nordvpn.com Open in urlscan Pro
104.18.230.229 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ittvpro.com/
Effective URL:
https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
Submission: On December 17 via manual (December 17th 2019, 7:15:38 pm UTC) from US

Summary HTTP 111 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 30 domains to perform 111 HTTP transactions. The main IP is 104.18.230.229, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is nordvpn.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on April 17th 2018. Valid for: 2 years.

This is the only time nordvpn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	5.79.79.211 5.79.79.211	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	209.15.13.136 209.15.13.136	13768 (COGECO-PEER1) (COGECO-PEER1 - Cogeco Peer 1)
1 1	108.168.193.184 108.168.193.184	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1 2	23.82.9.96 23.82.9.96	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC-01 - Leaseweb USA)
1 1	2606:4700:30:... 2606:4700:30::681f:5584	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 18	2606:4700:30:... 2606:4700:30::681b:907b	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
2 5	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	151.101.130.217 151.101.130.217	54113 (FASTLY) (FASTLY - Fastly)
1	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	34.98.97.120 34.98.97.120	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	173.192.101.29 173.192.101.29	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1 1	54.171.39.37 54.171.39.37	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	104.17.49.74 104.17.49.74	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
6	104.18.230.229 104.18.230.229	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2606:4700:30:... 2606:4700:30::681f:5df0	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:30:... 2606:4700:30::681b:828f	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
48	2606:4700::68... 2606:4700::6811:a71e	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2 9	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:814::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE - Google LLC)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY - Fastly)
2 2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	34.248.147.20 34.248.147.20	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER - Twitter Inc.)
111	25

1 5.79.79.211 (Amsterdam, Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ittvpro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.15.13.136 (Toronto, Canada) 1 redirects

ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA)

btpnative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.168.193.184 (Dallas, United States) 1 redirects

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: b8.c1.a86c.ip4.static.sl-reverse.com

forwrdnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.82.9.96 (Washington, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US)

7lyonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
7proof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681f:5584 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.givemeapplink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:30::681b:907b (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.givemethisoffer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.217 (United States)

ASN54113 (FASTLY - Fastly, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.97.120 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 120.97.98.34.bc.googleusercontent.com

gate.baseresults.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.192.101.29 (Dallas, United States) 1 redirects

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 1d.65.c0ad.ip4.static.sl-reverse.com

252.securefinds2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.39.37 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-171-39-37.eu-west-1.compute.amazonaws.com

go.nordvpn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.49.74 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

visit.nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.230.229 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:30::681f:5df0 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.cherami-cloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:828f (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

search.searchsafely.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2606:4700::6811:a71e (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

s1.nordcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:814::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s45-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.147.20 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-248-147-20.eu-west-1.compute.amazonaws.com

collector-3215.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	nordcdn.com s1.nordcdn.com	494 KB
18	givemethisoffer.com 1 redirects www.givemethisoffer.com	49 KB
9	google-analytics.com 2 redirects www.google-analytics.com	48 KB
7	nordvpn.com 1 redirects visit.nordvpn.com nordvpn.com	50 KB
5	google.com 2 redirects www.google.com	1 KB
4	cloudflare.com cdnjs.cloudflare.com	210 KB
3	google.de www.google.de	328 B
3	doubleclick.net 2 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
3	googleapis.com fonts.googleapis.com	2 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	122 KB
2	tvsquared.com collector-3215.tvsquared.com	9 KB
2	bing.com bat.bing.com	8 KB
2	cherami-cloud.com www.cherami-cloud.com	651 B
2	btpnative.com 1 redirects btpnative.com	4 KB
1	twitter.com analytics.twitter.com	634 B
1	t.co t.co	449 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googleadservices.com www.googleadservices.com	10 KB
1	googletagmanager.com www.googletagmanager.com	41 KB
1	7proof.com 7proof.com	135 B
1	searchsafely.net search.searchsafely.net
1	nordvpn.net 1 redirects go.nordvpn.net	2 KB
1	securefinds2.com 1 redirects 252.securefinds2.com	318 B
1	baseresults.com 1 redirects gate.baseresults.com	242 B
1	sentry-cdn.com browser.sentry-cdn.com	21 KB
1	jquery.com code.jquery.com	30 KB
1	givemeapplink.com 1 redirects www.givemeapplink.com	1 KB
1	7lyonline.com 1 redirects 7lyonline.com	1 KB
1	forwrdnow.com 1 redirects forwrdnow.com	568 B
1	ittvpro.com 1 redirects ittvpro.com	604 B
111	30

	Domain	Requested by
48	s1.nordcdn.com	nordvpn.com s1.nordcdn.com
18	www.givemethisoffer.com	1 redirects btpnative.com www.givemethisoffer.com code.jquery.com
9	www.google-analytics.com	2 redirects nordvpn.com www.google-analytics.com
6	nordvpn.com	www.givemethisoffer.com nordvpn.com s1.nordcdn.com
5	www.google.com	2 redirects www.givemethisoffer.com www.gstatic.com nordvpn.com
4	cdnjs.cloudflare.com	code.jquery.com
3	www.google.de	nordvpn.com
3	fonts.googleapis.com	code.jquery.com nordvpn.com
2	collector-3215.tvsquared.com	btpnative.com nordvpn.com
2	bat.bing.com	btpnative.com nordvpn.com
2	stats.g.doubleclick.net	2 redirects
2	fonts.gstatic.com	nordvpn.com
2	www.cherami-cloud.com
2	btpnative.com	1 redirects
1	analytics.twitter.com	static.ads-twitter.com
1	t.co	nordvpn.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	static.ads-twitter.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	nordvpn.com
1	7proof.com
1	search.searchsafely.net	www.givemethisoffer.com
1	visit.nordvpn.com	1 redirects
1	go.nordvpn.net	1 redirects
1	252.securefinds2.com	1 redirects
1	gate.baseresults.com	1 redirects
1	www.gstatic.com	www.google.com
1	browser.sentry-cdn.com	www.givemethisoffer.com
1	code.jquery.com	www.givemethisoffer.com
1	www.givemeapplink.com	1 redirects
1	7lyonline.com	1 redirects
1	forwrdnow.com	1 redirects
1	ittvpro.com	1 redirects
111	33

This site contains links to these domains. Also see Links.

