umbrella Rank: 481 image6.pubmatic.com — Cisco Umbrella Rank: 716 simage2.pubmatic.com Failed image2.pubmatic.com Failed	24 KB
3	revampcdn.com spn-v1.revampcdn.com — Cisco Umbrella Rank: 93072	116 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 304 fonts.googleapis.com — Cisco Umbrella Rank: 37	33 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com Failed	1 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	2 KB
1	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1410	2 KB
1	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 801	342 B
1	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408	603 B
1	ck-ie.com 1 redirects us.ck-ie.com — Cisco Umbrella Rank: 4358	485 B
1	yieldmo.com 1 redirects ads.yieldmo.com — Cisco Umbrella Rank: 629	439 B
1	media.net hbx.media.net — Cisco Umbrella Rank: 1208 contextual.media.net Failed	10 KB
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1460	738 B
1	aaxdetect.com www.aaxdetect.com — Cisco Umbrella Rank: 6135	323 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 413	1 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1822	40 KB
1	nordvpn.net 1 redirects go.nordvpn.net — Cisco Umbrella Rank: 311304	2 KB
0	casalemedia.com Failed dsum-sec.casalemedia.com Failed
0	semasio.net Failed uipglob.semasio.net — Cisco Umbrella Rank: 1107 Failed
0	crwdcntrl.net Failed sync.crwdcntrl.net — Cisco Umbrella Rank: 719 Failed
0	tapad.com Failed pixel.tapad.com — Cisco Umbrella Rank: 409 Failed
0	bidswitch.net Failed x.bidswitch.net — Cisco Umbrella Rank: 282 Failed
0	rubiconproject.com Failed eus.rubiconproject.com Failed
0	googletagservices.com Failed www.googletagservices.com Failed
0	servenobid.com Failed ads.servenobid.com Failed
171	34

	Domain	Requested by
28	s1.nordcdn.com	nordvpn.com s1.nordcdn.com
18	coolrom.com.au	1 redirects coolrom.com.au
14	www.google-analytics.com	www.googletagmanager.com www.datadoghq-browser-agent.com www.google-analytics.com nordvpn.com
11	cm.nordvpn.com	nordvpn.com www.googletagmanager.com www.google-analytics.com
9	securepubads.g.doubleclick.net	coolrom.com.au securepubads.g.doubleclick.net www.datadoghq-browser-agent.com 19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com
8	c.aaxads.com	spn-v1.revampcdn.com c.aaxads.com sync.adkernel.com ads.pubmatic.com
6	tpc.googlesyndication.com	19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com securepubads.g.doubleclick.net coolrom.com.au tpc.googlesyndication.com
5	nordvpn.com	coolrom.com.au nordvpn.com s1.nordcdn.com
5	www.googletagmanager.com	coolrom.com.au nordvpn.com www.googletagmanager.com
4	www.google.com.au	nordvpn.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	www.google.com	tpc.googlesyndication.com nordvpn.com
3	19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	spn-v1.revampcdn.com	coolrom.com.au spn-v1.revampcdn.com
2	12123059.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.gstatic.com	securepubads.g.doubleclick.net
2	fonts.googleapis.com	securepubads.g.doubleclick.net 19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com
2	l3.aaxads.com
2	adservice.google.com	securepubads.g.doubleclick.net 12123059.fls.doubleclick.net
2	ib.adnxs.com	2 redirects
2	ads.pubmatic.com	c.aaxads.com ads.pubmatic.com
1	js.adsrvr.org	12123059.fls.doubleclick.net
1	servedby.flashtalking.com	12123059.fls.doubleclick.net
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	cm.g.doubleclick.net	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	pagead2.googlesyndication.com	www.datadoghq-browser-agent.com
1	adservice.google.com.au	securepubads.g.doubleclick.net
1	us.ck-ie.com	1 redirects
1	ads.yieldmo.com	1 redirects
1	hbx.media.net	c.aaxads.com
1	sync.adkernel.com	c.aaxads.com
1	www.aaxdetect.com
1	hbopenbid.pubmatic.com	spn-v1.revampcdn.com
1	id5-sync.com	spn-v1.revampcdn.com
1	www.datadoghq-browser-agent.com	spn-v1.revampcdn.com
1	visit.nordvpn.com	1 redirects
1	go.nordvpn.net	1 redirects
1	ajax.googleapis.com	coolrom.com.au
0	dsum-sec.casalemedia.com Failed	12123059.fls.doubleclick.net
0	fonts.gstatic.com Failed	fonts.googleapis.com
0	image2.pubmatic.com Failed	ads.pubmatic.com
0	uipglob.semasio.net Failed	ads.pubmatic.com
0	sync.crwdcntrl.net Failed	ads.pubmatic.com
0	pixel.tapad.com Failed	ads.pubmatic.com
0	simage2.pubmatic.com Failed	ads.pubmatic.com
0	contextual.media.net Failed	hbx.media.net
0	x.bidswitch.net Failed	hbx.media.net ads.pubmatic.com
0	eus.rubiconproject.com Failed	hbx.media.net
0	www.googletagservices.com Failed	19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com coolrom.com.au
0	ads.servenobid.com Failed	spn-v1.revampcdn.com
171	52

This site contains links to these domains. Also see Links.

Domain
my.nordaccount.com
nordlayer.com
support.nordvpn.com
account.nordvpn.com
nordpass.com
nordlocker.com
youtu.be
twitter.com
go.onelink.me
nordsecurity.com
nordvpn.org
www.facebook.com
www.linkedin.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.revampcdn.com R3	`2022-12-04` - `2023-03-04`	3 months	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2023-02-18`	a year	crt.sh
aaxads.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-12`	a year	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.aaxdetect.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G2	`2021-12-30` - `2023-01-31`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.google.com.au GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.aaxads.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh
*.nordcdn.com AlphaSSL CA - SHA256 - G2	`2022-02-21` - `2023-03-25`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-11` - `2023-11-12`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822
Frame ID: F47B32AB9CC4DE72646B16DA3D746915
Requests: 120 HTTP requests in this frame

Frame: https://c.aaxads.com/aacxs.php?flg=AAXXX4L07&fv=1&fy=37&ke=1&suylg=292%2C195%2C250%2C213%2C97%2C361%2C368%2C209%2C23%2C369%2C348%2C206%2C353%2C282%2C241%2C263%2C267%2C203%2C272%2C159%2C264%2C265%2C89%2C29%2C291%2C271%2C371%2C310%2C219%2C367%2C3004%2C229%2C251%2C231%2C356%2C380%2C167%2C249&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Frame ID: 061A83E1DAA9B30321F54407E5C06400
Requests: 4 HTTP requests in this frame

Frame: https://c.aaxads.com/aacxc.php?fv=1&yvlg=3144562086830941000V10&wbsh=nat&uhiXuo=&ylg=14546086293144562086830941000V10&ryvlg=A5397852881305038045
Frame ID: 86F342A0213D411A51104A1683D7AC2F
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3144562086830941000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D14546086293144562086830941000V10%26ryvlg%3DPM_UID
Frame ID: 9C58D92FFB6B313484ACEF5D4D51B73F
Requests: 12 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?&vsSync=1&cs=1&cid=AAXXX4L07&cmode=1&cv=35&prvid=29,97,109,251&gdpr=0&gdprconsent=0&usp_status=0&usp_consent=1&https=1
Frame ID: CEE0795562BD3E28C859FC6AE0A4B89F
Requests: 3 HTTP requests in this frame

Frame: https://19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 328936AEC88B2511B2D1C867BBA8F21B
Requests: 1 HTTP requests in this frame

Frame: https://19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 39B20671422717904ABB46B4DC9E2A0C
Requests: 5 HTTP requests in this frame

Frame: https://19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CAB0CC5F3393D77768D165C80C7E8907
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 77C727FFA2C3C2C3BBECCB303A582BA8
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Frame ID: 3A85690EB4F74D1ED2BDCCDD92E6ACC6
Requests: 4 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:726d63a0-5f92-4f00-9a52-592ba6ad9970&gdpr=0&gdpr_consent=
Frame ID: 8CB968FE6EB8085DCF144F25CBBE206B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6BfkgAFLaIxGQAF&gdpr=0&gdpr_consent=&_test=Y6BfkgAFLaIxGQAF
Frame ID: F2A149BEC8E1783E8C4A1F1E178C9837
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y8vipflgod7
Frame ID: FF2185426DE31B9CE259481F6E944ADF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8751035448487413941&gdpr=0&gdpr_consent=
Frame ID: 4D7AC8E84673E82A0A80F70069E53551
Requests: 1 HTTP requests in this frame

Frame: https://c.aaxads.com/aacxc.php?fv=1&yvlg=3144562086830941000V10&wbsh=pba&uhiXuo=&ylg=14546086293144562086830941000V10&ryvlg=D757C414-243C-4FC7-8C22-9DA265D0F5C7
Frame ID: A04DB17350F6D626CA7B7C1C0C7A6B6E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Frame ID: 4B16443DF5BB65F0613EB4F6B8ED7D97
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5A247FAFAC21F40E337A865D44C96EB1
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3A4CCC390DE4DD1544B58C16F76A6226
Requests: 1 HTTP requests in this frame

Frame: https://12123059.fls.doubleclick.net/activityi;dc_pre=CJrqgNTdhfwCFcMDtwAdKIgD5g;src=12123059;type=retar0;cat=purea0;ord=9078655899400;gtm=2wgbu0;auiddc=563421579.1671454612;~oref=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822
Frame ID: 4A0112B44A7F86BE014634ABB6E5FC0F
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The best online VPN service for speed and security | NordVPNNordVPN logo-68%-68%

Page URL History Show full URLs

https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php Page URL
https://coolrom.com.au/offers/nordvpn.php?sid=CoolROM_Alert HTTP 302
https://go.nordvpn.net/aff_c?offer_id=30&aff_id=29822&aff_sub=CoolROM_Alert HTTP 302
https://visit.nordvpn.com/?offer_id=30&aff_id=29822&aff_transaction_id=102ce257e4d5aeefbe437f9c1976c2&... HTTP 302
https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

171
Requests

82 %
HTTPS

0 %
IPv6

34
Domains

52
Subdomains

33
IPs

7
Countries

1695 kB
Transfer

4305 kB
Size

70
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://my.nordaccount.com/legal/cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://nordlayer.com/business-vpn/
Title: Business VPN

Search URL Search Domain Scan URL

URL: https://support.nordvpn.com/
Title: Help

Search URL Search Domain Scan URL

URL: https://account.nordvpn.com/oauth2/login
Title: Log in

Search URL Search Domain Scan URL

URL: https://nordpass.com/
Title: Password management

Search URL Search Domain Scan URL

URL: https://nordpass.com/business-password-manager/
Title: BusinessBusiness password solutions

Search URL Search Domain Scan URL

URL: https://nordlocker.com/
Title: Encryption with cloud storage

Search URL Search Domain Scan URL

URL: https://youtu.be/nVyuyXXwEws?t=114
Title: Watch on YouTube

Search URL Search Domain Scan URL

URL: https://youtu.be/TXLUafBNjnc?t=215
Title: Watch on YouTube

Search URL Search Domain Scan URL

URL: https://youtu.be/ev3GMJXKHSI?t=330
Title: Watch on YouTube

Search URL Search Domain Scan URL

URL: https://twitter.com/fsoonekindt/status/1478414021065859075
Title: Fabrice Soonekindt@fsoonekindtI never could've securely searched nor browsed the internet as an internaut nowadays on any of my devices the way it was meant to be: Browsing freely/ without data collection- and tracking from the start, without the help of my favourite virtual network @NordVPN Grateful for it!7:12 PM – 4 Jan 2022

Search URL Search Domain Scan URL

URL: https://twitter.com/CmDHoVeR/status/1485615200459968518
Title: Harsh@CmDHoVeR@NordVPN clearly has the BEST customer service Worldwide. You get conected to a support assistant faster than electricity. The team members are so qualified that a solution to the problem is reached even before it gets to your brains.4:07 PM – 24 Jan 2022

Search URL Search Domain Scan URL

URL: https://twitter.com/kanthalaraghu/status/1490442154334130177
Title: Kanthala Raghu@kanthalaraghuI recently started using Nord VPN was so impressed that i even bought 2 years subscription for it. Loving the service, thanks @NordVPN for helping keep internet safe and protecting privacy.11:47 PM – 6 Feb 2022

Search URL Search Domain Scan URL

URL: https://go.onelink.me/42qk/9g9tok8i

Search URL Search Domain Scan URL

URL: https://go.onelink.me/42qk/jobanbwl

Search URL Search Domain Scan URL

URL: https://nordsecurity.com/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://nordvpn.org/
Title: Social Responsibility

Search URL Search Domain Scan URL

URL: https://support.nordvpn.com/FAQ/NordVPN-setup-tutorials/
Title: Tutorials

Search URL Search Domain Scan URL

URL: https://support.nordvpn.com/FAQ/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://account.nordvpn.com/legal/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://account.nordvpn.com/legal/terms-of-service/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nordvpn/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/NordVPN/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/nord-vpn/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCSZhRxyloC-qzURiOa3vbFQ/
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nordvpn/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://nordsecurity.com/
Title: Nord Security

Search URL Search Domain Scan URL

URL: https://nordlayer.com/
Title: NordLayer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php Page URL
https://coolrom.com.au/offers/nordvpn.php?sid=CoolROM_Alert HTTP 302
https://go.nordvpn.net/aff_c?offer_id=30&aff_id=29822&aff_sub=CoolROM_Alert HTTP 302
https://visit.nordvpn.com/?offer_id=30&aff_id=29822&aff_transaction_id=102ce257e4d5aeefbe437f9c1976c2&source=&aff_sub=CoolROM_Alert&url={url} HTTP 302
https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://ib.adnxs.com/getuid?https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3144562086830941000V10%26wbsh%3Dapx%26uhiXuo%3D%26ylg%3D14546086293144562086830941000V10%26ryvlg%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fc.aaxads.com%252Faacxc.php%253Ffv%253D1%2526yvlg%253D3144562086830941000V10%2526wbsh%253Dapx%2526uhiXuo%253D%2526ylg%253D14546086293144562086830941000V10%2526ryvlg%253D%2524UID HTTP 302
https://c.aaxads.com/aacxc.php?fv=1&yvlg=3144562086830941000V10&wbsh=apx&uhiXuo=&ylg=14546086293144562086830941000V10&ryvlg=8751035448487413941

Request Chain 39

https://ads.yieldmo.com/pbsync?is=aax&gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3144562086830941000V10%26wbsh%3Dyld%26uhiXuo%3D%26ylg%3D14546086293144562086830941000V10%26ryvlg%3D%24UID HTTP 302
https://c.aaxads.com/aacxc.php?fv=1&yvlg=3144562086830941000V10&wbsh=yld&uhiXuo=&ylg=14546086293144562086830941000V10&ryvlg=g43600b14b883b51902d&gdpr=&gdpr_consent=&us_privacy=

Request Chain 40

https://us.ck-ie.com/aax936.gif?gdpr={$GDPR}&gdpr_consent={$GDPRConsent}&us_privacy={$USPrivacy}&coppa={$COPPA}&redir={$REDIR} HTTP 302
https://c.aaxads.com/aacxc.php?fv=1&wbsh=smax&ryvlg=b638fed6bc61e1ebbf4a57f76a0cf7f5c117ca7b02f3e5d385ee607d66ecd393

Request Chain 57

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
https://eus.rubiconproject.com/usync.html?p=medianet

Request Chain 58

https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1

Request Chain 59

https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f0a237bf-56f3-4e8f-9a12-d99827431513

Request Chain 69

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:726d63a0-5f92-4f00-9a52-592ba6ad9970&gdpr=0&gdpr_consent=

Request Chain 70

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y6BfkgAFLaIxGQAF HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6BfkgAFLaIxGQAF&gdpr=0&gdpr_consent=&_test=Y6BfkgAFLaIxGQAF

Request Chain 71

https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y8vipflgod7

Request Chain 72

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8751035448487413941&gdpr=0&gdpr_consent=

Request Chain 74

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=11fEFCQ8T8eMIp2iZdD1xw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 75