Domain
join.nordvpn.com
twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-08-07` - `2020-08-06`	a year	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
www.google.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
v2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-09-11` - `2020-02-26`	6 months	crt.sh
*.google.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
nordvpn.com DigiCert SHA2 Extended Validation Server CA	`2018-04-17` - `2020-04-15`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-05` - `2020-06-12`	6 months	crt.sh
7proof.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-13` - `2021-04-09`	2 years	crt.sh
ssl872525.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-13` - `2020-06-20`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
www.google.de GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.tvsquared.com COMODO RSA Domain Validation Secure Server CA	`2018-10-23` - `2020-10-22`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2019-03-07` - `2020-03-07`	a year	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-01-28` - `2020-01-28`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
Frame ID: B377D8CDC1AE3206FF575999FF4F280E
Requests: 113 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbyHgUAAAAAKq8KeoyMO8vG-lfE5RYk8OOClms&co=aHR0cHM6Ly93d3cuZ2l2ZW1ldGhpc29mZmVyLmNvbTo0NDM.&hl=en&v=mhgGrlTs_PbFQOW4ejlxlxZn&size=invisible&cb=sq9ikuz06210
Frame ID: FBF3587877B823174E8AD8588C3AAF57
Requests: 1 HTTP requests in this frame

Frame: https://search.searchsafely.net/wim/static/wi/install.php?cid=8502_fid71_lp23.5.dk_wit1576610117&yid=b5pr&clickid=77491682921&vert=privateSearch&days=180&extid=ebpjnjghimiofdlpnmhclanhckablllf&npage=skip&bnp=1&icon=img&res=1200x1600&step=0&extType=dm&endpointUrl=http%3A%2F%2Fwww.safelyonline.net
Frame ID: 32C9DAAB2CE04C5A9279FCB906C119E8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ittvpro.com/ HTTP 302
http://btpnative.com/click?data=ZVQ2Unk5VXF5NnVjU0Z4UWtXWkt6a0daMTdjTHZRTGItazZjWmlZWUJucjVZMFZFM... Page URL
http://btpnative.com/Redirect/ HTTP 302
http://forwrdnow.com/aS/feedclick?s=tmxvfbadWlnFkESUbGOVobYUp7aBBDBgfSMU3tyux_zXtwEEHRDnjKLP-aljH... HTTP 302
http://7lyonline.com/app/feedclick?p=QV20_SP4vlGUUFHOml0XGyMVpAeiokk6nfCOvd5rmNAuWEs8hw_0m8NnA02f... HTTP 302
http://www.givemeapplink.com/wim/wi/mpsr.php?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4z... HTTP 302
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cach... Page URL
https://www.givemethisoffer.com/wim/wi/incog-rdr.php?browserName=Chrome&dkw=ittvpro.com&clickid=77491682921&... HTTP 302
https://gate.baseresults.com/gate/index.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4z... HTTP 302
https://252.securefinds2.com/adServe/aff?pid=355940&oid=329656&ap1=8502 HTTP 302
https://go.nordvpn.net/aff_c?offer_id=18&aff_id=3929&url_id=904&aff_sub=8502 HTTP 302
https://visit.nordvpn.com/?offer_id=18&aff_id=3929&aff_transaction_id=1029e5ac54a9bd1a7d0b4fac8bb205&s... HTTP 302
https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&u... Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Page Statistics

111
Requests

99 %
HTTPS

53 %
IPv6

30
Domains

33
Subdomains

25
IPs

6
Countries

1219 kB
Transfer

2515 kB
Size

12
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://join.nordvpn.com/en/order/
Title: Unprotected

Search URL Search Domain Scan URL

URL: https://join.nordvpn.com/order/
Title: Save 80% Now

Search URL Search Domain Scan URL

URL: https://twitter.com/musicaljoeker/status/1118170000085389312
Title: Joseph Kerkhof@musicaljoekerI have to say I'm impressed with @NordVPN's improved service over the last year. It's faster, load balances better, and they continue to add new security features. If you're looking for a VPN service, I highly recommend NordVPN.8:11 AM – 16 Apr 2019

Search URL Search Domain Scan URL

URL: https://twitter.com/penworks/status/1142044565802770433
Title: pen works@penworksEarly feedback using @NordVPN. Its great! Stays connected on phones, when MBPro wakes it reconnects very fast, incredible choice of servers, speeds vary but to be expected, unblocks geo-gated sites, interfaces a pleasure to use, killswitch is great. Very happy user so far. #vpn5:20 AM – 21 Jun 2019

Search URL Search Domain Scan URL

URL: https://twitter.com/ToXiC_ToKeN_/status/1110234838550876161
Title: ToXiC_ToKeN 💯 👻@ToXiC_ToKeN_Good idea. I always recommend using a VPN service (example NordVPN) it hides your location and information and makes it harder to pinpoint where you are.10:39 AM – 25 Mar 2019

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ittvpro.com/ HTTP 302
http://btpnative.com/click?data=ZVQ2Unk5VXF5NnVjU0Z4UWtXWkt6a0daMTdjTHZRTGItazZjWmlZWUJucjVZMFZFMXRMd1d0MnRaVnE5cERsTWNqSC1fSEZFVk42cXprckIyZ2JpTGpvdW44X1NmNVl1Z2p2bHJGbHVyWmhlVlg5eHpkUDJfeWVmbmp3YUw0LWpjM21DQmRDVzQwb3BlZFlzek9zQ1lBMg2&id=955c8c99-e328-46fe-8a98-a44eafd3993d Page URL
http://btpnative.com/Redirect/ HTTP 302
http://forwrdnow.com/aS/feedclick?s=tmxvfbadWlnFkESUbGOVobYUp7aBBDBgfSMU3tyux_zXtwEEHRDnjKLP-aljHpXLTiLNxNNj-33OO_4C8lwdTEnJJviG7sRj4j5Sh8kD3GZvkvgQ54hqeOLpAfJV4Cl67ZDbNMzRbgreY__YGIHTjjTdbz-Ng4m1SJlG08H12VPWNe_1YfLUG8S8ljkRFXvVfLbFc2oqgjCsjqoGg5hdwxIHx6YBcpUwpXMAENfKfZ9xPSTZZdNv0eSzsLgJpyoFG2HQPYvWuNIRT13qWkDWfCdsh51EioDRfhbB9QxILccAGc9TAjcT7ANaYTvpQDjUYl1lFkwvospsfmaQVsqPBMLKEDnV_m0V3sZKSbuxVXdUWFMevFiLPiij82q3UjuZM82dh_gU1hCOXcJ9Q6YR5PR84vijETjB271U7t_AK9c7K_Cys93VfeVV07i0JW9pt9oJT4xtXMt464Mcjg6E9Mz8vxrI4dzZEhWZsBCC5Ka9MKtf8niadyso7A2woeA-Gzu6VpZcBnVRmV8YJoUdyDc_kFNLUHsYr0qBynaPMRfnghNoaR9yjVvWQTxzBCtEOONEP1E2msYkCkiF6twEMK5iKz9pTYVV3NUyS2OY4LGBq4r66DLXDHKpzb4RnYcMWoUrD5b5-r7l2lDkdfbcBNbkuIyP1Jl1JCWvlHYVBs1YRLU-eHELa4YUYJddZNGEFHmQcG0kBTrVytckGBf5v2lv-9QrW5wtIOx0i91V2IpGWBcGH0VV7Ak5Y2CHjaB6flcHKfqDWUtDCMGo-FzvNTQQyT1jjs76NAfQiTnkhk_Ja8HiqOyEGa7S7QFlCD8hitqUFM3cxKZ9px30YN85v6CXJBps2N6Vpxi5ib4tgApqWudSIMRBWChGfDj_xh-uEM80kabuakPjfVY2A8LWkFZCPoEwqHfU0jx5m6WemXoIkaL_rltk-_qr_a3kYC2b1bC3pfhUas_mMWS1KUCCTyPzNWQk1eGo8Ih-8Hb0F066Vq6kH0dMNk9utRcOmhGFpLE5ny7ib_KrezMVqAMmxFd-Y6VP7wPLepZywKra8cKo4qI9mEntS-Gv8dtqZj_xXmFpIbzCxRm1u5BD4IIs6vn6IYV0CCTQK0I2L_BuyNbE-urWfB3tK8ejesIxp2FGEM-HJam3Wqx1AXsolpLK2mlvTPc2AfWuckMDGKSep7vFwjFqcGi4RXA795NCGXBArI_czjvaAp0doYEVm71C7xOCmptGII6P9j1fw7feE_KCAwQObhtNlTmIbkEGodm-oK1GYgiI77ajIQ6n-5BK5s-T5ZQ3tPXjyt7eFcoFhbrYgG7afTXkyA HTTP 302
http://7lyonline.com/app/feedclick?p=QV20_SP4vlGUUFHOml0XGyMVpAeiokk6nfCOvd5rmNAuWEs8hw_0m8NnA02fFaz8p3qBGZfYUBaolYCjpDyl9ZwAADH3lhZg2AtjukE22YGdnMNpbZDyLqzdT5IlLEp-U6YFBSU9mOGu0u0BZQg_IaL0q5CuD-2Bo_cjMhInIw0TWh6YD6KdDFU_9_PA4TY77OvLviwdzIo HTTP 302
http://www.givemeapplink.com/wim/wi/mpsr.php?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D HTTP 302
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE Page URL
https://www.givemethisoffer.com/wim/wi/incog-rdr.php?browserName=Chrome&dkw=ittvpro.com&clickid=77491682921&vertical=privateSearch&dp=%3Ftp%3Diw%26cid%3D8502%26v%3D23%26gnum%3D6%26clickid%3D77491682921%26cachecode%3Dm4zhRsUZJplUdh%252BVRhhOtg%253D%253D%253AZmVkY2JhOTg3NjU0MzIxMA%253D%253D%26q%3Dittvpro.com%2BMT%2BComputers%2B%2Bmixing%2BStandardized%2B%2526%2BAdmissions%2BTests%2BHomeschooling%2B%2BEducation%2B%2BElectronics%2B%2Bgraphics%2BTraining%2B%2526%2BCertification%2Bmyvpro.com%2BDistance%2BLearning%2B%2Baudio%2Bprocessing%2BPrimary%2B%2526%2BSecondary%2BSchooling%2B%2528K-12%2529%2Bdigital%2Bmedia%2BTeaching%2B%2526%2BClassroom%2BResources%2BColleges%2B%2526%2BUniversities%2BJobs%2BSoftware%2BVocational%2B%2526%2BContinuing%2BEducation%26dkw%3Dittvpro.com%26g%3DGB%26cc2%3Dm4zhRsUZJplUdh%252BVRhhOtg%253D%253D%253AZmVkY2JhOTg3NjU0MzIxMA%253D%253D%26geo%3DDE HTTP 302
https://gate.baseresults.com/gate/index.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE HTTP 302
https://252.securefinds2.com/adServe/aff?pid=355940&oid=329656&ap1=8502 HTTP 302
https://go.nordvpn.net/aff_c?offer_id=18&aff_id=3929&url_id=904&aff_sub=8502 HTTP 302
https://visit.nordvpn.com/?offer_id=18&aff_id=3929&aff_transaction_id=1029e5ac54a9bd1a7d0b4fac8bb205&source=&aff_sub=8502&url_id=533 HTTP 302
https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ittvpro.com/ HTTP 302
http://btpnative.com/click?data=ZVQ2Unk5VXF5NnVjU0Z4UWtXWkt6a0daMTdjTHZRTGItazZjWmlZWUJucjVZMFZFMXRMd1d0MnRaVnE5cERsTWNqSC1fSEZFVk42cXprckIyZ2JpTGpvdW44X1NmNVl1Z2p2bHJGbHVyWmhlVlg5eHpkUDJfeWVmbmp3YUw0LWpjM21DQmRDVzQwb3BlZFlzek9zQ1lBMg2&id=955c8c99-e328-46fe-8a98-a44eafd3993d