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=D757C414-243C-4FC7-8C22-9DA265D0F5C7 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=D757C414-243C-4FC7-8C22-9DA265D0F5C7

Request Chain 76

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=D757C414-243C-4FC7-8C22-9DA265D0F5C7&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=D757C414-243C-4FC7-8C22-9DA265D0F5C7&gdpr=0&gdpr_consent=&ct=y

Request Chain 77

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=D757C414-243C-4FC7-8C22-9DA265D0F5C7&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=D757C414-243C-4FC7-8C22-9DA265D0F5C7&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDc1N0M0MTQtMjQzQy00RkM3LThDMjItOURBMjY1RDBGNUM3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 79

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOgwAYXnCJZ_6OGPbXMzTY8&google_cver=1

Request Chain 80

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A71FA6B7FC344611BB51A29C857FAD0C

Request Chain 82

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5431c02d-c2ab-4da7-b779-1f3465f34fba&gdpr=0&gdpr_consent=

Request Chain 154

https://12123059.fls.doubleclick.net/activityi;src=12123059;type=retar0;cat=purea0;ord=9078655899400;gtm=2wgbu0;auiddc=563421579.1671454612;~oref=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822 HTTP 302
https://12123059.fls.doubleclick.net/activityi;dc_pre=CJrqgNTdhfwCFcMDtwAdKIgD5g;src=12123059;type=retar0;cat=purea0;ord=9078655899400;gtm=2wgbu0;auiddc=563421579.1671454612;~oref=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822

Request Chain 173

https://insight.adsrvr.org/track/pxl/?adv=cyfpmts&ct=0:jf8p7o8&fmt=3 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5431c02d-c2ab-4da7-b779-1f3465f34fba&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NTQzMWMwMmQtYzJhYi00ZGE3LWI3NzktMWYzNDY1ZjM0ZmJh&gdpr=0&gdpr_consent=&ttd_tdid=5431c02d-c2ab-4da7-b779-1f3465f34fba HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=5431c02d-c2ab-4da7-b779-1f3465f34fba&google_gid=CAESEDKEG9rtxD4qCuyLJjtsVq8&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=5431c02d-c2ab-4da7-b779-1f3465f34fba&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-b026NvVE2uISstsmefxnXFDLmsKNbng-~A&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=5431c02d-c2ab-4da7-b779-1f3465f34fba&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5431c02d-c2ab-4da7-b779-1f3465f34fba&expiration=1674046617&gdpr=0&gdpr_consent=

171 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Grandia_(Europe)_(Disc_1).php Show response
coolrom.com.au/roms/psx/67660/ 41 KB
12 KB 853ms
639ms Document
text/html 172.66.43.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.45
Resource Hash: a65075f9e968f2530e7bc2bba36822d3de6194d63a14e8f3c378649f7020ce13

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
access-control-allow-methods: GET, POST, UPDATE, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77c04cd5ef21a801-SYD
content-encoding: br
content-type: text/html
date: Mon, 19 Dec 2022 12:56:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ba2FU1L0xk2pGpHO4AyklFGnuxwyYFOd2fapRwbo34ZyyKR3HJgPXgq%2F87IQLlZvXDyvD0ZGIvjCRuqRRaMH2lKRiBwRISkjTYzTY9Lo%2Fjj6ripwGobXLMCoznE6BuvUqw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.4.45

GET
H2 200 style.css
coolrom.com.au/css/ 5 KB
2 KB 108ms
107ms Stylesheet
text/css 172.66.43.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coolrom.com.au/css/style.css
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9c88d196e9ff61e257364d7fe0bcb83f22efe74b2259758d333d22358cb2264

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 24 Jul 2022 01:16:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 102721
etag: W/"62dc9d50-140a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NoZkSVSBoKwLdsNFND0lKxFnJGJSlSokt5om8ZarpaYLnK3PPbCoXJbeXpqL2UvgTt45EVnITAmdrCTLkiHBg7YRgFBXog6j05cSCSW6qDllXlFOh5XpYPYlS1avoFjfvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=172800, no-transform
cf-ray: 77c04cd9ea9ba801-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 19 Dec 2022 01:32:17 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 584ms
193ms Script
text/javascript 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: coolrom.com.au
URL: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f95.1e100.net

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 03:24:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 03:24:15 GMT

GET
H3 200 jquery-scrolltofixed-min.js Show response
coolrom.com.au/js/ 4 KB
2 KB 106ms
105ms Script
application/javascript 172.66.43.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coolrom.com.au/js/jquery-scrolltofixed-min.js
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d8116044518d0810f5ba5e77f6aa06b8805b2caf2d83bcb053455800ec7c12d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 13 Dec 2013 03:03:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 138273
etag: W/"52aa78e5-f65"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QwUorUx2JuabOcmec14Z08RIfQFzjo12axVCzG9W09M%2BjqscAugcZAjizsF%2BSm7RXXOpeguP3mI9Pt%2Br4QRv5U%2F3B%2FFLLMygnLWlcB20jE9Kr0t0QckAhPbb%2BqiDy98ewA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=172800, no-transform
cf-ray: 77c04cdd5ee9aac4-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 18 Dec 2022 17:01:03 GMT

GET
H2 200 dropmenu.min.js Show response
coolrom.com.au/js/ 5 KB
2 KB 315ms
314ms Script
application/javascript 172.66.43.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coolrom.com.au/js/dropmenu.min.js
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96043f2902775b9903b1880464403573442b2abcfae52de51771388149f84147

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 27 Jan 2019 19:51:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5c4e0ba7-15b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mEZ%2Bw4f5ybkrH99ymLIJsa2Ko0GPlZVSXhOhGOMVc1rK0US80YUU47iVJan6PuOQKvdRjUKF8Kozi1HuNeyKJ7m2rr0c%2FMpPBgfdgQwczGht%2BKh9vCFZknMtpSI5LUYFNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=172800, no-transform
cf-ray: 77c04cd9fa9ca801-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Dec 2022 17:27:32 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ 109 KB
43 KB 586ms
197ms Script
application/javascript 142.250.4.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-3213938-1

Requested by

Host: coolrom.com.au
URL: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43591
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Dec 2022 12:56:47 GMT

GET
H2 200 gpt.js
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 583ms
195ms Script
text/javascript 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: coolrom.com.au
URL: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27536
x-xss-protection: 0
server: sffe
etag: "1425 / 25 of 1000 / last-modified: 1670587517"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 19 Dec 2022 12:56:47 GMT

GET
H2 200 prebid-client.js
spn-v1.revampcdn.com/prebid/coolrom/ 230 KB
67 KB 314ms
100ms Script
application/javascript 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://spn-v1.revampcdn.com/prebid/coolrom/prebid-client.js
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-version: 1.927.0
date: Mon, 19 Dec 2022 12:56:47 GMT
content-encoding: br
x-envoy-decorator-operation: svc-revamp-api-cms.revamp-api-v2.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 74701
x-cache: HIT, HIT
x-envoy-upstream-service-time: 32
x-region: NSW
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 68261
x-request-id: 80ad843f-ceb9-4fcc-914d-cdf39cb679a0
x-served-by: cache-ams12767-AMS, cache-syd10146-SYD
server: istio-envoy
x-publisher-id: coolrom
x-timer: S1671454607.414468,VS0,VE1
etag: W/"a73e66c998711b7728ebe4b09241e40c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-country-code, x-region
cache-control: max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
accept-ranges: bytes
x-country-code: AU
x-cache-hits: 393, 1

GET
H2 200 coolrom.js
spn-v1.revampcdn.com/publishers/ 213 KB
49 KB 327ms
100ms Script
application/javascript 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://spn-v1.revampcdn.com/publishers/coolrom.js?modern=1
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://coolrom.com.au/
Origin: https://coolrom.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-version: 1.933.0
date: Mon, 19 Dec 2022 12:56:47 GMT
content-encoding: br
x-envoy-decorator-operation: svc-revamp-api-cms.revamp-api-v2.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 16361
x-cache: HIT, HIT
x-envoy-upstream-service-time: 716
x-region: NSW
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 49543
x-request-id: 22b8bbc4-a7c0-4f8b-930b-c962b5533466
x-served-by: cache-ams21023-AMS, cache-syd10154-SYD
server: istio-envoy
x-publisher-id: coolrom
x-timer: S1671454607.427860,VS0,VE0
etag: W/"cdd7dbdb0f5702d0ee794452b56f45ea"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-country-code, x-region
cache-control: max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
accept-ranges: bytes
x-country-code: AU
x-cache-hits: 45, 2

GET
H3 200 logo_christmas.gif
coolrom.com.au/images/ 8 KB
8 KB 212ms
209ms Image
image/gif 172.66.43.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coolrom.com.au/images/logo_christmas.gif
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16216
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8087
last-modified: Wed, 22 Nov 2006 08:07:59 GMT
server: cloudflare
etag: "4564055f-1f97"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCEXXtgKVtpHC267jTVu7%2F1n04%2BlDl%2BM2syegCV6bghMiRh4ZwhmvnGyD%2BIz3ifR2Dkfvo1LkVy456X8e1%2Bsa8tvvJXAjm1ryZBUdxPBQiuEdiy%2Bz%2FthuCunF9AwyW5Drw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=172800, no-transform
accept-ranges: bytes
cf-ray: 77c04cdf081eaac4-SYD
expires: Wed, 21 Dec 2022 06:02:38 GMT

GET
H3 200 notavailable.jpg
coolrom.com.au/images/ 8 KB
8 KB 213ms
209ms Image
image/jpeg 172.66.43.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coolrom.com.au/images/notavailable.jpg
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 114988
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8177
last-modified: Wed, 30 Jan 2019 19:52:15 GMT
server: cloudflare
etag: "5c52006f-1ff1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ziZJjGV3fK2Jy9QWkvL%2BG%2BCEdyTS5sXyuvo1m0Oz5Q2koLLx8V7p1YgP9TaUssNYfzRP0gsCN5MWvAgMt1sP4d85htIxQpZgDCz3P5G0rEsOH36fSrtPvkxO0cbh8Z%2BcbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=172800, no-transform
accept-ranges: bytes
cf-ray: 77c04cdf0820aac4-SYD
expires: Sun, 18 Dec 2022 16:43:24 GMT

GET
H3 200 download_button2.png
coolrom.com.au/images/ 30 KB
30 KB 213ms
209ms Image
image/png 172.66.43.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coolrom.com.au/images/download_button2.png
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 128026
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30467
last-modified: Mon, 01 Apr 2019 18:47:15 GMT
server: cloudflare
etag: "5ca25cb3-7703"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8E3SUyScNqA%2FFHf5WhwcpCARG%2B7YCj3veS871RMtYFgtHL9G96JpDF4YC95R6udyaqpQjf16c2tjuA3MIpXZmw4IxcuBColnTOt6qjXEzo4IR759FGPJx%2BzZetFp%2Fj3rGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=172800, no-transform
accept-ranges: bytes
cf-ray: 77c04cdf0821aac4-SYD
expires: Sun, 18 Dec 2022 17:47:24 GMT

GET
H3 200 logo.gif
coolrom.com.au/images/ 7 KB
7 KB 312ms
308ms Image
image/gif 172.66.43.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coolrom.com.au/images/logo.gif
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 172622
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6693
last-modified: Sun, 26 Mar 2006 12:50:20 GMT
server: cloudflare
etag: "44268e0c-1a25"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkO6mo2JJZ5D8fiKsyAAi02b3rUuGfQt6jASBuvqD40yoRM1FY0V%2Fuuis2uWIZBIcPcUq6dqqYVnweSQF%2BdyMO2YhNz5sn6M6M57aO%2Fjn3uqCrHAUzjZJdiP%2FXimQT0XAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=172800, no-transform
accept-ranges: bytes
cf-ray: 77c04cdf0824aac4-SYD
expires: Sun, 18 Dec 2022 17:13:20 GMT

GET
H3 200 warning.jpg
coolrom.com.au/images/ 25 KB
26 KB 109ms
106ms Image
image/jpeg 172.66.43.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coolrom.com.au/images/warning.jpg
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44667
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25848
last-modified: Thu, 21 Jul 2022 08:51:26 GMT
server: cloudflare
etag: "62d9138e-64f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z5VfWukEWsDdfEZz0GMZFaDnZ%2Fp%2FVriHLKZbD1ucQtOf57UGBK%2BWJl6Og0yUC%2B7uJI6hyVSK%2B7lxwQ5eA7Zx4juV3GxfIwCbsUHrO4el5%2Fa3EQroNIOa2vmY2brlE%2FQ7zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=172800, no-transform
accept-ranges: bytes
cf-ray: 77c04cdf0826aac4-SYD
expires: Tue, 20 Dec 2022 16:46:48 GMT

GET
H3 200 blue_button.jpg
coolrom.com.au/images/ 12 KB
13 KB 311ms
307ms Image
image/jpeg 172.66.43.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coolrom.com.au/images/blue_button.jpg
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 139425
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12647
last-modified: Thu, 21 Jul 2022 08:43:47 GMT
server: cloudflare
etag: "62d911c3-3167"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4%2FUUJAVjkAZI7gsvlKemSPW5tkz3nOfBBJ1UQFnkuHv1TKcvMjn38Ac7AFqApZKDFjfmaaUjyMwRQjUgSF3BVuFXxpPzTRiEGox%2B7Zg6j4OhqWvC4gbEYbgtQHwCM%2FgZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=172800, no-transform
accept-ranges: bytes
cf-ray: 77c04cdf0828aac4-SYD
expires: Sun, 18 Dec 2022 16:46:44 GMT

GET
H3 200 jquery.cooki.js Show response
coolrom.com.au/js/ 3 KB
2 KB 112ms
112ms Script
application/javascript 172.66.43.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coolrom.com.au/js/jquery.cooki.js
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 631ea2bc942c1791920270ba02eef37774aa10db3994b4936a2b5f891a970ff7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 22 Jul 2022 15:02:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 136108
etag: W/"62dabbf3-c43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qws9bHvyTV149N2EjF8AWnK62eQiSaCjzJjq6MlZGZkMeup0uBf21sTAmtMbAeaS%2FgZGGTbFb1B%2B46IMHjnZi6ml83vq4T2e5eF%2B8gXWbSQLPjxCc%2FBXNLmmzKvpDjs4tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=172800, no-transform
cf-ray: 77c04cdbedd4aac4-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 18 Dec 2022 18:43:56 GMT

GET
H3 200 queue_large.png
coolrom.com.au/images/ 2 KB
2 KB 411ms
407ms Image
image/png 172.66.43.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coolrom.com.au/images/queue_large.png
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 103729
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1815
last-modified: Thu, 26 Apr 2012 08:33:37 GMT
server: cloudflare
etag: "4f990861-717"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mEp335qC0QRxxCTGRCTph8k8WU%2BVEifbaLG0PDWPxD%2BYK2TXgQcN2xUUImg0kgL9nFX3iRFgZzefw8ZVVvUO1I6edJfDHQS0oPhePjps48aPU7rZbCiOQXmhuT4Y%2BDW1kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=172800, no-transform
accept-ranges: bytes
cf-ray: 77c04cdf0829aac4-SYD
expires: Sun, 18 Dec 2022 17:44:40 GMT

GET
H3 200 star_full_small.png
coolrom.com.au/images/ 2 KB
2 KB 411ms
408ms Image
image/png 172.66.43.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coolrom.com.au/images/star_full_small.png
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6517
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1552
last-modified: Wed, 30 Jan 2019 18:29:31 GMT
server: cloudflare
etag: "5c51ed0b-610"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ayZajFzQOgkQIXWAwZ7CDip08JjMj6OLIyrcAHQ2SC8IrJV%2FnNNIx2H1bGJLxokViup8CBryzq4MhqkQVjr2%2FWhHXk4y%2BbTsUvFzgyuX%2F8IF0JYX4n3nnaz5ROsx%2BLp9aA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=172800, no-transform
accept-ranges: bytes
cf-ray: 77c04cdf082aaac4-SYD
expires: Tue, 20 Dec 2022 16:12:55 GMT

GET
H3 200 Tekken%203.jpg
coolrom.com.au/screenshots/psx/ 13 KB
14 KB 412ms
408ms Image
image/jpeg 172.66.43.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coolrom.com.au/screenshots/psx/Tekken%203.jpg
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32350
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13425
last-modified: Wed, 30 Jan 2019 19:45:01 GMT
server: cloudflare
etag: "5c51febd-3471"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7KVss8EBp4HlGJUPBsovwc4YCZZZHgOC1QtFfhC0RSN%2FEo2PPwQaPDOFOEOP0AgROpgGpV79wexG5mjZMk2jzJxRibc0MxhJ7NNoLj2ienC0PEyt2F8K4ONbIWHtxftfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=172800, no-transform
accept-ranges: bytes
cf-ray: 77c04cdf082caac4-SYD
expires: Tue, 20 Dec 2022 17:45:09 GMT

GET
H3 200 Crash%20Bandicoot.jpg
coolrom.com.au/screenshots/psx/ 16 KB
17 KB 412ms
409ms Image
image/jpeg 172.66.43.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coolrom.com.au/screenshots/psx/Crash%20Bandicoot.jpg
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 138274
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16609
last-modified: Wed, 30 Jan 2019 19:45:00 GMT
server: cloudflare
etag: "5c51febc-40e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbs2Di0OH%2Balath2ozYofxoMD09Os56EFzZ2ALndgjF%2FBPYYDeRkW9nTSg3DEJ8DAKO4LJoi5V3ACw00uG5MgRHLDZmIzjJHf%2FvA6PSCDPSUCe0JjfWa4ZXEZ5UaSqs8wA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=172800, no-transform
accept-ranges: bytes
cf-ray: 77c04cdf082daac4-SYD
expires: Sun, 18 Dec 2022 17:47:24 GMT

GET
H3 200 Jackie%20Chan%20Stuntmaster.jpg
coolrom.com.au/screenshots/psx/ 12 KB
13 KB 413ms
409ms Image
image/jpeg 172.66.43.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coolrom.com.au/screenshots/psx/Jackie%20Chan%20Stuntmaster.jpg
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89472
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12392
last-modified: Wed, 30 Jan 2019 19:44:57 GMT
server: cloudflare
etag: "5c51feb9-3068"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=efCE2Yc8iOFWkQiQB2xaNrS3Ai%2BgZs88GerZunrOODkyfBJ91cAewff%2B6pSNG5KPUOS8ne94PdtG864rVvsCZQnQ2V4LX%2Bb8Ieh7%2BR7vPJkaSnSPgYL0au1ES7iwnRmNLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=172800, no-transform
accept-ranges: bytes
cf-ray: 77c04cdf082faac4-SYD
expires: Mon, 19 Dec 2022 15:54:30 GMT

GET
H3 200 yall.min.js Show response
coolrom.com.au/js/ 3 KB
2 KB 111ms
110ms Script
application/javascript 172.66.43.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coolrom.com.au/js/yall.min.js
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f55f07029a3fb464d3ef67a0e9cbfa5bba081d4e79506e2cd620e71fbc69faa6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 05 Jan 2019 00:35:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 136108
etag: W/"5c2ffbc4-cea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ft5tGQ8lu9iizCw9M%2BkfyRoN890YXeeeGI9gKXBXV7f0TnBuZ6T78rOZ4IDFjtyIDIilArd0%2F0ofbb%2FpD4SJ0cZhXgdo2V7sCfT02EL1mcU0vAPDy5K7xYrC0WKK4OR0rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=172800, no-transform
cf-ray: 77c04cdcae70aac4-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 18 Dec 2022 17:01:14 GMT

GET
H2

200

Primary Request / Show response
nordvpn.com/
Redirect Chain

https://coolrom.com.au/offers/nordvpn.php?sid=CoolROM_Alert
https://go.nordvpn.net/aff_c?offer_id=30&aff_id=29822&aff_sub=CoolROM_Alert
https://visit.nordvpn.com/?offer_id=30&aff_id=29822&aff_transaction_id=102ce257e4d5aeefbe437f9c1976c2&source=&aff_sub=CoolROM_Alert&url={url}
https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

329 KB
54 KB

441ms
434ms

Document
text/html

104.17.50.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Requested by

Host: coolrom.com.au
URL: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.50.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74d583b7442128b0113182ff1bb5738ac0b1b672cf136cc6a9a9e6fd747fca28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://coolrom.com.au/roms/psx/67660/Grandia_(Europe)_(Disc_1).php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: public, max-age=1800
cf-cache-status: MISS
cf-ray: 77c04cf25956aaf6-SYD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 19 Dec 2022 12:56:50 GMT
expires: Mon, 19 Dec 2022 13:26:50 GMT
last-modified: Mon, 19 Dec 2022 12:56:50 GMT
link: <https://nordvpn.com/>; rel=shortlink
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: HIT
x-frame-options: SAMEORIGIN
x-generator: front-au-web-2

Redirect headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 77c04cec7cd1aaf6-SYD
date: Mon, 19 Dec 2022 12:56:50 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
location: https://nordvpn.com?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET
H2 200 datadog-rum-v4.js
www.datadoghq-browser-agent.com/ 127 KB
40 KB 627ms
224ms Script
application/javascript 13.33.90.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by: Host: spn-v1.revampcdn.com
URL: https://spn-v1.revampcdn.com/publishers/coolrom.js?modern=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.90.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-90-60.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:09 GMT
content-encoding: br
via: 1.1 9f7a987f61c1e9f7d25cd5462f22a14a.cloudfront.net (CloudFront)
last-modified: Thu, 15 Dec 2022 09:55:03 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2
age: 39
etag: W/"ffc4627ad2b2865dc2d4d24f7ebad9f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: gHuyB7g4qrJXq0-jooHIzIekiUccXDszR97HXOQDO4njK8ljgOgQHg==

HEAD
H3 200 coolrom.js
spn-v1.revampcdn.com/publishers/ 0
0 205ms
101ms Fetch
application/javascript 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://spn-v1.revampcdn.com/publishers/coolrom.js?modern=1
Requested by: Host: spn-v1.revampcdn.com
URL: https://spn-v1.revampcdn.com/publishers/coolrom.js?modern=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-version: 1.933.0
date: Mon, 19 Dec 2022 12:56:47 GMT
content-encoding: br
x-envoy-decorator-operation: svc-revamp-api-cms.revamp-api-v2.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 16361
x-cache: HIT, HIT
x-envoy-upstream-service-time: 716
x-region: NSW
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 49543
x-request-id: 22b8bbc4-a7c0-4f8b-930b-c962b5533466
x-served-by: cache-ams21023-AMS, cache-syd10145-SYD
server: istio-envoy
x-publisher-id: coolrom
x-timer: S1671454608.770650,VS0,VE1
etag: W/"cdd7dbdb0f5702d0ee794452b56f45ea"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-country-code, x-region
cache-control: max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
accept-ranges: bytes
x-country-code: AU
x-cache-hits: 45, 1

GET
H2 200 aax.js
c.aaxads.com/ 485 KB
137 KB 358ms
150ms Script
text/javascript 104.22.55.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aax.js?pub=AAXXX4L07&hst=coolrom.com.au&ver=1.2

Requested by

Host: spn-v1.revampcdn.com
URL: https://spn-v1.revampcdn.com/publishers/coolrom.js?modern=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.55.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:47 GMT
strict-transport-security: max-age=604800
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=1800
cf-ray: 77c04ce35f83a7ff-SYD
expires: Mon, 19 Dec 2022 13:26:47 GMT

POST
H/1.1 200 691.json
id5-sync.com/g/v2/ 494 B
1 KB 1152ms
382ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/691.json

Requested by

Host: spn-v1.revampcdn.com
URL: https://spn-v1.revampcdn.com/prebid/coolrom/prebid-client.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://coolrom.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Dec 2022 12:56:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://coolrom.com.au
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET
H2 200 analytics.js
www.google-analytics.com/ 49 KB
20 KB 580ms
193ms Script
text/javascript 172.253.118.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3213938-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 12:42:33 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 855
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 19 Dec 2022 14:42:33 GMT

POST adreq
ads.servenobid.com/ 0
0

POST
H2 204 translator
hbopenbid.pubmatic.com/ 0
115 B 941ms
312ms XHR
text/plain 103.231.98.193
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: spn-v1.revampcdn.com
URL: https://spn-v1.revampcdn.com/prebid/coolrom/prebid-client.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://coolrom.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://coolrom.com.au
date: Mon, 19 Dec 2022 12:56:47 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 495ms
193ms Script
text/javascript 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327111
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131905
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 09:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Dec 2023 18:04:57 GMT

GET
H3 200 ppub_config
securepubads.g.doubleclick.net/pagead/ 386 B
179 B 583ms
196ms XHR
application/json 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=coolrom.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 154
x-xss-protection: 0
expires: Mon, 19 Dec 2022 12:56:48 GMT

GET
H2 200 aacxs.php
c.aaxads.com/ Frame 061A 26 KB
10 KB 339ms
339ms Document
text/html 104.22.55.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aacxs.php?flg=AAXXX4L07&fv=1&fy=37&ke=1&suylg=292%2C195%2C250%2C213%2C97%2C361%2C368%2C209%2C23%2C369%2C348%2C206%2C353%2C282%2C241%2C263%2C267%2C203%2C272%2C159%2C264%2C265%2C89%2C29%2C291%2C271%2C371%2C310%2C219%2C367%2C3004%2C229%2C251%2C231%2C356%2C380%2C167%2C249&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0

Requested by

Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAXXX4L07&hst=coolrom.com.au&ver=1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.55.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://coolrom.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=172800
cf-cache-status: DYNAMIC
cf-ray: 77c04ce5f979a7ff-SYD
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 19 Dec 2022 12:56:48 GMT
expires: Wed, 21 Dec 2022 12:56:48 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: cloudflare
strict-transport-security: max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 pxusr.gif
c.aaxads.com/ 43 B
223 B 106ms
105ms Image
image/gif 104.22.55.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/pxusr.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.55.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 19 Dec 2022 12:56:48 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
last-modified: Mon, 26 Feb 2018 13:29:58 GMT
server: cloudflare
age: 505747
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=1080823
accept-ranges: bytes
cf-ray: 77c04ce5f97ba7ff-SYD
content-length: 43
expires: Mon, 26 Dec 2022 04:41:24 GMT

GET
H/1.1 200
OK pxext.gif
www.aaxdetect.com/ 43 B
323 B 756ms
243ms Image
image/gif 104.84.162.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aaxdetect.com/pxext.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.162.5 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-162-5.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 12:56:48 GMT
Last-Modified: Mon, 26 Feb 2018 13:29:58 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=471890
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 25 Dec 2022 00:01:38 GMT

POST
H2 200 collect
www.google-analytics.com/j/ 1 B
205 B 494ms
193ms XHR
text/plain 172.253.118.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1181226364&t=pageview&_s=1&dl=https%3A%2F%2Fcoolrom.com.au%2Froms%2Fpsx%2F67660%2FGrandia_(Europe)_(Disc_1).php&ul=en-us&de=UTF-8&dt=Grandia%20(Europe)%20(Disc%201)%20ROM%20(ISO)%20Sony%20Playstation%20%2F%20PSX%20-%20CoolROM.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=50199016&gjid=533091766&cid=1188337091.1671454608&tid=UA-3213938-1&_gid=1056162096.1671454608&_r=1&gtm=2oubu0&z=963851821

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://coolrom.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 12:56:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://coolrom.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK user-sync
sync.adkernel.com/ Frame 86F3 411 B
738 B 610ms
197ms Document
text/html 216.130.169.24
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=64583&r=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3144562086830941000V10%26wbsh%3Dnat%26uhiXuo%3D%26ylg%3D14546086293144562086830941000V10%26ryvlg%3D%7BUID%7D
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXXX4L07&fv=1&fy=37&ke=1&suylg=292%2C195%2C250%2C213%2C97%2C361%2C368%2C209%2C23%2C369%2C348%2C206%2C353%2C282%2C241%2C263%2C267%2C203%2C272%2C159%2C264%2C265%2C89%2C29%2C291%2C271%2C371%2C310%2C219%2C367%2C3004%2C229%2C251%2C231%2C356%2C380%2C167%2C249&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.130.169.24 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://c.aaxads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: close
Content-Length: 411
Content-Type: text/html; charset=utf-8
Date: Mon, 19 Dec 2022 12:56:49 GMT
Pragma: no-cache
Server: nginx

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9C58 16 KB
6 KB 605ms
199ms Document
text/html 23.58.140.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3144562086830941000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D14546086293144562086830941000V10%26ryvlg%3DPM_UID
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXXX4L07&fv=1&fy=37&ke=1&suylg=292%2C195%2C250%2C213%2C97%2C361%2C368%2C209%2C23%2C369%2C348%2C206%2C353%2C282%2C241%2C263%2C267%2C203%2C272%2C159%2C264%2C265%2C89%2C29%2C291%2C271%2C371%2C310%2C219%2C367%2C3004%2C229%2C251%2C231%2C356%2C380%2C167%2C249&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.58.140.202 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-58-140-202.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://c.aaxads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=46533
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Mon, 19 Dec 2022 12:56:49 GMT
expires: Tue, 20 Dec 2022 01:52:22 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 checksync.php
hbx.media.net/ Frame CEE0 27 KB
10 KB 810ms
408ms Document
text/html 23.199.241.50
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/checksync.php?&vsSync=1&cs=1&cid=AAXXX4L07&cmode=1&cv=35&prvid=29,97,109,251&gdpr=0&gdprconsent=0&usp_status=0&usp_consent=1&https=1

Requested by

Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXXX4L07&fv=1&fy=37&ke=1&suylg=292%2C195%2C250%2C213%2C97%2C361%2C368%2C209%2C23%2C369%2C348%2C206%2C353%2C282%2C241%2C263%2C267%2C203%2C272%2C159%2C264%2C265%2C89%2C29%2C291%2C271%2C371%2C310%2C219%2C367%2C3004%2C229%2C251%2C231%2C356%2C380%2C167%2C249&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.241.50 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-241-50.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer: https://c.aaxads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9717
content-type: text/html; charset=UTF-8
date: Mon, 19 Dec 2022 12:56:49 GMT
expires: Wed, 21 Dec 2022 12:56:49 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=86400 ; includeSubDomains max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2

200

aacxc.php
c.aaxads.com/ Frame 061A
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3144562086830941000V10%26wbsh%3Dapx%26uhiXuo%3D%26ylg%3D14546086293144562086830941000V10%26ryvlg%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fc.aaxads.com%252Faacxc.php%253Ffv%253D1%2526yvlg%253D3144562086830941000V10%2526wbsh%253Dapx%2526uhiXuo%253D%2526ylg%253D1454608629314456...
https://c.aaxads.com/aacxc.php?fv=1&yvlg=3144562086830941000V10&wbsh=apx&uhiXuo=&ylg=14546086293144562086830941000V10&ryvlg=8751035448487413941

69 B
220 B

119ms
119ms

Image
image/gif

104.22.55.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/aacxc.php?fv=1&yvlg=3144562086830941000V10&wbsh=apx&uhiXuo=&ylg=14546086293144562086830941000V10&ryvlg=8751035448487413941

Requested by

Protocol

Server

104.22.55.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://c.aaxads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 12:56:49 GMT
strict-transport-security: max-age=604800
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
cf-ray: 77c04ceed907a7ff-SYD
content-length: 69
x-mnet-hl2: E
expires: Mon, 19 Dec 2022 12:56:49 GMT

Redirect headers

Date: Mon, 19 Dec 2022 12:56:49 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 173.245.209.117; 173.245.209.117; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9e90441f-103f-4607-bc77-dac16d3e86c3
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://c.aaxads.com/aacxc.php?fv=1&yvlg=3144562086830941000V10&wbsh=apx&uhiXuo=&ylg=14546086293144562086830941000V10&ryvlg=8751035448487413941
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

aacxc.php
c.aaxads.com/ Frame 061A
Redirect Chain

https://ads.yieldmo.com/pbsync?is=aax&gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3144562086830941000V10%26wbsh%3Dyld%26uhiXuo%3D%26ylg%3D14...
https://c.aaxads.com/aacxc.php?fv=1&yvlg=3144562086830941000V10&wbsh=yld&uhiXuo=&ylg=14546086293144562086830941000V10&ryvlg=g43600b14b883b51902d&gdpr=&gdpr_consent=&us_privacy=