Request Chain 1

http://btpnative.com/Redirect/ HTTP 302
http://forwrdnow.com/aS/feedclick?s=tmxvfbadWlnFkESUbGOVobYUp7aBBDBgfSMU3tyux_zXtwEEHRDnjKLP-aljHpXLTiLNxNNj-33OO_4C8lwdTEnJJviG7sRj4j5Sh8kD3GZvkvgQ54hqeOLpAfJV4Cl67ZDbNMzRbgreY__YGIHTjjTdbz-Ng4m1SJlG08H12VPWNe_1YfLUG8S8ljkRFXvVfLbFc2oqgjCsjqoGg5hdwxIHx6YBcpUwpXMAENfKfZ9xPSTZZdNv0eSzsLgJpyoFG2HQPYvWuNIRT13qWkDWfCdsh51EioDRfhbB9QxILccAGc9TAjcT7ANaYTvpQDjUYl1lFkwvospsfmaQVsqPBMLKEDnV_m0V3sZKSbuxVXdUWFMevFiLPiij82q3UjuZM82dh_gU1hCOXcJ9Q6YR5PR84vijETjB271U7t_AK9c7K_Cys93VfeVV07i0JW9pt9oJT4xtXMt464Mcjg6E9Mz8vxrI4dzZEhWZsBCC5Ka9MKtf8niadyso7A2woeA-Gzu6VpZcBnVRmV8YJoUdyDc_kFNLUHsYr0qBynaPMRfnghNoaR9yjVvWQTxzBCtEOONEP1E2msYkCkiF6twEMK5iKz9pTYVV3NUyS2OY4LGBq4r66DLXDHKpzb4RnYcMWoUrD5b5-r7l2lDkdfbcBNbkuIyP1Jl1JCWvlHYVBs1YRLU-eHELa4YUYJddZNGEFHmQcG0kBTrVytckGBf5v2lv-9QrW5wtIOx0i91V2IpGWBcGH0VV7Ak5Y2CHjaB6flcHKfqDWUtDCMGo-FzvNTQQyT1jjs76NAfQiTnkhk_Ja8HiqOyEGa7S7QFlCD8hitqUFM3cxKZ9px30YN85v6CXJBps2N6Vpxi5ib4tgApqWudSIMRBWChGfDj_xh-uEM80kabuakPjfVY2A8LWkFZCPoEwqHfU0jx5m6WemXoIkaL_rltk-_qr_a3kYC2b1bC3pfhUas_mMWS1KUCCTyPzNWQk1eGo8Ih-8Hb0F066Vq6kH0dMNk9utRcOmhGFpLE5ny7ib_KrezMVqAMmxFd-Y6VP7wPLepZywKra8cKo4qI9mEntS-Gv8dtqZj_xXmFpIbzCxRm1u5BD4IIs6vn6IYV0CCTQK0I2L_BuyNbE-urWfB3tK8ejesIxp2FGEM-HJam3Wqx1AXsolpLK2mlvTPc2AfWuckMDGKSep7vFwjFqcGi4RXA795NCGXBArI_czjvaAp0doYEVm71C7xOCmptGII6P9j1fw7feE_KCAwQObhtNlTmIbkEGodm-oK1GYgiI77ajIQ6n-5BK5s-T5ZQ3tPXjyt7eFcoFhbrYgG7afTXkyA HTTP 302
http://7lyonline.com/app/feedclick?p=QV20_SP4vlGUUFHOml0XGyMVpAeiokk6nfCOvd5rmNAuWEs8hw_0m8NnA02fFaz8p3qBGZfYUBaolYCjpDyl9ZwAADH3lhZg2AtjukE22YGdnMNpbZDyLqzdT5IlLEp-U6YFBSU9mOGu0u0BZQg_IaL0q5CuD-2Bo_cjMhInIw0TWh6YD6KdDFU_9_PA4TY77OvLviwdzIo HTTP 302
http://www.givemeapplink.com/wim/wi/mpsr.php?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D HTTP 302
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE

Request Chain 93

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1307003131&t=pageview&_s=1&dl=https%3A%2F%2Fnordvpn.com%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3D8502%26utm_campaign%3Doff18%26utm_source%3Daff3929&dr=https%3A%2F%2Fwww.givemethisoffer.com%2Fwim%2Fstatic%2Fwi%2Fmain3.html%3Ftp%3Diw%26cid%3D8502%26v%3D23%26gnum%3D6%26clickid%3D77491682921%26cachecode%3Dm4zhRsUZJplUdh%252BVRhhOtg%253D%253D%253AZmVkY2JhOTg3NjU0MzIxMA%253D%253D%26q%3Dittvpro.com%2BMT%2BComputers%2B%2Bmixing%2BStandardized%2B%2526%2BAdmissions%2BTests%2BHomeschooling%2B%2BEducation%2B%2BElectronics%2B%2Bgraphics%2BTraining%2B%2526%2BCertification%2Bmyvpro.com%2BDistance%2BLearning%2B%2Baudio%2Bprocessing%2BPrimary%2B%2526%2BSecondary%2BSchooling%2B%2528K-12%2529%2Bdigital%2Bmedia%2BTeaching%2B%2526%2BClassroom%2BResources%2BColleges%2B%2526%2BUniversities%2BJobs%2BSoftware%2BVocational%2B%2526%2BContinuing%2BEducation%26dkw%3Dittvpro.com%26g%3DGB%26cc2%3Dm4zhRsUZJplUdh%252BVRhhOtg%253D%253D%253AZmVkY2JhOTg3NjU0MzIxMA%253D%253D%26geo%3DDE&ul=en-us&de=UTF-8&dt=Get%203%20months%20free%20with%20the%203-year%20NordVPN%20plan%20for%20%243.49%2Fmo.%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACEILR~&jid=1933337883&gjid=1388184689&cid=1540730887.1576610118&tid=UA-42858496-1&_gid=1805789056.1576610118&_r=1&z=242798171 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-42858496-1&cid=1540730887.1576610118&jid=1933337883&_gid=1805789056.1576610118&gjid=1388184689&_v=j79&z=242798171 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42858496-1&cid=1540730887.1576610118&jid=1933337883&_v=j79&z=242798171 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42858496-1&cid=1540730887.1576610118&jid=1933337883&_v=j79&z=242798171&slf_rd=1&random=1917692686

Request Chain 107

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1307003131&t=event&ni=1&_s=1&dl=https%3A%2F%2Fnordvpn.com%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3D8502%26utm_campaign%3Doff18%26utm_source%3Daff3929&dr=https%3A%2F%2Fwww.givemethisoffer.com%2Fwim%2Fstatic%2Fwi%2Fmain3.html%3Ftp%3Diw%26cid%3D8502%26v%3D23%26gnum%3D6%26clickid%3D77491682921%26cachecode%3Dm4zhRsUZJplUdh%252BVRhhOtg%253D%253D%253AZmVkY2JhOTg3NjU0MzIxMA%253D%253D%26q%3Dittvpro.com%2BMT%2BComputers%2B%2Bmixing%2BStandardized%2B%2526%2BAdmissions%2BTests%2BHomeschooling%2B%2BEducation%2B%2BElectronics%2B%2Bgraphics%2BTraining%2B%2526%2BCertification%2Bmyvpro.com%2BDistance%2BLearning%2B%2Baudio%2Bprocessing%2BPrimary%2B%2526%2BSecondary%2BSchooling%2B%2528K-12%2529%2Bdigital%2Bmedia%2BTeaching%2B%2526%2BClassroom%2BResources%2BColleges%2B%2526%2BUniversities%2BJobs%2BSoftware%2BVocational%2B%2526%2BContinuing%2BEducation%26dkw%3Dittvpro.com%26g%3DGB%26cc2%3Dm4zhRsUZJplUdh%252BVRhhOtg%253D%253D%253AZmVkY2JhOTg3NjU0MzIxMA%253D%253D%26geo%3DDE&ul=en-us&de=UTF-8&dt=Get%203%20months%20free%20with%20the%203-year%20NordVPN%20plan%20for%20%243.49%2Fmo.%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Load%20time&ea=Loaded&el=%2Fen%2Fspecial%2F%20-%20fromDL&ev=1593&_u=aGDACUIrR~&jid=744310541&gjid=1932358206&cid=1540730887.1576610118&uid=&tid=UA-42858496-1&_gid=1805789056.1576610118&_r=1&gtm=2wgc61WX5CH8&cd10=&cd20=1576610119793.ie8mqzp&cd21=2019-12-17T20%3A15%3A19.793%2B01%3A00&cd22=&cd24=&cd25=&cd26=&cd27=&cd28=&cd29=&cd30=&cd32=&cd19=1540730887.1576610118&z=1077921590 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-42858496-1&cid=1540730887.1576610118&jid=744310541&_gid=1805789056.1576610118&gjid=1932358206&_v=j79&z=1077921590 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42858496-1&cid=1540730887.1576610118&jid=744310541&_v=j79&z=1077921590 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42858496-1&cid=1540730887.1576610118&jid=744310541&_v=j79&z=1077921590&slf_rd=1&random=2076051851

111 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set click Show response
btpnative.com/
Redirect Chain

http://ittvpro.com/
http://btpnative.com/click?data=ZVQ2Unk5VXF5NnVjU0Z4UWtXWkt6a0daMTdjTHZRTGItazZjWmlZWUJucjVZMFZFMXRMd1d0MnRaVnE5cERsTWNqSC1fSEZFVk42cXprckIyZ2JpTGpvdW44X1NmNVl1Z2p2bHJGbHVyWmhlVlg5eHpkUDJfeWVmbmp3Y...

5 KB
3 KB

281ms
201ms

Document
text/html

209.15.13.136
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to

Full URL: http://btpnative.com/click?data=ZVQ2Unk5VXF5NnVjU0Z4UWtXWkt6a0daMTdjTHZRTGItazZjWmlZWUJucjVZMFZFMXRMd1d0MnRaVnE5cERsTWNqSC1fSEZFVk42cXprckIyZ2JpTGpvdW44X1NmNVl1Z2p2bHJGbHVyWmhlVlg5eHpkUDJfeWVmbmp3YUw0LWpjM21DQmRDVzQwb3BlZFlzek9zQ1lBMg2&id=955c8c99-e328-46fe-8a98-a44eafd3993d
Protocol: HTTP/1.1
Server: 209.15.13.136 Toronto, Canada, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 5377a44c6162a3493448b48cb356c7537273f3e96f64f2096d7b087ba390915c

Request headers

Host: btpnative.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: MvqmQpjytTaXrMo=MvqmQpjytTaXrMo; path=/
X-Server: web01
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Tue, 17 Dec 2019 19:15:14 GMT
Content-Length: 2146

Redirect headers

cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Tue, 17 Dec 2019 19:15:14 GMT
location: http://btpnative.com/click?data=ZVQ2Unk5VXF5NnVjU0Z4UWtXWkt6a0daMTdjTHZRTGItazZjWmlZWUJucjVZMFZFMXRMd1d0MnRaVnE5cERsTWNqSC1fSEZFVk42cXprckIyZ2JpTGpvdW44X1NmNVl1Z2p2bHJGbHVyWmhlVlg5eHpkUDJfeWVmbmp3YUw0LWpjM21DQmRDVzQwb3BlZFlzek9zQ1lBMg2&id=955c8c99-e328-46fe-8a98-a44eafd3993d
server: nginx
set-cookie: sid=8dea7a04-2101-11ea-bb98-07286db58f03; path=/; domain=.ittvpro.com; expires=Sun, 04 Jan 2088 22:29:22 GMT; max-age=2147483647; HttpOnly

GET
H2

200

main3.html Show response
www.givemethisoffer.com/wim/static/wi/
Redirect Chain

http://btpnative.com/Redirect/
http://forwrdnow.com/aS/feedclick?s=tmxvfbadWlnFkESUbGOVobYUp7aBBDBgfSMU3tyux_zXtwEEHRDnjKLP-aljHpXLTiLNxNNj-33OO_4C8lwdTEnJJviG7sRj4j5Sh8kD3GZvkvgQ54hqeOLpAfJV4Cl67ZDbNMzRbgreY__YGIHTjjTdbz-Ng4m1S...
http://7lyonline.com/app/feedclick?p=QV20_SP4vlGUUFHOml0XGyMVpAeiokk6nfCOvd5rmNAuWEs8hw_0m8NnA02fFaz8p3qBGZfYUBaolYCjpDyl9ZwAADH3lhZg2AtjukE22YGdnMNpbZDyLqzdT5IlLEp-U6YFBSU9mOGu0u0BZQg_IaL0q5CuD-2B...
http://www.givemeapplink.com/wim/wi/mpsr.php?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixin...
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Comp...

3 KB
2 KB

138ms
58ms

Document
text/html

2606:4700:30::681b:907b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
Requested by: Host: btpnative.com
URL: http://btpnative.com/click?data=ZVQ2Unk5VXF5NnVjU0Z4UWtXWkt6a0daMTdjTHZRTGItazZjWmlZWUJucjVZMFZFMXRMd1d0MnRaVnE5cERsTWNqSC1fSEZFVk42cXprckIyZ2JpTGpvdW44X1NmNVl1Z2p2bHJGbHVyWmhlVlg5eHpkUDJfeWVmbmp3YUw0LWpjM21DQmRDVzQwb3BlZFlzek9zQ1lBMg2&id=955c8c99-e328-46fe-8a98-a44eafd3993d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:907b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0c23f4d409a58cbb346b4bcf769b3022ce8895a370dd8664c242b3296d19737

Request headers

:method: GET
:authority: www.givemethisoffer.com
:scheme: https
:path: /wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://btpnative.com/click?data=ZVQ2Unk5VXF5NnVjU0Z4UWtXWkt6a0daMTdjTHZRTGItazZjWmlZWUJucjVZMFZFMXRMd1d0MnRaVnE5cERsTWNqSC1fSEZFVk42cXprckIyZ2JpTGpvdW44X1NmNVl1Z2p2bHJGbHVyWmhlVlg5eHpkUDJfeWVmbmp3YUw0LWpjM21DQmRDVzQwb3BlZFlzek9zQ1lBMg2&id=955c8c99-e328-46fe-8a98-a44eafd3993d
accept-encoding: gzip, deflate, br
Origin: http://btpnative.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://btpnative.com/click?data=ZVQ2Unk5VXF5NnVjU0Z4UWtXWkt6a0daMTdjTHZRTGItazZjWmlZWUJucjVZMFZFMXRMd1d0MnRaVnE5cERsTWNqSC1fSEZFVk42cXprckIyZ2JpTGpvdW44X1NmNVl1Z2p2bHJGbHVyWmhlVlg5eHpkUDJfeWVmbmp3YUw0LWpjM21DQmRDVzQwb3BlZFlzek9zQ1lBMg2&id=955c8c99-e328-46fe-8a98-a44eafd3993d

Response headers

status: 200
date: Tue, 17 Dec 2019 19:15:16 GMT
content-type: text/html
set-cookie: __cfduid=db3938480cf291d7a55d6147efa9d5b6e1576610116; expires=Thu, 16-Jan-20 19:15:16 GMT; path=/; domain=.givemethisoffer.com; HttpOnly; SameSite=Lax
last-modified: Tue, 17 Dec 2019 16:08:20 GMT
vary: Accept-Encoding
expires: Tue, 17 Dec 2019 20:15:16 GMT
cache-control: max-age=3600
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 546b398c6eb15a1e-VIE
content-encoding: br

Redirect headers

Date: Tue, 17 Dec 2019 19:15:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d549800571a9adb55080092d435d3e8511576610116; expires=Thu, 16-Jan-20 19:15:16 GMT; path=/; domain=.givemeapplink.com; HttpOnly; SameSite=Lax
X-Powered-By: PHP/5.6.40
Location: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
Via: 1.1 google
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 546b398b9f67cbc4-VIE

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 20ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:2b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: www.givemethisoffer.com
URL: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 19:15:16 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Jan 2018 17:26:44 GMT
Server: nginx
ETag: W/"5a637bd4-1538f"
Vary: Accept-Encoding
X-HW: 1576610116.dop005.fr8.shc,1576610116.dop005.fr8.t,1576610116.cds057.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 30288