69 B
220 B

118ms
118ms

Image
image/gif

104.22.55.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/aacxc.php?fv=1&yvlg=3144562086830941000V10&wbsh=yld&uhiXuo=&ylg=14546086293144562086830941000V10&ryvlg=g43600b14b883b51902d&gdpr=&gdpr_consent=&us_privacy=

Requested by

Protocol

Server

104.22.55.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://c.aaxads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 12:56:49 GMT
strict-transport-security: max-age=604800
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
cf-ray: 77c04cec4f38a7ff-SYD
content-length: 69
x-mnet-hl2: E
expires: Mon, 19 Dec 2022 12:56:49 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 12:56:49 GMT
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://c.aaxads.com/aacxc.php?fv=1&yvlg=3144562086830941000V10&wbsh=yld&uhiXuo=&ylg=14546086293144562086830941000V10&ryvlg=g43600b14b883b51902d&gdpr=&gdpr_consent=&us_privacy=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H2

200

aacxc.php
c.aaxads.com/ Frame 061A
Redirect Chain

https://us.ck-ie.com/aax936.gif?gdpr={$GDPR}&gdpr_consent={$GDPRConsent}&us_privacy={$USPrivacy}&coppa={$COPPA}&redir={$REDIR}
https://c.aaxads.com/aacxc.php?fv=1&wbsh=smax&ryvlg=b638fed6bc61e1ebbf4a57f76a0cf7f5c117ca7b02f3e5d385ee607d66ecd393

69 B
251 B

113ms
113ms

Image
image/gif

104.22.55.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/aacxc.php?fv=1&wbsh=smax&ryvlg=b638fed6bc61e1ebbf4a57f76a0cf7f5c117ca7b02f3e5d385ee607d66ecd393

Requested by

Protocol

Server

104.22.55.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://c.aaxads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 12:56:49 GMT
strict-transport-security: max-age=604800
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
cf-ray: 77c04cee48a0a7ff-SYD
content-length: 69
x-mnet-hl2: E
expires: Mon, 19 Dec 2022 12:56:49 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 12:56:49 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://c.aaxads.com/aacxc.php?fv=1&wbsh=smax&ryvlg=b638fed6bc61e1ebbf4a57f76a0cf7f5c117ca7b02f3e5d385ee607d66ecd393
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 integrator.js
adservice.google.com.au/adsid/ 107 B
792 B 590ms
194ms Script
application/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=coolrom.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js
adservice.google.com/adsid/ 107 B
549 B 587ms
197ms Script
application/javascript 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=coolrom.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ 98 KB
30 KB 638ms
638ms XHR
text/plain 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=174596903661799&correlator=2828415784691301&eid=31070873%2C31071197&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=5302%3A22658400375%2CTD-desktop%2Ccoolrom%2Ccoolrom-en-defaultpage%2CATF_OOP_Interstitial&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ifi=1&adks=3462582785&didk=1799906797&sfv=1-0-40&ists=1&fas=8&prev_scp=pos%3Dtop%26countryCluster%3DA2%26td-slot%3Dgpt-interstitial%26type%3DOOP_Display_Interstitial%26hvi%3Dfalse&eri=1&cust_params=personalized%3D1%26ab_upr%3D3%26segments%3D%26medium%3Dorganic%26campaign%3D%26source%3Dnone%26medium_campaign%3Dorganic%26medium_source%3Dorganic-none&sc=1&cookie_enabled=1&abxe=1&dt=1671454608837&lmt=1671454608&dlt=1671454606335&idt=2465&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcoolrom.com.au%2Froms%2Fpsx%2F67660%2FGrandia_(Europe)_(Disc_1).php&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1188337091.1671454608&ga_sid=1671454609&ga_hid=1181226364&ga_fc=true

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30405
x-xss-protection: 0
google-lineitem-id: 6064577988
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138398354309
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://coolrom.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ 24 KB
10 KB 265ms
264ms XHR
text/plain 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=174596903661799&correlator=1548629191821759&eid=31070873%2C31071197&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=5302%3A22658400375%2CTD-desktop%2Ccoolrom%2Ccoolrom-en-defaultpage%2CATF_OOP_SlideIn&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50&fluid=height&ifi=2&adks=271163039&didk=3269354892&sfv=1-0-40&prev_scp=pos%3Dtop%26countryCluster%3DA2%26td-slot%3Datf-oop-slidein%26type%3Dnative_slidein%26hvi%3Dfalse%26slb_trigger_onscroll%3Dfalse&eri=1&cust_params=personalized%3D1%26ab_upr%3D3%26segments%3D%26medium%3Dorganic%26campaign%3D%26source%3Dnone%26medium_campaign%3Dorganic%26medium_source%3Dorganic-none&sc=1&cookie_enabled=1&abxe=1&dt=1671454608844&lmt=1671454608&dlt=1671454606335&idt=2465&adxs=-460&adys=1120&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcoolrom.com.au%2Froms%2Fpsx%2F67660%2FGrandia_(Europe)_(Disc_1).php&frm=20&vis=1&psz=430x-1&msz=430x-1&fws=516&ohw=454&ga_vid=1188337091.1671454608&ga_sid=1671454609&ga_hid=1181226364&ga_fc=true

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10303
x-xss-protection: 0
google-lineitem-id: 5686429621
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138363502967
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://coolrom.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ 25 KB
10 KB 586ms
586ms XHR
text/plain 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=174596903661799&correlator=4378623595548443&eid=31070873%2C31071197&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=5302%3A22658400375%2CTD-desktop%2Ccoolrom%2Ccoolrom-en-defaultpage%2CATF_Leaderboard_Sticky&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x100%7C500x90%7C468x60%7C468x90%7C728x90%7C750x100%7C970x90&ifi=3&adks=2245413831&didk=2753141582&sfv=1-0-40&prev_scp=pos%3Dtop%26countryCluster%3DA2%26td-slot%3Dcustom-stickylb%26type%3Dbottom_sticky_leaderboard%26hvi%3Dfalse&eri=1&cust_params=personalized%3D1%26ab_upr%3D3%26segments%3D%26medium%3Dorganic%26campaign%3D%26source%3Dnone%26medium_campaign%3Dorganic%26medium_source%3Dorganic-none&sc=1&cookie_enabled=1&abxe=1&dt=1671454608847&lmt=1671454608&dlt=1671454606335&idt=2465&adxs=316&adys=2430&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcoolrom.com.au%2Froms%2Fpsx%2F67660%2FGrandia_(Europe)_(Disc_1).php&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=512&ohw=0&ga_vid=1188337091.1671454608&ga_sid=1671454609&ga_hid=1181226364&ga_fc=true

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10594
x-xss-protection: 0
google-lineitem-id: 5831105967
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138370796198
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://coolrom.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 592ms
200ms XHR
application/json 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11272
x-xss-protection: 0

GET
H2 200 container.html
19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3289 6 KB
3 KB 592ms
196ms Document
text/html 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coolrom.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 12:56:49 GMT
expires: Tue, 19 Dec 2023 12:56:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022120501.js
securepubads.g.doubleclick.net/gpt/ 37 KB
14 KB 194ms
193ms Script
text/javascript 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022120501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:53:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324185
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14011
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 09:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Dec 2023 18:53:43 GMT

GET
H/1.1 200
OK log
l3.aaxads.com/ 35 B
296 B 812ms
248ms Image
image/gif 104.84.173.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&wHos=808&dgw=desktop&flg=AAXXX4L07&fw=SYDNEY&ff=AU&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=coolrom.com.au&vhuyqdph=ssp-serving-54794f6b58-x5g8d&vyu=121511_501_121410_471_ssp&vf=NSW&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001671454608345029185683099712&vvsDeExfnhw=CONTROL&oz=1&gdss=green&lwbshlg=6&vg=5&dgeg=0&qsd=0&jgsu_hqi=1&fvha=0&jgivwu=NNN&jgsu=0&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&wfi_dsl=0&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=false&xvs_vwulqj=1YN-&xifd=12&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_control&deg=2&fdeg=0&gdeg=2&ghqg=799&fhqg=22&hqg=42&gvwduw=22&fvwduw=22&vwduw=22&uhtxuo=https%3A%2F%2Fcoolrom.com.au%2Froms%2Fpsx%2F67660%2FGrandia_(Europe)_(Disc_1).php&nzui=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.173.189 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-173-189.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 12:56:49 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Mon, 19 Dec 2022 12:56:49 GMT

GET
H2 200 container.html
19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 39B2 6 KB
3 KB 279ms
197ms Document
text/html 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coolrom.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 12:56:49 GMT
expires: Tue, 19 Dec 2023 12:56:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 PugMaster
image6.pubmatic.com/AdServer/ Frame 9C58 2 KB
3 KB 610ms
201ms Script
text/html 67.199.150.81
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=48676269&p=158984&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3144562086830941000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D14546086293144562086830941000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.81 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 19 Dec 2022 12:56:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 aacxc.php
c.aaxads.com/ Frame 86F3 69 B
369 B 115ms
115ms Document
image/gif 104.22.55.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aacxc.php?fv=1&yvlg=3144562086830941000V10&wbsh=nat&uhiXuo=&ylg=14546086293144562086830941000V10&ryvlg=A5397852881305038045

Requested by

Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=64583&r=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3144562086830941000V10%26wbsh%3Dnat%26uhiXuo%3D%26ylg%3D14546086293144562086830941000V10%26ryvlg%3D%7BUID%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.55.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://sync.adkernel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 77c04cec3f2ea7ff-SYD
content-length: 69
content-type: image/gif
date: Mon, 19 Dec 2022 12:56:49 GMT
expires: Mon, 19 Dec 2022 12:56:49 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=604800
x-mnet-hl2: E

GET
H2 200 container.html
19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CAB0 6 KB
3 KB 194ms
193ms Document
text/html 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coolrom.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 12:56:49 GMT
expires: Tue, 19 Dec 2023 12:56:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 39B2 24 KB
6 KB 636ms
246ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com
URL: https://19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 05:22:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27230
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 19 Dec 2023 05:22:59 GMT

GET
H2 200 13269334533242779079
tpc.googlesyndication.com/simgad/ Frame 39B2 1 KB
2 KB 626ms
236ms Image
image/png 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13269334533242779079?

Requested by

Host: 19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com
URL: https://19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 11:19:19 GMT
x-content-type-options: nosniff
age: 178650
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1430
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 08:47:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Dec 2023 11:19:19 GMT

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 39B2 0
0

GET

usync.html
eus.rubiconproject.com/ Frame 77C7
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
https://eus.rubiconproject.com/usync.html?p=medianet

0
0

GET

sync
x.bidswitch.net/ul_cb/ Frame CEE0
Redirect Chain

https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1

0
0

GET

cksync.php
contextual.media.net/ Frame CEE0
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f0a237bf-56f3-4e8f-9a12-d99827431513

0
0

GET
H2 200 sodar2.js
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 823ms
447ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Dec 2022 12:56:49 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 3A85 4 KB
1 KB 584ms
194ms Stylesheet
text/css 142.250.4.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f95.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Dec 2022 12:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 12:54:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Dec 2022 12:56:50 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3A85 205 B
296 B 584ms
194ms Image
image/png 172.253.118.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f94.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:54:07 GMT
x-content-type-options: nosniff
age: 144163
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 17 Dec 2023 20:54:07 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3A85 604 B
1 KB 583ms
193ms Image
image/png 172.253.118.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f94.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 14:42:01 GMT
x-content-type-options: nosniff
age: 166489
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 17 Dec 2023 14:42:01 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 3A85 19 KB
8 KB 415ms
194ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 18:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65791
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8084
x-xss-protection: 0
server: cafe
etag: 2222875591315018765
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Jan 2023 18:40:18 GMT

GET
H2 200 ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CAB0 24 KB
7 KB 418ms
213ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com
URL: https://19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 05:22:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27230
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 19 Dec 2023 05:22:59 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CAB0 4 KB
694 B 557ms
195ms Stylesheet
text/css 142.250.4.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&lang=en

Requested by

Host: 19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com
URL: https://19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f95.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Dec 2022 12:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 12:34:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Dec 2022 12:56:50 GMT

GET
H2 200 12444116532471404824
tpc.googlesyndication.com/simgad/ Frame CAB0 16 KB
16 KB 588ms
385ms Image
image/jpeg 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12444116532471404824?

Requested by

Host: 19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com
URL: https://19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:53:58 GMT
x-content-type-options: nosniff
age: 324171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16235
x-xss-protection: 0
last-modified: Fri, 14 May 2021 07:12:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Dec 2023 18:53:58 GMT

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CAB0 0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 8CB9
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:726d63a0-5f92-4f00-9a52-592ba6ad9970&gdpr=0&gdpr_consent=

0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame F2A1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6BfkgAFLaIxGQAF&gdpr=0&gdpr_consent=&_test=Y6BfkgAFLaIxGQAF

0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame FF21
Redirect Chain

https://cm.ambientdsp.com/cm/send?vc=pmj
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y8vipflgod7

0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 4D7A
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8751035448487413941&gdpr=0&gdpr_consent=

0
0

GET
H2 200 aacxc.php
c.aaxads.com/ Frame A04D 69 B
233 B 124ms
121ms Document
image/gif 104.22.55.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aacxc.php?fv=1&yvlg=3144562086830941000V10&wbsh=pba&uhiXuo=&ylg=14546086293144562086830941000V10&ryvlg=D757C414-243C-4FC7-8C22-9DA265D0F5C7

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3144562086830941000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D14546086293144562086830941000V10%26ryvlg%3DPM_UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.55.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 77c04cf019f6a7ff-SYD
content-length: 69
content-type: image/gif
date: Mon, 19 Dec 2022 12:56:49 GMT
expires: Mon, 19 Dec 2022 12:56:49 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=604800
x-mnet-hl2: E

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9C58
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=11fEFCQ8T8eMIp2iZdD1xw%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

199ms
199ms

Image
text/html

23.58.140.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3144562086830941000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D14546086293144562086830941000V10%26ryvlg%3DPM_UID
Protocol: H2
Server: 23.58.140.202 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-58-140-202.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:50 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=46532
accept-ranges: bytes
content-length: 5554
expires: Tue, 20 Dec 2022 01:52:22 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 12:56:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

check
pixel.tapad.com/idsync/ex/receive/ Frame 9C58
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=D757C414-243C-4FC7-8C22-9DA265D0F5C7
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=D757C414-243C-4FC7-8C22-9DA265D0F5C7

0
0

GET

qmap
sync.crwdcntrl.net/ Frame 9C58
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=D757C414-243C-4FC7-8C22-9DA265D0F5C7&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=D757C414-243C-4FC7-8C22-9DA265D0F5C7&gdpr=0&gdpr_consent=&ct=y

0
0

GET

info2
uipglob.semasio.net/pubmatic/1/ Frame 9C58
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=D757C414-243C-4FC7-8C22-9DA265D0F5C7&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=D757C414-243C-4FC7-8C22-9DA265D0F5C7&sInitiator=external&gdpr=0&gdpr_consent=

0
0

GET

Pug
image2.pubmatic.com/AdServer/ Frame 9C58
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDc1N0M0MTQtMjQzQy00RkM3LThDMjItOURBMjY1RDBGNUM3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

0
0

GET

Pug
image2.pubmatic.com/AdServer/ Frame 9C58
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOgwAYXnCJZ_6OGPbXMzTY8&google_cver=1

0
0

GET

Pug
image2.pubmatic.com/AdServer/ Frame 9C58
Redirect Chain

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A71FA6B7FC344611BB51A29C857FAD0C

0
0

GET
H2 200 D757C414-243C-4FC7-8C22-9DA265D0F5C7
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9C58 43 B
603 B 608ms
204ms Image
image/gif 13.228.111.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/D757C414-243C-4FC7-8C22-9DA265D0F5C7?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.228.111.128 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-228-111-128.ap-southeast-1.compute.amazonaws.com

Software

ATS /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 9C58
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5431c02d-c2ab-4da7-b779-1f3465f34fba&gdpr=0&gdpr_consent=

0
0

GET sync
x.bidswitch.net/ Frame 9C58 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CAB0 0
0 199ms
198ms Fetch
image/gif 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlfEeK1lkemKx_yKUpIj1JXmKCg7e33Sw3JR-hhfL77k085iM9TqV3THOJoZUeKj0RF7b5nFc8pln0_gEi8otOYA2qeRkF3CtU74kMq-qFhGb64lKa4eOjS6lFeYegtDaMerQ-Kv5Bdu-d-bNq6PbbnLoizY73Mi8NUrEEVmEnINwFnb2S2AVTNz9xeFpjflkAjwB4thWQYE7yQvwJnIBDhtq3UwiQndDQYAEKx96evBTX8aHXF_qoKRWIt_NwFFwuz6ALvC6HH7zAUTHDWwqGjMon8yn0zYXfHYRaCsRTYC4wqlIPKrryCgiGbzCsmflm_cHoLcDxIhbbExyRvgcMaaNZ9sWHSOCLpGbN85zAGFTn6BLtUO0BUKdo9mRjaEo8yRVZ&sai=AMfl-YShW03D61tooSAGsGiwGKaoGiTXdbHL3kVIYS4oF2thY8UF1qaY3lU7_tvJYeGk9kaHgeiT4-qcOBUvG2gG7Vdgw9hMxCB6-O67KJcO2IcPfJnYkftjI3NSz-WWVmf2OhF9T7zwNAXjBPNI6lZ50A&sig=Cg0ArKJSzOL_uLTyVJb8EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com
URL: https://19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 19 Dec 2022 12:56:50 GMT

GET abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 4B16 0
0

GET window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4B16 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4B16 0
0

GET 3324320003295263620
tpc.googlesyndication.com/simgad/ Frame 4B16 0
0

GET KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CAB0 0
0

GET KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CAB0 0
0

GET
H/1.1 200
OK log
l3.aaxads.com/ 35 B
296 B 249ms
248ms Image
image/gif 104.84.173.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l3.aaxads.com/log?___stu13p=25bccp7ihn5fs6949k6cjst5iltv5zda4r85fx7&lwbsh=AAX&wHos=2025&dgw=desktop&flg=AAXXX4L07&fw=SYDNEY&ff=AU&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=coolrom.com.au&vhuyqdph=ssp-serving-54794f6b58-x5g8d&vyu=121511_501_121410_471_ssp&vf=NSW&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001671454608345029185683099712&vvsDeExfnhw=CONTROL&oz=1&gdss=green&lwbshlg=6&vg=5&dgeg=0&qsd=0&jgsu_hqi=1&fvha=0&jgivwu=NNN&jgsu=0&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&wfi_dsl=0&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=false&xvs_vwulqj=1YN-&xifd=12&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&vlg=atf-oop-slidein&gvlg=%2F5302%2C22658400375%2FTD-desktop%2Fcoolrom%2Fcoolrom-en-defaultpage%2FATF_OOP_SlideIn_0&vcv=&ws=pos%3Dtop%7CcountryCluster%3DA2%7Ctd-slot%3Datf-oop-slidein%7Ctype%3Dnative_slidein%7Chvi%3Dfalse%7Cslb_trigger_onscroll%3Dfalse&odwh=1&vuw=-1&oco=1&wrs=1120&ewp=1120&oiw=-460&ujkw=-30&oshu=1&vlg=gpt_unit_%2F5302%2C22658400375%2FTD-desktop%2Fcoolrom%2Fcoolrom-en-defaultpage%2FATF_OOP_Interstitial_0&gvlg=%2F5302%2C22658400375%2FTD-desktop%2Fcoolrom%2Fcoolrom-en-defaultpage%2FATF_OOP_Interstitial_0&vcv=1x1&ws=pos%3Dtop%7CcountryCluster%3DA2%7Ctd-slot%3Dgpt-interstitial%7Ctype%3DOOP_Display_Interstitial%7Chvi%3Dfalse&odwh=1&vuw=-1&oco=1&wrs=&ewp=&oiw=&ujkw=&oshu=1&vlg=custom-stickylb&gvlg=%2F5302%2C22658400375%2FTD-desktop%2Fcoolrom%2Fcoolrom-en-defaultpage%2FATF_Leaderboard_Sticky_0&vcv=970x100%7C500x90%7C468x60%7C468x90%7C728x90%7C750x100%7C970x90&ws=pos%3Dtop%7CcountryCluster%3DA2%7Ctd-slot%3Dcustom-stickylb%7Ctype%3Dbottom_sticky_leaderboard%7Chvi%3Dfalse&odwh=1&vuw=-1&oco=1&wrs=2430&ewp=2430&oiw=316&ujkw=1286&oshu=1&uhtxuo=https%3A%2F%2Fcoolrom.com.au%2Froms%2Fpsx%2F67660%2FGrandia_(Europe)_(Disc_1).php&nzui=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.173.189 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-173-189.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 12:56:50 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Mon, 19 Dec 2022 12:56:50 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 39B2 0
0 198ms
197ms Fetch
image/gif 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvxUaEE3etg_U2dPZx-leA2Djg2qlUUG90DtglnOdqGRxodjrZORcdqxOCER0d2RPzIO4ouK1WXqA_IOvthQTRy3Fb2QMuoeUm6SV5st2DlI4CzRN8mVkWNDXKOpbqH8xAgfRWtng9nxHMy4Rk6B1SGvNw7DzuqUUOJk5Ru7WbkWZ9--ngkyudyuBEtl358-eOwq4RlSWkqGOGu32NRvassk0vLcFraaTHJ1bXoGDpwMadi9Caw-_YBP-lwCB-J37Z9G1f5-rcHqbPFEH0MdDOc_IYLDwtEmHB263dDXMGosMWGyccwFyathoQnMhoehR-C1qFnlC_Ry33K7mCJUAwCt1yCqngCJllcUJYJj8wFeAKr7xz4tjZ_Av1mx8&sai=AMfl-YRl60IyhE6zg3C1fT86UWTax2vzeqBjPf5LpuqoZoEBh_o6mMCRNHMYhQB6zhPSN50xKbLWnAmMdAuuQwyGxM3GrUzSR0c5CqlRvKITjkCH3QhhBqmW4lKsSkeO-JwSmwTchChyVqzHR0Gb8nK2Sw&sig=Cg0ArKJSzMhJwPhyLwv1EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com
URL: https://19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 19 Dec 2022 12:56:50 GMT

GET runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5A24 0
0

GET aframe
www.google.com/recaptcha/api2/ Frame 3A4C 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
69 KB 496ms
194ms Script
application/javascript 142.250.4.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

c0b91f669e03de054addc2f2a15f5615d94c10ef51acf62bc08467995fb5fece

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 70343
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Dec 2022 12:56:51 GMT

GET
H2 200 ga-set-dimensions.min.js Show response
s1.nordcdn.com/nordvpn/3.887.6/js/ 4 KB
2 KB 452ms
234ms Script
application/javascript 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.887.6/js/ga-set-dimensions.min.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ad20dd36cacac4881b1c436c1371889716db9d3f4aa68ad75ae271338cd4c5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jul 2022 13:51:46 GMT
server: cloudflare
age: 2221
etag: W/"62cc2af2-fa1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77c04cf72e30aad7-SYD

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 287 KB
98 KB 641ms
340ms Script
application/javascript 142.250.4.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

d940df69a67b54b79c79434d7fbfd7423d6decdc03fdeda94dd958093e625a93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99719
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Dec 2022 12:56:51 GMT

GET
DATA 200
OK truncated
/ 240 B
240 B Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1f389a4a583504e955a630f2dc66ba3ef895fed89b6c6477f30fef9e09fd631

Request headers

Referer
Origin: https://nordvpn.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H2 200 en-woff2.css Show response
s1.nordcdn.com/nord/misc/0.53.0/common/fonts/ 158 KB
119 KB 319ms
109ms XHR
text/css 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nord/misc/0.53.0/common/fonts/en-woff2.css

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8727c71f4728b6602235e5955f077d24dfcf02ec17f6d7ad7754dd7cd6c04ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Sep 2022 08:49:27 GMT
server: cloudflare
age: 2198
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=16070400
cf-ray: 77c04cf698aaa971-SYD
expires: Fri, 23 Jun 2023 12:56:50 GMT

GET
H2 200 base.css
s1.nordcdn.com/nordvpn/3.942.0/css/ 98 KB
18 KB 414ms
215ms Stylesheet
text/css 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.942.0/css/base.css

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1c0dca5a0594f0358c4aacbd4e5d9ece3717414892fc9bd496c95dbb6d6ea68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Dec 2022 14:11:45 GMT
server: cloudflare
age: 2220
etag: W/"63909f21-1899a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77c04cf69d90aad7-SYD

GET
H2 200 /
cm.nordvpn.com/ 0
58 B 363ms
358ms Image
text/plain 104.17.50.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/?id=36203e2b-0634-44e5-90dc-394ee5fe66ea

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.50.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77c04cf55b9baaf6-SYD
content-length: 0

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 chevrons-right.svg
s1.nordcdn.com/nordvpn/media/1.1779.0/images/global/icons/16/ 178 B
241 B 430ms
235ms Image
image/svg+xml 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1779.0/images/global/icons/16/chevrons-right.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d48e49fc0a609fd2b9fb99587b6bd75dd2656b7fe316e0f3631f89d48a9e52f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 11:20:16 GMT
server: cloudflare
age: 2221
etag: W/"639b02f0-b2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77c04cf72e31aad7-SYD

GET
H2 200 chevrons-left.svg
s1.nordcdn.com/nordvpn/media/1.1779.0/images/global/icons/16/ 183 B
217 B 430ms
235ms Image
image/svg+xml 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1779.0/images/global/icons/16/chevrons-left.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af3be6627918c04cf3707b1a4f91dae67554c4a6a14be9888cc6b8a45595b321

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 11:20:16 GMT
server: cloudflare
age: 2221
etag: W/"639b02f0-b7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77c04cf72e34aad7-SYD

GET
H2 200 bg-christmas-campaign-chimney-lg.webp
s1.nordcdn.com/nordvpn/media/1.1758.0/images/campaigns/christmas-campaign/ 61 KB
62 KB 290ms
107ms Image
image/webp 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1758.0/images/campaigns/christmas-campaign/bg-christmas-campaign-chimney-lg.webp

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c653e441ae1cfe405cd2c68b389bf7d6927b55409dfa1264bf56154b20f8e637

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Sat, 26 Nov 2022 13:29:17 GMT
server: cloudflare
age: 1880
etag: "638214ad-f55c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
accept-ranges: bytes
cf-ray: 77c04cf69d91aad7-SYD
content-length: 62812

GET
H2 200 checkbox-tick.svg
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/icons/16/ 176 B
210 B 338ms
215ms Image
image/svg+xml 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/icons/16/checkbox-tick.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2ce5e9649172a30b614b52ab60c01d7620cab645526a13b8e391c2713dc3313

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 1884
etag: W/"638f59ef-b0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77c04cf69d95aad7-SYD

GET
H2 200 success.svg
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/icons/16/ 209 B
255 B 356ms
233ms Image
image/svg+xml 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/icons/16/success.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f27c105f1c08f497757a1daf912c840c0f562a9448c78ae1272c8860c6146653

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 1885
etag: W/"638f59ef-d1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77c04cf72e2eaad7-SYD

GET
H2 200 wired-white.svg
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/ 3 KB
1 KB 338ms
216ms Image
image/svg+xml 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/wired-white.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0acc7761130881ec8bc4031fa28505d071d1c6c6f65fe1ea2490b4e5139db63d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 1884
etag: W/"638f59ef-a48"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77c04cf69d99aad7-SYD

GET
H2 200 huffpost-white.svg
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/ 2 KB
1 KB 339ms
216ms Image
image/svg+xml 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/huffpost-white.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f87f46055339523542d49302a1f7665e2e217654516f0681f963c375249f3107

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 1884
etag: W/"638f59ef-77c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77c04cf69d98aad7-SYD

GET
H2 200 buzzfeed-white.svg
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/ 3 KB
2 KB 357ms
234ms Image
image/svg+xml 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/buzzfeed-white.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edc12bc907c10f796a3d4a2cfcf5715ccd6498f80322d22e94c67ed2731b9988

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 1885
etag: W/"638f59ef-d11"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77c04cf72e2faad7-SYD

GET
H2 200 forbes-white.svg
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/ 5 KB
2 KB 339ms
216ms Image
image/svg+xml 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/forbes-white.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

867285c239048863ae0da1e8ad72376c7494cdad435b2ca3f37a5dd38fa4fdaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 1884
etag: W/"638f59ef-123b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77c04cf69d9aaad7-SYD

GET
H2 200 tedx-white.svg
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/ 586 B
450 B 356ms
234ms Image
image/svg+xml 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/tedx-white.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac14e2aa10fadd38fa180ceac3e55e5f2c849035b1fa5c021f0b98d1c6856fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 1885
etag: W/"638f59ef-24a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77c04cf72e2baad7-SYD

GET
H2 200 bbc-white.svg
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/ 1 KB
629 B 337ms
215ms Image
image/svg+xml 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/bbc-white.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

488f6c8d07cf99844634c770d5ceb7306403f42fad6132e34388c71b1d795cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 1884
etag: W/"638f59ef-477"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77c04cf69d94aad7-SYD

GET
H2 200 hero-gift-moon-christmas_thumb_blur.webp
s1.nordcdn.com/nordvpn/media/1.1752.0/images/campaigns/christmas-campaign/ 858 B
962 B 223ms
222ms Image
image/webp 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1752.0/images/campaigns/christmas-campaign/hero-gift-moon-christmas_thumb_blur.webp

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f04ee7b0722e25032ba99c6394208520439cb04115a421b6294d6d27235cf92c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 17:01:55 GMT
server: cloudflare
age: 1881
etag: "637baf03-35a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
accept-ranges: bytes
cf-ray: 77c04cf72e37aad7-SYD
content-length: 858

GET
H2 200 unsupported-fallback.min.js Show response
s1.nordcdn.com/nordvpn/3.816.0/js/ 1 KB
650 B 224ms
223ms Script
application/javascript 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.816.0/js/unsupported-fallback.min.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38d18d8c6ab204062eedcb2980b6bfe059578f042c81bd0a17599853a5dd9cc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jan 2022 12:16:13 GMT
server: cloudflare
age: 2222
etag: W/"61e8010d-465"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77c04cf72e38aad7-SYD

GET
H2 200 lazyload.min.js Show response
s1.nordcdn.com/nordvpn/3.683.0/js/ 10 KB
5 KB 224ms
223ms Script
application/javascript 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.683.0/js/lazyload.min.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61d2bf3aa4b939301a3046a5ec9aca05533dd7091342a36afe2b321886cd0c8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Mar 2021 14:28:00 GMT
server: cloudflare
age: 2221
etag: W/"605b4c70-29e0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77c04cf72e39aad7-SYD

GET
H2 200 countdown.min.js Show response
s1.nordcdn.com/nordvpn/3.863.0/js/ 12 KB
4 KB 224ms
223ms Script
application/javascript 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.863.0/js/countdown.min.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a62ae4c89743dc201c7f1bbf696700979e3aa721960ec38ac7bb87e9873f965c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 May 2022 16:14:24 GMT
server: cloudflare
age: 2222
etag: W/"62866ce0-309a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77c04cf72e3aaad7-SYD

GET
H2 200 status-bar.min.js Show response
s1.nordcdn.com/nordvpn/3.906.1/js/ 11 KB
3 KB 225ms
224ms Script
application/javascript 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.906.1/js/status-bar.min.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87194192f69885b261d6b17e2d47ed02b53699ca07a5b2665a5a16af163a43dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 07:49:36 GMT
server: cloudflare
age: 2221
etag: W/"63048690-2af9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77c04cf72e3baad7-SYD

GET
H2 200 experiments-fallback.min.js Show response
s1.nordcdn.com/nordvpn/3.837.0/js/ 4 KB
2 KB 225ms
224ms Script
application/javascript 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.837.0/js/experiments-fallback.min.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba8d3bc86cfeb01c383756c7e9ce1047457199493d27da9508fb12456dcb3360

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 Mar 2022 08:28:33 GMT
server: cloudflare
age: 2221
etag: W/"62383731-eb5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77c04cf72e3caad7-SYD

GET
H2 200 jquery.min.js Show response
s1.nordcdn.com/jquery/1.12.4/ 95 KB
34 KB 327ms
216ms Script
application/javascript 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/jquery/1.12.4/jquery.min.js?ver=1.11.3

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Mar 2018 12:23:25 GMT
server: cloudflare
age: 2220
etag: W/"5abb893d-17b8b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77c04cf69d97aad7-SYD

GET
H2 200 scripts.min.js Show response
nordvpn.com/wp-content/plugins/cookie-consent-plugin/public/1619784219/ 572 B
395 B 120ms
119ms Script
application/javascript 104.17.50.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/wp-content/plugins/cookie-consent-plugin/public/1619784219/scripts.min.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.50.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da530a104b6893598eb6e371298797593b69711fee880fb839ed0a813cdfb526

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:21:42 GMT
server: cloudflare
age: 1444
etag: W/"608bf656-23c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-generator: front-au-web-2
cache-control: public, max-age=2678400
cf-ray: 77c04cf5ec13aaf6-SYD
expires: Thu, 19 Jan 2023 12:56:50 GMT

GET
H2 200 compiled.min.js Show response
nordvpn.com/wp-content/plugins/popups-plugin/dist/ 30 KB
10 KB 114ms
113ms Script
application/javascript 104.17.50.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/wp-content/plugins/popups-plugin/dist/compiled.min.js?ver=3.7.1

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.50.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d4ebe6d5ef019f6c751f2445c28d8b0a27510ecf0d949aec8857af1fbe9cbd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Oct 2022 06:43:17 GMT
server: cloudflare
age: 2038
etag: W/"6358d705-7907"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-generator: front-au-web-1
cache-control: public, max-age=2678400
cf-ray: 77c04cf5ec14aaf6-SYD
expires: Thu, 19 Jan 2023 12:56:50 GMT

GET
H2 200 base.min.js Show response
s1.nordcdn.com/nordvpn/3.942.0/js/ 183 KB
47 KB 225ms
223ms Script
application/javascript 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.942.0/js/base.min.js?ver=1.0.0

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43392d85def22d0195575d75fa1e538e7669c70a20736ffd49db162a36362c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Dec 2022 14:11:45 GMT
server: cloudflare
age: 2221
etag: W/"63909f21-2dcfa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77c04cf72e36aad7-SYD

GET
DATA 200
OK truncated
/ 39 KB
39 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b371c18f48e2a0fcde36d514967fc00f4373eb78473fea3d61da38626bbcc09e

Request headers

Referer
Origin: https://nordvpn.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 40 KB
40 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09781b5bb4f268166f145ba7ec217e639631ac75bc952de5e6293cf14327925c

Request headers

Referer
Origin: https://nordvpn.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 40 KB
40 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b8ffbee1e4f7d9ae71e33629c1d60288ad2e600ddccfe28acc7c4b0a94a14dbd

Request headers

Referer
Origin: https://nordvpn.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
H2 200 chevrons-right.svg Show response
s1.nordcdn.com/nordvpn/media/1.1779.0/images/global/icons/16/ 178 B
218 B 109ms
108ms Fetch
image/svg+xml 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1779.0/images/global/icons/16/chevrons-right.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.942.0/js/base.min.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d48e49fc0a609fd2b9fb99587b6bd75dd2656b7fe316e0f3631f89d48a9e52f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 11:20:16 GMT
server: cloudflare
age: 2198
etag: W/"639b02f0-b2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77c04cf94a83a971-SYD

GET
H2 200 chevrons-left.svg Show response
s1.nordcdn.com/nordvpn/media/1.1779.0/images/global/icons/16/ 183 B
302 B 108ms
107ms Fetch
image/svg+xml 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1779.0/images/global/icons/16/chevrons-left.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.942.0/js/base.min.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af3be6627918c04cf3707b1a4f91dae67554c4a6a14be9888cc6b8a45595b321

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 11:20:16 GMT
server: cloudflare
age: 2198
etag: W/"639b02f0-b7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77c04cf94a84a971-SYD

GET
H2 200 checkbox-tick.svg Show response
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/icons/16/ 176 B
214 B 110ms
109ms Fetch
image/svg+xml 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/icons/16/checkbox-tick.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.942.0/js/base.min.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2ce5e9649172a30b614b52ab60c01d7620cab645526a13b8e391c2713dc3313

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 1863
etag: W/"638f59ef-b0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77c04cf94a85a971-SYD

GET
H2 200 success.svg Show response
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/icons/16/ 209 B
255 B 109ms
109ms Fetch
image/svg+xml 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/icons/16/success.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.942.0/js/base.min.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f27c105f1c08f497757a1daf912c840c0f562a9448c78ae1272c8860c6146653

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 2188
etag: W/"638f59ef-d1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77c04cf94a86a971-SYD

GET
H2 200 admin-ajax.php Show response
nordvpn.com/wp-admin/ 169 B
350 B 209ms
208ms XHR
application/json 104.17.50.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/wp-admin/admin-ajax.php?resolution=1600&currentUrl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&action=pop_get_relative_popup

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/jquery/1.12.4/jquery.min.js?ver=1.11.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.50.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b375ccb5b3e41f34931c4a693a75793d387d279bcbad18d42cbbbb1f3066fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822
X-Requested-With: XMLHttpRequest
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/json; charset=UTF-8
x-generator: front-au-web-3
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
cf-ray: 77c04cf9aef9aaf6-SYD
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 admin-ajax.php Show response
nordvpn.com/wp-admin/ 336 B
300 B 201ms
200ms XHR
application/json 104.17.50.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/wp-admin/admin-ajax.php?action=get_user_info_data

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.906.1/js/status-bar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.50.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2ce900a0f252f6e78201d02186351f344f3b9c9e6a72f98a07bfe909332fff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/json; charset=UTF-8
x-generator: front-au-web-3
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
cf-ray: 77c04cf9cf07aaf6-SYD
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 threat-protection-screenshot-man-phone.webp
s1.nordcdn.com/nordvpn/media/1.1761.0/images/homepage/ui-illustrations/de/ 18 KB
18 KB 115ms
114ms Image
image/webp 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1761.0/images/homepage/ui-illustrations/de/threat-protection-screenshot-man-phone.webp

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8600c55ec86fce2330eb58c66dcc2d7c6798cc474ef964e79c027d93e3fcddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 16:39:37 GMT
server: cloudflare
age: 1506
etag: "638635c9-484a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
accept-ranges: bytes
cf-ray: 77c04cf9d877aad7-SYD
content-length: 18506

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 194ms
194ms Script
application/javascript 142.250.4.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-42858496-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

143bdb1b3dda6f5edfe42c7e3ce667ec8a6988ce3b3273b87cf1483f5795dce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43652
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Dec 2022 12:56:51 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 275ms
274ms Script
application/javascript 142.250.4.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-42858496-52&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

328ba97de26d9b622d897091f32600e66b3f034884959dee1572794a8aacc979

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43663
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Dec 2022 12:56:51 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/950534254/ 2 KB
1 KB 612ms
223ms Script
text/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950534254/?random=1671454611619&cv=11&fst=1671454611619&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&ref=https%3A%2F%2Fcoolrom.com.au%2F&tiba=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&auid=563421579.1671454612&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

3fa221cc66f33e4f74451f84e6bd84c36c7b3e0e505d398d8cb82b63ae167d8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 12:56:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 981
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 safe-connecion-laptop-man-auto-connent.webp
s1.nordcdn.com/nordvpn/media/1.1761.0/images/homepage/ui-illustrations/de/ 18 KB
19 KB 115ms
114ms Image
image/webp 104.17.168.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1761.0/images/homepage/ui-illustrations/de/safe-connecion-laptop-man-auto-connent.webp

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.168.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d049fbd7122bbfdd759053f1f53f28a1e6fb96f1495d643aa064f1fb8edc0268

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 16:39:37 GMT
server: cloudflare
age: 1500
etag: "638635c9-49b2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
accept-ranges: bytes
cf-ray: 77c04cfb2989aad7-SYD
content-length: 18866

POST
H2 200 collect
cm.nordvpn.com/g/ 0
41 B 365ms
363ms Ping
text/plain 104.17.50.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.nordvpn.com/g/collect?v=2&tid=G-LEXMJ1N516&gtm=2oebu0&_p=525942462&_gaz=1&cid=1635888429.1671454612&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&cu=USD&sid=1671454611&sct=1&seg=0&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&en=status_bar_loaded&_fv=1&_nsi=1&_ss=2&_ee=1&ep.page_lang=EN&ep.countdown=active&epn.countdown_remaining=34762937&ep.consent_status=ignored&ep.status=unprotected&ep.product=nordvpn

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.50.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:56:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77c04cfb3818aaf6-SYD
content-length: 0

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
165 B 195ms
193ms Ping
text/plain 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LEXMJ1N516&cid=1635888429.1671454612&gtm=2oebu0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 12:56:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nordvpn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
501 B 587ms
199ms Image
image/gif 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LEXMJ1N516&cid=1635888429.1671454612&gtm=2oebu0&aip=1&z=135795949

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 12:56:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 193ms
193ms Script
text/javascript 172.253.118.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-42858496-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 12:42:33 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 858
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 19 Dec 2022 14:42:33 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 193ms
193ms XHR
text/plain 172.253.118.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=525942462&t=pageview&_s=1&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1895824045&gjid=943469897&cid=1635888429.1671454612&tid=UA-42858496-1&_gid=1611929739.1671454612&_r=1&gtm=2oubu0&cd7=77c04cf27208aaf6-SYD&cd8=1671454611&cd40=active&z=1514166497

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nordvpn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 12:56:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nordvpn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
cm.nordvpn.com/j/ 35 B
237 B 381ms
381ms XHR
image/gif 104.17.50.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.nordvpn.com/j/collect?v=1&_v=j98&a=525942462&t=pageview&_s=1&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YKDACUABBAAAACAAMI~&jid=486378746&gjid=1470735834&cid=36203e2b-0634-44e5-90dc-394ee5fe66ea&tid=UA-42858496-52&_gid=741726866.1671454612&_fplc=0&_r=1&gtm=2oubu0&cd7=77c04cf27208aaf6-SYD&cd8=1671454611&z=1928211113

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.50.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 12:56:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
access-control-allow-origin: https://nordvpn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 77c04cfe3ac6aaf6-SYD
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 193ms
193ms Image
image/gif 172.253.118.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=525942462&t=event&ni=0&_s=1&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Countdown&el=Initiated&ev=34763&_u=YCDACUABBAAAACAAI~&jid=&gjid=&cid=1635888429.1671454612&tid=UA-42858496-1&_gid=1611929739.1671454612&gtm=2oubu0&cd7=77c04cf27208aaf6-SYD&cd8=1671454611&cd40=active&cd46=Active&z=2020689372

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 08:30:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15978
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 194ms
193ms Image
image/gif 172.253.118.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=525942462&t=event&ni=1&_s=2&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Status%20Bar%20%2F%20Unprotected&el=Loaded&ev=0&_u=YCDACUABBAAAACAAI~&jid=&gjid=&cid=1635888429.1671454612&tid=UA-42858496-1&_gid=1611929739.1671454612&gtm=2oubu0&cd7=77c04cf27208aaf6-SYD&cd8=1671454611&cd40=active&cd46=Active&z=1361161551

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 08:30:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15978
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
cm.nordvpn.com/ 35 B
169 B 359ms
358ms Image
image/gif 104.17.50.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?v=1&_v=j98&a=525942462&t=event&ni=0&_s=1&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Countdown&el=Initiated&ev=34763&_u=YKDACUABBAAAACAAMI~&jid=&gjid=&cid=36203e2b-0634-44e5-90dc-394ee5fe66ea&tid=UA-42858496-52&_gid=741726866.1671454612&_fplc=0&gtm=2oubu0&cd7=77c04cf27208aaf6-SYD&cd8=1671454611&cd40=Active&cd46=Active&z=1208760531

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.50.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 12:56:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 77c04cfe3acdaaf6-SYD
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 collect
cm.nordvpn.com/ 35 B
89 B 402ms
401ms Image
image/gif 104.17.50.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?v=1&_v=j98&a=525942462&t=event&ni=1&_s=2&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Status%20Bar%20%2F%20Unprotected&el=Loaded&ev=0&_u=YKDACUABBAAAACAAMI~&jid=&gjid=&cid=36203e2b-0634-44e5-90dc-394ee5fe66ea&tid=UA-42858496-52&_gid=741726866.1671454612&_fplc=0&gtm=2oubu0&cd7=77c04cf27208aaf6-SYD&cd8=1671454611&cd40=Active&cd46=Active&z=1440814443

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.50.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 12:56:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 77c04cfe3acfaaf6-SYD
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/950534254/ 42 B
548 B 203ms
202ms Image
image/gif 172.217.194.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/950534254/?random=1671454611619&cv=11&fst=1671451200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&ref=https%3A%2F%2Fcoolrom.com.au%2F&tiba=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&fmt=3&is_vtc=1&random=3847468859&rmt_tld=0&ipr=y

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 12:56:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.au/pagead/1p-user-list/950534254/ 42 B
154 B 201ms
201ms Image
image/gif 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/950534254/?random=1671454611619&cv=11&fst=1671451200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&ref=https%3A%2F%2Fcoolrom.com.au%2F&tiba=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&fmt=3&is_vtc=1&random=3847468859&rmt_tld=1&ipr=y

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 12:56:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
29 B 194ms
194ms XHR
text/plain 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-42858496-1&cid=1635888429.1671454612&jid=1895824045&gjid=943469897&_gid=1611929739.1671454612&_u=YADAAUAAAAAAACAAI~&z=646022364

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nordvpn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 19 Dec 2022 12:56:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nordvpn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 500ms
199ms Image
image/gif 172.217.194.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-42858496-1&cid=1635888429.1671454612&jid=1895824045&_u=YADAAUAAAAAAACAAI~&z=1202493874

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 12:56:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
107 B 501ms
200ms Image
image/gif 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-42858496-1&cid=1635888429.1671454612&jid=1895824045&_u=YADAAUAAAAAAACAAI~&z=1202493874

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 12:56:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 193ms
193ms Script
text/javascript 172.253.118.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f113.1e100.net

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 991
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 19 Dec 2022 13:40:22 GMT

GET
H2

200

activityi;dc_pre=CJrqgNTdhfwCFcMDtwAdKIgD5g;src=12123059;type=retar0;cat=purea0;ord=9078655899400;gtm=2wgbu0;auiddc=563421579.1671454612;~oref=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%... Show response
12123059.fls.doubleclick.net/ Frame 4A01
Redirect Chain

https://12123059.fls.doubleclick.net/activityi;src=12123059;type=retar0;cat=purea0;ord=9078655899400;gtm=2wgbu0;auiddc=563421579.1671454612;~oref=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffilia...
https://12123059.fls.doubleclick.net/activityi;dc_pre=CJrqgNTdhfwCFcMDtwAdKIgD5g;src=12123059;type=retar0;cat=purea0;ord=9078655899400;gtm=2wgbu0;auiddc=563421579.1671454612;~oref=https%3A%2F%2Fnor...

1 KB
714 B

507ms
205ms

Document
text/html

142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12123059.fls.doubleclick.net/activityi;dc_pre=CJrqgNTdhfwCFcMDtwAdKIgD5g;src=12123059;type=retar0;cat=purea0;ord=9078655899400;gtm=2wgbu0;auiddc=563421579.1671454612;~oref=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f149.1e100.net

Software

cafe /

Resource Hash

ea7bd06e5e9bacd7fcd7e6cd09af154a38195c2413e7c80eb2f271e44406132a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nordvpn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 604
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 12:56:54 GMT
expires: Mon, 19 Dec 2022 12:56:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 12:56:53 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12123059.fls.doubleclick.net/activityi;dc_pre=CJrqgNTdhfwCFcMDtwAdKIgD5g;src=12123059;type=retar0;cat=purea0;ord=9078655899400;gtm=2wgbu0;auiddc=563421579.1671454612;~oref=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
29 B 194ms
193ms XHR
text/plain 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-42858496-1&cid=1635888429.1671454612&jid=1856207917&gjid=875512925&_gid=1611929739.1671454612&_u=aKDAiUAjBAAAAGAEOI~&z=823965911

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nordvpn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 19 Dec 2022 12:56:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nordvpn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 193ms
193ms Image
image/gif 172.253.118.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=525942462&t=event&ni=1&_s=1&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Load%20time&ea=Loaded&el=%2Fen%2Fhome-lazyload-2-2%2F%20-%20fromDL&ev=2314&_u=aKDAiUAjBAAAACAEOI~&jid=1856207917&gjid=875512925&cid=1635888429.1671454612&uid=&tid=UA-42858496-1&_gid=1611929739.1671454612&gtm=2wgbu0WX5CH8&cd10=&cd20=1671454613029.7mf03s4&cd21=2022-12-19T12%3A56%3A53.29%2B00%3A00&cd22=&cd24=&cd25=&cd26=&cd27=&cd28=&cd29=&cd30=&cd32=&cd48=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwOC4wLjUzNTkuMTI0IFNhZmFyaS81MzcuMzYyMDAzMDEwN1dpbjMyODMxMjAwMTYwMA%3D%3D&cd19=1635888429.1671454612&z=625678144

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 08:30:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15979
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 198ms
192ms Image
image/gif 172.253.118.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=525942462&t=event&ni=1&_s=3&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Currency&ea=Loaded&el=USD&_u=aKDACUAjBAAAAGAEOI~&jid=&gjid=&cid=1635888429.1671454612&tid=UA-42858496-1&_gid=1611929739.1671454612&gtm=2oubu0&cd7=77c04cf27208aaf6-SYD&cd8=1671454611&cd40=active&cd46=Active&z=427108718

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 08:30:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15979
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
cm.nordvpn.com/ 35 B
112 B 877ms
870ms Image
image/gif 104.17.50.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?v=1&_v=j98&a=525942462&t=event&ni=1&_s=3&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Currency&ea=Loaded&el=USD&_u=aKDACUAjBAAAAGAEOI~&jid=&gjid=&cid=36203e2b-0634-44e5-90dc-394ee5fe66ea&tid=UA-42858496-52&_gid=741726866.1671454612&_fplc=0&gtm=2oubu0&cd7=77c04cf27208aaf6-SYD&cd8=1671454611&cd40=Active&cd46=Active&z=5684715

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.50.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 12:56:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 77c04d05284baaf6-SYD
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 200ms
195ms Image
image/gif 172.253.118.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=525942462&t=event&ni=1&_s=4&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Cookie%20Consent&ea=Loaded&ev=0&_u=aKDACUAjBAAAAGAEOI~&jid=&gjid=&cid=1635888429.1671454612&tid=UA-42858496-1&_gid=1611929739.1671454612&gtm=2oubu0&cd7=77c04cf27208aaf6-SYD&cd8=1671454611&cd40=active&cd46=Active&z=759068176

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 08:30:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15979
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
cm.nordvpn.com/ 35 B
89 B 372ms
365ms Image
image/gif 104.17.50.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?v=1&_v=j98&a=525942462&t=event&ni=1&_s=4&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Cookie%20Consent&ea=Loaded&ev=0&_u=aKDACUAjBAAAAGAEOI~&jid=&gjid=&cid=36203e2b-0634-44e5-90dc-394ee5fe66ea&tid=UA-42858496-52&_gid=741726866.1671454612&_fplc=0&gtm=2oubu0&cd7=77c04cf27208aaf6-SYD&cd8=1671454611&cd40=Active&cd46=Active&z=2046950131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.50.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 12:56:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 77c04d05284caaf6-SYD
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 200ms
196ms Image
image/gif 172.253.118.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=525942462&t=event&ni=1&_s=5&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Scroll&el=01%20-%20HeroLeftV4&ev=0&_u=aKDACUAjBAAAAGAEOI~&jid=&gjid=&cid=1635888429.1671454612&tid=UA-42858496-1&_gid=1611929739.1671454612&gtm=2oubu0&cd7=77c04cf27208aaf6-SYD&cd8=1671454611&cd40=active&cd46=Active&z=1919884942

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 08:30:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15979
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
cm.nordvpn.com/ 35 B
89 B 371ms
365ms Image
image/gif 104.17.50.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?v=1&_v=j98&a=525942462&t=event&ni=1&_s=5&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Scroll&el=01%20-%20HeroLeftV4&ev=0&_u=aKDACUAjBAAAAGAEOI~&jid=&gjid=&cid=36203e2b-0634-44e5-90dc-394ee5fe66ea&tid=UA-42858496-52&_gid=741726866.1671454612&_fplc=0&gtm=2oubu0&cd7=77c04cf27208aaf6-SYD&cd8=1671454611&cd40=Active&cd46=Active&z=445388295

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.50.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 12:56:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 77c04d05284eaaf6-SYD
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 199ms
195ms Image
image/gif 172.253.118.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=525942462&t=event&ni=1&_s=6&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Scroll&el=00%20-%20Header&ev=0&_u=aKDACUAjBAAAAGAEOI~&jid=&gjid=&cid=1635888429.1671454612&tid=UA-42858496-1&_gid=1611929739.1671454612&gtm=2oubu0&cd7=77c04cf27208aaf6-SYD&cd8=1671454611&cd40=active&cd46=Active&z=122430077

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 08:30:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15979
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
cm.nordvpn.com/ 35 B
89 B 383ms
378ms Image
image/gif 104.17.50.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?v=1&_v=j98&a=525942462&t=event&ni=1&_s=6&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Scroll&el=00%20-%20Header&ev=0&_u=aKDACUAjBAAAAGAEOI~&jid=&gjid=&cid=36203e2b-0634-44e5-90dc-394ee5fe66ea&tid=UA-42858496-52&_gid=741726866.1671454612&_fplc=0&gtm=2oubu0&cd7=77c04cf27208aaf6-SYD&cd8=1671454611&cd40=Active&cd46=Active&z=720606714

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.50.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 12:56:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 77c04d052850aaf6-SYD
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 200ms
196ms Image
image/gif 172.253.118.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=525942462&t=event&ni=1&_s=7&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Cookie%20Consent&ea=Cookie%20Consent&el=Loaded&ev=0&_u=aKDACUAjBAAAAGAEOI~&jid=&gjid=&cid=1635888429.1671454612&tid=UA-42858496-1&_gid=1611929739.1671454612&gtm=2oubu0&cd7=77c04cf27208aaf6-SYD&cd8=1671454611&cd40=active&cd46=Active&z=750740607

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 08:30:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15979
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
cm.nordvpn.com/ 35 B
89 B 369ms
364ms Image
image/gif 104.17.50.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?v=1&_v=j98&a=525942462&t=event&ni=1&_s=7&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Cookie%20Consent&ea=Cookie%20Consent&el=Loaded&ev=0&_u=aKDACUAjBAAAAGAEOI~&jid=&gjid=&cid=36203e2b-0634-44e5-90dc-394ee5fe66ea&tid=UA-42858496-52&_gid=741726866.1671454612&_fplc=0&gtm=2oubu0&cd7=77c04cf27208aaf6-SYD&cd8=1671454611&cd40=Active&cd46=Active&z=2129607016

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.50.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 12:56:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 77c04d052851aaf6-SYD
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 200ms
196ms Image
image/gif 172.253.118.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=525942462&t=event&ni=0&_s=8&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Countdown&el=Activated.10&ev=0&_u=aKDACUAjBAAAAGAEOI~&jid=&gjid=&cid=1635888429.1671454612&tid=UA-42858496-1&_gid=1611929739.1671454612&gtm=2oubu0&cd7=77c04cf27208aaf6-SYD&cd8=1671454611&cd40=Active&cd46=Active&z=1307520819

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 08:30:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15979
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
cm.nordvpn.com/ 35 B
112 B 367ms
363ms Image
image/gif 104.17.50.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?v=1&_v=j98&a=525942462&t=event&ni=0&_s=8&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Countdown&el=Activated.10&ev=0&_u=aKDACUAjBAAAAGAEOI~&jid=&gjid=&cid=36203e2b-0634-44e5-90dc-394ee5fe66ea&tid=UA-42858496-52&_gid=741726866.1671454612&_fplc=0&gtm=2oubu0&cd7=77c04cf27208aaf6-SYD&cd8=1671454611&cd40=Active&cd46=Active&z=1958456194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.50.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 12:56:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 77c04d052853aaf6-SYD
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 199ms
198ms Image
image/gif 172.217.194.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-42858496-1&cid=1635888429.1671454612&jid=1856207917&_u=aKDAiUAjBAAAAGAEOI~&z=1152345987

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 12:56:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com.au/ads/ 42 B
63 B 200ms
199ms Image
image/gif 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-42858496-1&cid=1635888429.1671454612&jid=1856207917&_u=aKDAiUAjBAAAAGAEOI~&z=1152345987

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 12:56:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
servedby.flashtalking.com/spot/1/26275;132023;14586/ Frame 4A01 42 B
342 B 819ms
301ms Image
image/gif 23.76.212.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://servedby.flashtalking.com/spot/1/26275;132023;14586/?spotName=Retargeting_Event_Snippet&cachebuster=1881075703

Requested by

Host: 12123059.fls.doubleclick.net
URL: https://12123059.fls.doubleclick.net/activityi;dc_pre=CJrqgNTdhfwCFcMDtwAdKIgD5g;src=12123059;type=retar0;cat=purea0;ord=9078655899400;gtm=2wgbu0;auiddc=563421579.1671454612;~oref=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822?

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.76.212.222 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-76-212-222.deploy.static.akamaitechnologies.com

Software

prod-xre-app4.tky11 /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://12123059.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 12:56:54 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app4.tky11
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 42
Expires: Mon, 19 Dec 2022 12:56:54 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame 4A01 4 KB
2 KB 709ms
200ms Script
application/x-javascript 13.33.90.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: 12123059.fls.doubleclick.net
URL: https://12123059.fls.doubleclick.net/activityi;dc_pre=CJrqgNTdhfwCFcMDtwAdKIgD5g;src=12123059;type=retar0;cat=purea0;ord=9078655899400;gtm=2wgbu0;auiddc=563421579.1671454612;~oref=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.90.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-90-128.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://12123059.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 17:08:12 GMT
Content-Encoding: gzip
Via: 1.1 9b42888bacc8273877421321cf54240a.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SIN2-P2
Age: 71323
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: kQulC7-WRT9Gc5KUE7QUDdu8H3qIoB1Fm0Hxp2IAuU9ApWY6K5rB8w==

GET

rum
dsum-sec.casalemedia.com/ Frame 4A01
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=cyfpmts&ct=0:jf8p7o8&fmt=3
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5431c02d-c2ab-4da7-b779-1f3465f34fba&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NTQzMWMwMmQtYzJhYi00ZGE3LWI3NzktMWYzNDY1ZjM0ZmJh&gdpr=0&gdpr_consent=&ttd_tdid=5431c02d-c2ab-4da7-b779-1f346...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=5431c02d-c2ab-4da7-b779-1f3465f34fba&google_gid=CAESEDKEG9rtxD4qCuyLJjtsVq8&google_cver=1
https://ups.analytics.yahoo.com/ups/55953/sync?uid=5431c02d-c2ab-4da7-b779-1f3465f34fba&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-b026NvVE2uISstsmefxnXFDLmsKNbng-~A&gdpr=0&gdpr_consent=
https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=5431c02d-c2ab-4da7-b779-1f3465f34fba&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5431c02d-c2ab-4da7-b779-1f3465f34fba&expiration=1674046617&gdpr=0&gdpr_consent=

0
0

GET
H2 200 dc_pre=CJrqgNTdhfwCFcMDtwAdKIgD5g;src=12123059;type=retar0;cat=purea0;ord=9078655899400;gtm=2wgbu0;auiddc=*;~oref=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCo...
adservice.google.com/ddm/fls/z/ Frame 4A01 42 B
262 B 545ms
238ms Image
image/gif 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJrqgNTdhfwCFcMDtwAdKIgD5g;src=12123059;type=retar0;cat=purea0;ord=9078655899400;gtm=2wgbu0;auiddc=*;~oref=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://12123059.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 12:56:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ads.servenobid.com
URL: https://ads.servenobid.com/adreq?cb=4624

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1

Domain: contextual.media.net
URL: https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f0a237bf-56f3-4e8f-9a12-d99827431513

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:726d63a0-5f92-4f00-9a52-592ba6ad9970&gdpr=0&gdpr_consent=

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6BfkgAFLaIxGQAF&gdpr=0&gdpr_consent=&_test=Y6BfkgAFLaIxGQAF

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y8vipflgod7

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8751035448487413941&gdpr=0&gdpr_consent=

Domain: pixel.tapad.com
URL: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=D757C414-243C-4FC7-8C22-9DA265D0F5C7

Domain: sync.crwdcntrl.net
URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=D757C414-243C-4FC7-8C22-9DA265D0F5C7&gdpr=0&gdpr_consent=&ct=y

Domain: uipglob.semasio.net
URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=D757C414-243C-4FC7-8C22-9DA265D0F5C7&sInitiator=external&gdpr=0&gdpr_consent=

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOgwAYXnCJZ_6OGPbXMzTY8&google_cver=1

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A71FA6B7FC344611BB51A29C857FAD0C

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5431c02d-c2ab-4da7-b779-1f3465f34fba&gdpr=0&gdpr_consent=

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/simgad/3324320003295263620

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe

Domain: dsum-sec.casalemedia.com
URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5431c02d-c2ab-4da7-b779-1f3465f34fba&expiration=1674046617&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

70 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.coolrom.com.au/	1970-01-20 09:00:46	Name: lang Value: en
.coolrom.com.au/	1970-01-20 08:21:53	Name: alert Value: 1
coolrom.com.au/	1970-01-20 09:00:46	Name: _pbjs_userid_consent_data Value: 3524755945110770
coolrom.com.au/	1969-12-31 23:59:59	Name: aasd Value: 5%7C1671454608242
.coolrom.com.au/	1970-01-20 17:53:34	Name: _ga Value: GA1.3.1188337091.1671454608
.coolrom.com.au/	1970-01-20 08:19:01	Name: _gid Value: GA1.3.1056162096.1671454608
.coolrom.com.au/	1970-01-20 08:17:34	Name: _gat_gtag_UA_3213938_1 Value: 1
.aaxads.com/	1970-01-20 17:03:10	Name: aax-vsid Value: 3144562086830941000V10
.id5-sync.com/	1970-01-20 10:27:10	Name: id5 Value: e52a655c-4acc-7b0e-af42-8eda8e5609f7#1671454608794#1
coolrom.com.au/	1969-12-31 23:59:59	Name: __aaxsc Value: 2
go.nordvpn.net/	1970-01-20 09:15:10	Name: enc_aff_session_30 Value: ENC035e2685df35777e95c85137916dcbd60693af3b180af2e111abface10fc7579c5598a921231958a3fee9ad76bf5b0e8e0dbb5b3c83614e9c197fcf0e60a6b6cb443f0e28b803aaac27529d086a94d80fd9098b6b0017864225183ec404641a4b33f090fdf345b160972edd9538068dec560f3bfc4401bb21aefe76646fcf0d457a7c29c1cdaed086a2360563203bd4ff6815d798531141e4116714c2bf4c568e3033c5dca
go.nordvpn.net/	1970-01-20 17:53:34	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDgiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEwOC4wLjUzNTkuMTI0IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1BVSxlbjtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
.adkernel.com/	1970-01-20 09:00:46	Name: ADKUID Value: A5397852881305038045
.yieldmo.com/	1970-01-20 17:03:10	Name: yieldmo_id Value: g43600b14b883b51902d%7C1671454609172%7C0%7C
.aaxads.com/	1970-01-20 17:03:10	Name: 167AAX Value: A5397852881305038045~~1
.aaxads.com/	1970-01-20 17:03:10	Name: 353AAX Value: g43600b14b883b51902d~~1
.adnxs.com/	1970-01-20 10:27:10	Name: uuid2 Value: 8751035448487413941
.media.net/	1970-01-20 17:03:10	Name: visitor-id Value: 3144562096830904000V10
.us.ck-ie.com/	1970-01-20 08:27:39	Name: CID Value: 419780c83d110082bfbdb912ce43cc025ac1e176
.coolrom.com.au/	1970-01-20 17:39:10	Name: __gads Value: ID=6d6a7f937f142185:T=1671454608:S=ALNI_Mai7ongExXX7-aL0hHWu0_K6PWjZw
.coolrom.com.au/	1970-01-20 17:39:10	Name: __gpi Value: UID=00000b93f4a4d737:T=1671454608:RT=1671454608:S=ALNI_Mau_M9C4-ahWGpTE1L2hERalu7tRg
.aaxads.com/	1970-01-20 17:03:10	Name: 380AAX Value: b638fed6bc61e1ebbf4a57f76a0cf7f5c117ca7b02f3e5d385ee607d66ecd393~~1
.aaxads.com/	1970-01-20 10:25:44	Name: 023AAX Value: 8751035448487413941~~1
.pubmatic.com/	1970-01-20 17:03:10	Name: KADUSERCOOKIE Value: D757C414-243C-4FC7-8C22-9DA265D0F5C7
.pubmatic.com/	1970-01-20 10:27:10	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 10:27:10	Name: DPSync3 Value: 1672617600%3A201_245_226%7C1672012800%3A248
.pubmatic.com/	1970-01-20 10:27:10	Name: SyncRTB3 Value: 1672617600%3A247_13_71_7_54_22_3_220_21%7C1672272000%3A63
.aaxads.com/	1970-01-20 17:01:44	Name: 209AAX Value: D757C414-243C-4FC7-8C22-9DA265D0F5C7~~1
.criteo.com/	1970-01-20 17:39:10	Name: uid Value: f0a237bf-56f3-4e8f-9a12-d99827431513
.adsrvr.org/	1970-01-20 17:03:10	Name: TDID Value: 5431c02d-c2ab-4da7-b779-1f3465f34fba
.nordvpn.com/	1970-01-20 09:00:46	Name: aff_id Value: 29822
.nordvpn.com/	1970-01-20 09:00:46	Name: aff_transaction_id Value: 102ce257e4d5aeefbe437f9c1976c2
.nordvpn.com/	1970-01-20 09:00:46	Name: nordvpn_aff_id Value: 29822
.nordvpn.com/	1970-01-20 09:00:46	Name: nordvpn_aff_transaction_id Value: 102ce257e4d5aeefbe437f9c1976c2
.nordvpn.com/	1970-01-20 08:17:36	Name: __cf_bm Value: 3_0LZ1gD5F8qc.UxwkUEt5u7orOdgSM0yHYSGx4prjw-1671454610-0-AYlSbV3AdKdMhriz3YFviMb3eSEju20zYaq9yEjwYGoYLcb/btONBFZD1oNcBkK33CwxDR3nKZNR7j2f2EwQHoY=
.tapad.com/	1970-01-20 09:43:58	Name: TapAd_TS Value: 1671454610257
.tapad.com/	1970-01-20 09:43:58	Name: TapAd_DID Value: b9c19fc8-eb03-445d-86e6-e5c0998bb562
.everesttech.net/	1970-01-20 17:03:10	Name: everest_g_v2 Value: g_surferid~Y6BfkgAFLaIxGQAF
coolrom.com.au/	1970-01-20 08:17:35	Name: _dd_s Value: rum=0&expire=1671455508430
.ambientdsp.com/	1970-01-20 08:19:01	Name: _aGeoIp Value: AU-Sydney
.ambientdsp.com/	1970-01-20 17:53:34	Name: _aUID Value: y8vipflgod7
.doubleclick.net/	1970-01-20 17:53:34	Name: IDE Value: AHWqTUkOGsvGCk4OpvKN2xoR0xYqotLK-hS_qRtrkQvetI0SFvE6Fh6HKP7JFiLo0Ak
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.yahoo.com/	1970-01-20 17:03:32	Name: A3 Value: d=AQABBJJfoGMCEFSDA_anxCG0vmPqBExNSh4FEgEBAQGxoWOqYwAAAAAA_eMAAA&S=AQAAAl4vHcMK-z0KV8tgmlXf2hs
.mathtag.com/	1970-01-20 17:43:29	Name: uuid Value: 726d63a0-5f92-4f00-9a52-592ba6ad9970
.simpli.fi/	1970-01-20 17:04:37	Name: suid Value: A71FA6B7FC344611BB51A29C857FAD0C
.bidswitch.net/	1970-01-20 17:03:10	Name: tuuid Value: c821f06a-7fee-4cfb-8d3d-0b6512a33f93
.bidswitch.net/	1970-01-20 17:03:10	Name: c Value: 1671454610
.bidswitch.net/	1970-01-20 17:03:10	Name: tuuid_lu Value: 1671454610
.semasio.net/	1970-01-20 17:03:10	Name: SEUNCY Value: 7C11738A48E13DA2
.nordvpn.com/	1970-01-20 17:03:10	Name: locale Value: en
.nordvpn.com/	1970-01-20 17:53:34	Name: nord_countdown Value: 1671489374599
.nordvpn.com/	1970-01-20 17:53:34	Name: nord_countdown_iteration Value: 10
.nordvpn.com/	1970-01-20 17:53:34	Name: nord_countdown_seen Value: 1
.nordvpn.com/	1970-01-20 12:39:39	Name: FirstSession Value: source%3Daff29822%26campaign%3Doff30%26medium%3Daffiliate%26term%3D%26content%3DCoolROM_Alert%26hostname%3Dnordvpn.com%26date%3D20221219%26query%3Dnull
.nordvpn.com/	1970-01-20 12:39:39	Name: CurrentSession Value: source%3Daff29822%26campaign%3Doff30%26medium%3Daffiliate%26term%3D%26content%3DCoolROM_Alert%26hostname%3Dnordvpn.com%26date%3D20221219%26query%3Dnull
.nordvpn.com/	1970-01-20 08:27:39	Name: font-css-en Value: true
.nordvpn.com/	1970-01-20 10:27:10	Name: _gcl_au Value: 1.1.563421579.1671454612
.nordvpn.com/	1970-01-20 17:53:34	Name: _ga Value: GA1.2.1635888429.1671454612
.nordvpn.com/	1970-01-20 08:19:01	Name: _gid Value: GA1.2.1611929739.1671454612
.nordvpn.com/	1970-01-20 08:17:34	Name: _gat_gtag_UA_42858496_1 Value: 1
.nordvpn.com/	1970-01-20 17:53:34	Name: nextbid Value: GA1.2.36203e2b-0634-44e5-90dc-394ee5fe66ea
.nordvpn.com/	1970-01-20 08:19:01	Name: nextbid_gid Value: GA1.2.741726866.1671454612
.nordvpn.com/	1970-01-20 08:17:34	Name: _gat_gtag_UA_42858496_52 Value: 1
.nordvpn.com/	1970-01-20 10:27:10	Name: FPAU Value: 1.1.563421579.1671454612
.nordvpn.com/	1970-01-20 17:53:34	Name: _ga_LEXMJ1N516 Value: GS1.1.1671454611.1.1.1671454613.58.0.0
.nordvpn.com/	1970-01-20 08:17:34	Name: _dc_gtm_UA-42858496-1 Value: 1
.rubiconproject.com/	1970-01-20 17:03:10	Name: khaos Value: LBUSX7BS-1M-E5AV
.rubiconproject.com/	1970-01-20 17:03:10	Name: audit Value: 1\|oD9/znBx7Mt5OMaS4zNp0rKh4r2ShSZFvr1BilBcfCe1Mnm1d2tbLdrTBB1AauQmBmmyWpzkJyMwHTRO1/p4iHX0qfg68IpFQAPcN3ARK85kiN/QdRXRhyiO5fYhc81RSpgXX2wq/NbSeBxMlR0/58t7fgl1w6dNW1wnerHarjrREvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ==
.adsrvr.org/	1970-01-20 17:03:10	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwiE_pjw0PKwOxAFEhYKB3J1Ymljb24SCwjovcGW0fKwOxAFEhUKBmdvb2dsZRILCOKCu6jR8rA7EAUSGQoKcmlnaHRtZWRpYRILCOKCu6jR8rA7EAUYBSACKAEyCwjotcTD5_KwOxAFQg8iDQgBEgkKBXRpZXIyEAFaB2N5ZnBtdHNgAXIKcmlnaHRtZWRpYQ..

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12123059.fls.doubleclick.net
19ede186b1b37f314926d4f4947999ed.safeframe.googlesyndication.com
ads.pubmatic.com
ads.servenobid.com
ads.yieldmo.com
adservice.google.com
adservice.google.com.au
ajax.googleapis.com
c.aaxads.com
cm.g.doubleclick.net
cm.nordvpn.com
contextual.media.net
coolrom.com.au
dsum-sec.casalemedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
go.nordvpn.net
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
hbx.media.net
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
js.adsrvr.org
l3.aaxads.com
nordvpn.com
pagead2.googlesyndication.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
s1.nordcdn.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
simage2.pubmatic.com
spn-v1.revampcdn.com
stats.g.doubleclick.net
sync.adkernel.com
sync.crwdcntrl.net
tpc.googlesyndication.com
uipglob.semasio.net
us.ck-ie.com
visit.nordvpn.com
www.aaxdetect.com
www.datadoghq-browser-agent.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ads.servenobid.com
contextual.media.net
dsum-sec.casalemedia.com
eus.rubiconproject.com
fonts.gstatic.com
image2.pubmatic.com
pixel.tapad.com
simage2.pubmatic.com
sync.crwdcntrl.net
tpc.googlesyndication.com
uipglob.semasio.net
www.google.com
www.googletagservices.com
x.bidswitch.net
103.231.98.193
104.17.168.30
104.17.50.74
104.22.55.232
104.254.150.228
104.84.162.5
104.84.173.189
13.228.111.128
13.33.90.128
13.33.90.60
142.250.4.155
142.250.4.95
142.250.4.97
142.251.10.132
142.251.10.154
142.251.12.149
142.251.12.157
151.101.1.91
162.19.138.120
172.217.194.147
172.217.194.155
172.217.194.94
172.217.194.95
172.253.118.113
172.253.118.94
172.66.43.149
216.130.169.24
23.199.241.50
23.58.140.202
23.76.212.222
52.210.134.198
54.169.66.1
67.199.150.81
74.125.24.132
74.125.24.154
74.125.24.155
8.2.108.175
09781b5bb4f268166f145ba7ec217e639631ac75bc952de5e6293cf14327925c
0ac14e2aa10fadd38fa180ceac3e55e5f2c849035b1fa5c021f0b98d1c6856fd
0acc7761130881ec8bc4031fa28505d071d1c6c6f65fe1ea2490b4e5139db63d
143bdb1b3dda6f5edfe42c7e3ce667ec8a6988ce3b3273b87cf1483f5795dce2
1b375ccb5b3e41f34931c4a693a75793d387d279bcbad18d42cbbbb1f3066fad
2d4ebe6d5ef019f6c751f2445c28d8b0a27510ecf0d949aec8857af1fbe9cbd6
328ba97de26d9b622d897091f32600e66b3f034884959dee1572794a8aacc979
38d18d8c6ab204062eedcb2980b6bfe059578f042c81bd0a17599853a5dd9cc4
3fa221cc66f33e4f74451f84e6bd84c36c7b3e0e505d398d8cb82b63ae167d8a
43392d85def22d0195575d75fa1e538e7669c70a20736ffd49db162a36362c40
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
488f6c8d07cf99844634c770d5ceb7306403f42fad6132e34388c71b1d795cc7
61d2bf3aa4b939301a3046a5ec9aca05533dd7091342a36afe2b321886cd0c8a
631ea2bc942c1791920270ba02eef37774aa10db3994b4936a2b5f891a970ff7
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6d8116044518d0810f5ba5e77f6aa06b8805b2caf2d83bcb053455800ec7c12d
74d583b7442128b0113182ff1bb5738ac0b1b672cf136cc6a9a9e6fd747fca28
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
7ad20dd36cacac4881b1c436c1371889716db9d3f4aa68ad75ae271338cd4c5d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
867285c239048863ae0da1e8ad72376c7494cdad435b2ca3f37a5dd38fa4fdaf
87194192f69885b261d6b17e2d47ed02b53699ca07a5b2665a5a16af163a43dc
8727c71f4728b6602235e5955f077d24dfcf02ec17f6d7ad7754dd7cd6c04ad3
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
96043f2902775b9903b1880464403573442b2abcfae52de51771388149f84147
a1c0dca5a0594f0358c4aacbd4e5d9ece3717414892fc9bd496c95dbb6d6ea68
a1f389a4a583504e955a630f2dc66ba3ef895fed89b6c6477f30fef9e09fd631
a62ae4c89743dc201c7f1bbf696700979e3aa721960ec38ac7bb87e9873f965c
a65075f9e968f2530e7bc2bba36822d3de6194d63a14e8f3c378649f7020ce13
af3be6627918c04cf3707b1a4f91dae67554c4a6a14be9888cc6b8a45595b321
b371c18f48e2a0fcde36d514967fc00f4373eb78473fea3d61da38626bbcc09e
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b8ffbee1e4f7d9ae71e33629c1d60288ad2e600ddccfe28acc7c4b0a94a14dbd
ba8d3bc86cfeb01c383756c7e9ce1047457199493d27da9508fb12456dcb3360
c0b91f669e03de054addc2f2a15f5615d94c10ef51acf62bc08467995fb5fece
c2ce900a0f252f6e78201d02186351f344f3b9c9e6a72f98a07bfe909332fff0
c653e441ae1cfe405cd2c68b389bf7d6927b55409dfa1264bf56154b20f8e637
d049fbd7122bbfdd759053f1f53f28a1e6fb96f1495d643aa064f1fb8edc0268
d2ce5e9649172a30b614b52ab60c01d7620cab645526a13b8e391c2713dc3313
d48e49fc0a609fd2b9fb99587b6bd75dd2656b7fe316e0f3631f89d48a9e52f6
d8600c55ec86fce2330eb58c66dcc2d7c6798cc474ef964e79c027d93e3fcddc
d940df69a67b54b79c79434d7fbfd7423d6decdc03fdeda94dd958093e625a93
da530a104b6893598eb6e371298797593b69711fee880fb839ed0a813cdfb526
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea7bd06e5e9bacd7fcd7e6cd09af154a38195c2413e7c80eb2f271e44406132a
edc12bc907c10f796a3d4a2cfcf5715ccd6498f80322d22e94c67ed2731b9988
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04ee7b0722e25032ba99c6394208520439cb04115a421b6294d6d27235cf92c
f27c105f1c08f497757a1daf912c840c0f562a9448c78ae1272c8860c6146653
f55f07029a3fb464d3ef67a0e9cbfa5bba081d4e79506e2cd620e71fbc69faa6
f87f46055339523542d49302a1f7665e2e217654516f0681f963c375249f3107
f9c88d196e9ff61e257364d7fe0bcb83f22efe74b2259758d333d22358cb2264
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

nordvpn.com Open in urlscan Pro 104.17.50.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

171 Requests

82 %HTTPS

0 %IPv6

34 Domains

52 Subdomains

33 IPs

7 Countries

1695 kBTransfer

4305 kBSize

70 Cookies

28 Outgoing links

Page URL History

Redirected requests

171 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nordvpn.com Open in urlscan Pro
104.17.50.74 Public Scan

Screenshot
Live screenshot

Full Image

171
Requests

82 %
HTTPS

0 %
IPv6

34
Domains

52
Subdomains

33
IPs

7
Countries

1695 kB
Transfer

4305 kB
Size

70
Cookies

171 HTTP transactions
5 data transactions