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 763 B
667 B 16ms
16ms Script
text/javascript 2a00:1450:4001:824::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfbyHgUAAAAAKq8KeoyMO8vG-lfE5RYk8OOClms

Requested by

Host: www.givemethisoffer.com
URL: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

57a095be832d3f3aacf0405aa8616d63bfeaa395673b5c90f76ba5e994696a14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 497
x-xss-protection: 1; mode=block
expires: Tue, 17 Dec 2019 19:15:16 GMT

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/4.3.2/ 66 KB
21 KB 81ms
25ms Script
application/javascript 151.101.130.217
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/4.3.2/bundle.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Fastly /

Resource Hash

1b5aee94843076932d9cfa527f447f41306acdf650abf4e02527731e8119a639

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
Origin: https://www.givemethisoffer.com

Response headers

date: Tue, 17 Dec 2019 19:15:16 GMT
content-encoding: gzip
last-modified: Fri, 16 Nov 2018 15:29:19 GMT
server: Fastly
age: 2279667
etag: "822e7271fe55bfac69f10bbd728a60c9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21433
expires: Fri, 20 Nov 2020 10:00:49 GMT

GET
H2 200 bundle.js Show response
www.givemethisoffer.com/wim/static/dist/ 121 KB
22 KB 21ms
21ms Script
application/javascript 2606:4700:30::681b:907b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemethisoffer.com/wim/static/dist/bundle.js
Requested by: Host: www.givemethisoffer.com
URL: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:907b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce6e63494571117bfc843f6d8113679e7d4d0231f1e6f86e180e0f4dad216545

Request headers

Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:16 GMT
via: 1.1 google
cf-cache-status: HIT
age: 707
status: 200
content-encoding: br
last-modified: Tue, 17 Dec 2019 16:22:12 GMT
server: cloudflare
etag: W/"5df900b4-1e23e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 546b398cdf0b5a1e-VIE
expires: Tue, 17 Dec 2019 20:03:29 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/mhgGrlTs_PbFQOW4ejlxlxZn/ 254 KB
91 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mhgGrlTs_PbFQOW4ejlxlxZn/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfbyHgUAAAAAKq8KeoyMO8vG-lfE5RYk8OOClms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c2cca14e4dbf2994f90b91ef01ec4d6eb6b560b429d028317d624d9b5f4bdcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 18:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Dec 2019 05:03:14 GMT
server: sffe
age: 349403
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 92878
x-xss-protection: 0
expires: Sat, 12 Dec 2020 18:11:53 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame FBF3 0
0 29ms
29ms Document
text/html 2a00:1450:4001:824::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbyHgUAAAAAKq8KeoyMO8vG-lfE5RYk8OOClms&co=aHR0cHM6Ly93d3cuZ2l2ZW1ldGhpc29mZmVyLmNvbTo0NDM.&hl=en&v=mhgGrlTs_PbFQOW4ejlxlxZn&size=invisible&cb=sq9ikuz06210

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mhgGrlTs_PbFQOW4ejlxlxZn/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ySBlni4xvQXWomIVxbND2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfbyHgUAAAAAKq8KeoyMO8vG-lfE5RYk8OOClms&co=aHR0cHM6Ly93d3cuZ2l2ZW1ldGhpc29mZmVyLmNvbTo0NDM.&hl=en&v=mhgGrlTs_PbFQOW4ejlxlxZn&size=invisible&cb=sq9ikuz06210
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 17 Dec 2019 19:15:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-ySBlni4xvQXWomIVxbND2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 8975
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 index.html
www.givemethisoffer.com/wim/static/lps/safe/23.5.dk/ 6 KB
2 KB 50ms
50ms XHR
text/html 2606:4700:30::681b:907b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemethisoffer.com/wim/static/lps/safe/23.5.dk/index.html
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:907b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 546b398dbfc65a1e-VIE
date: Tue, 17 Dec 2019 19:15:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
last-modified: Tue, 17 Dec 2019 16:08:20 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
expires: Tue, 17 Dec 2019 20:15:16 GMT

GET
H2

200

Primary Request / Show response
nordvpn.com/special/
Redirect Chain

https://www.givemethisoffer.com/wim/wi/incog-rdr.php?browserName=Chrome&dkw=ittvpro.com&clickid=77491682921&vertical=privateSearch&dp=%3Ftp%3Diw%26cid%3D8502%26v%3D23%26gnum%3D6%26clickid%3D7749168...
https://gate.baseresults.com/gate/index.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixin...
https://252.securefinds2.com/adServe/aff?pid=355940&oid=329656&ap1=8502
https://go.nordvpn.net/aff_c?offer_id=18&aff_id=3929&url_id=904&aff_sub=8502
https://visit.nordvpn.com/?offer_id=18&aff_id=3929&aff_transaction_id=1029e5ac54a9bd1a7d0b4fac8bb205&source=&aff_sub=8502&url_id=533
https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

108 KB
24 KB

135ms
80ms

Document
text/html

104.18.230.229
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Requested by

Host: www.givemethisoffer.com
URL: https://www.givemethisoffer.com/wim/static/dist/bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.230.229 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e64bca1eaf8541b64a5b8ead9994b4fb0437ceaa94fa547e6630834ddd34035c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: nordvpn.com
:scheme: https
:path: /special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
accept-encoding: gzip, deflate, br
cookie: __cfduid=da9cc10dcdd9418127a84801a8fb88b751576610117; aff_id=3929; aff_transaction_id=1029e5ac54a9bd1a7d0b4fac8bb205
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE

Response headers

status: 200
date: Tue, 17 Dec 2019 19:15:18 GMT
content-type: text/html; charset=UTF-8
cf-ray: 546b39958cb16a23-LHR
age: 578
cache-control: public, max-age=1800
expires: Tue, 17 Dec 2019 19:45:18 GMT
link: <https://nordvpn.com/wp-json/>; rel="https://api.w.org/", <https://nordvpn.com/?p=29187>; rel=shortlink
set-cookie: locale=en; expires=Wed, 16 Dec 2020 19:15:18 GMT; path=/; domain=nordvpn.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma: no-cache
x-cache: MISS
x-frame-options: SAMEORIGIN
x-generator: front-eu-web-3
server: cloudflare
content-encoding: br

Redirect headers

status: 302
date: Tue, 17 Dec 2019 19:15:17 GMT
set-cookie: __cfduid=da9cc10dcdd9418127a84801a8fb88b751576610117; expires=Thu, 16-Jan-20 19:15:17 GMT; path=/; domain=.nordvpn.com; HttpOnly; SameSite=Lax aff_id=3929; Max-Age=2592000; Domain=.nordvpn.com aff_transaction_id=1029e5ac54a9bd1a7d0b4fac8bb205; Max-Age=2592000; Domain=.nordvpn.com
cache-control: no-store, no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
location: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 546b3993eb843474-LHR

GET
H2 200 wa
www.cherami-cloud.com/report/ 2 B
590 B 126ms
69ms Image
text/plain 2606:4700:30::681f:5df0
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cherami-cloud.com/report/wa?ctag=8502_fid71_lp23.5.dk_wit1576610117&clickid=77491682921&yid=b5pr&vertical=privateSearch&step=0&res=1600X1200&lang=en&dkw=ittvpro.com&extType=dm&action=inc&inc=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:5df0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:16 GMT
via: 1.1 google
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain; charset=utf-8
status: 200
access-control-allow-credentials: true
cf-ray: 546b398e1b8159e2-VIE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
content-length: 2

GET
H2 200 icon
fonts.googleapis.com/ 574 B
429 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 17 Dec 2019 19:15:16 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 17 Dec 2019 19:15:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 17 Dec 2019 19:15:16 GMT

GET
H2 200 materialize.min.css
cdnjs.cloudflare.com/ajax/libs/materialize/0.99.0/css/ 128 KB
20 KB 28ms
27ms Stylesheet
text/css 2606:4700::6811:4004
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/materialize/0.99.0/css/materialize.min.css

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 21243770
cf-ray: 546b398e4ffccbc0-VIE
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:22:59 GMT
server: cloudflare
etag: W/"5afd49f3-20198"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Sun, 06 Dec 2020 19:15:16 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.004

GET
H2 200 style.css
www.givemethisoffer.com/wim/static/lps/safe/23.5.dk/css/ 8 KB
2 KB 17ms
17ms Stylesheet
text/css 2606:4700:30::681b:907b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemethisoffer.com/wim/static/lps/safe/23.5.dk/css/style.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:907b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:16 GMT
via: 1.1 google
cf-cache-status: HIT
age: 706
status: 200
content-encoding: br
last-modified: Tue, 17 Dec 2019 16:08:20 GMT
server: cloudflare
etag: W/"5df8fd74-211e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 546b398e48455a1e-VIE
expires: Tue, 17 Dec 2019 20:03:30 GMT

GET
H2 200 register.js
www.givemethisoffer.com/wim/static/wi/ 404 B
282 B 17ms
16ms XHR
application/javascript 2606:4700:30::681b:907b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemethisoffer.com/wim/static/wi/register.js
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:907b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:16 GMT
via: 1.1 google
cf-cache-status: HIT
age: 706
status: 200
content-encoding: br
last-modified: Tue, 17 Dec 2019 16:08:20 GMT
server: cloudflare
etag: W/"5df8fd74-194"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 546b398e584b5a1e-VIE
expires: Tue, 17 Dec 2019 20:03:30 GMT

GET
H2 200 index.html
www.givemethisoffer.com/wim/static/components/retry/3/ 122 B
148 B 39ms
39ms XHR
text/html 2606:4700:30::681b:907b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemethisoffer.com/wim/static/components/retry/3/index.html
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:907b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 546b398e68695a1e-VIE
date: Tue, 17 Dec 2019 19:15:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
last-modified: Tue, 17 Dec 2019 16:08:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
expires: Tue, 17 Dec 2019 20:15:16 GMT

GET
H2 200 index.html
www.givemethisoffer.com/wim/static/components/info/2/ 4 KB
1 KB 48ms
48ms XHR
text/html 2606:4700:30::681b:907b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemethisoffer.com/wim/static/components/info/2/index.html
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:907b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 546b398e686a5a1e-VIE
date: Tue, 17 Dec 2019 19:15:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
last-modified: Tue, 17 Dec 2019 16:08:19 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
expires: Tue, 17 Dec 2019 20:15:16 GMT

GET
H2 200 index.html
www.givemethisoffer.com/wim/static/components/lp-modal/4.1/ 2 KB
806 B 46ms
46ms XHR
text/html 2606:4700:30::681b:907b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemethisoffer.com/wim/static/components/lp-modal/4.1/index.html
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:907b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 546b398e686c5a1e-VIE
date: Tue, 17 Dec 2019 19:15:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
last-modified: Tue, 17 Dec 2019 16:08:19 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
expires: Tue, 17 Dec 2019 20:15:16 GMT

GET
H2 200 flow.js
www.givemethisoffer.com/wim/static/components/flows/5.2.1/ 1 KB
500 B 58ms
58ms XHR
application/javascript 2606:4700:30::681b:907b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemethisoffer.com/wim/static/components/flows/5.2.1/flow.js?_=1576610116645
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:907b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 546b398e786e5a1e-VIE
date: Tue, 17 Dec 2019 19:15:16 GMT
via: 1.1 google
cf-cache-status: MISS
last-modified: Tue, 17 Dec 2019 16:08:19 GMT
server: cloudflare
status: 200
etag: W/"5df8fd73-468"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
content-encoding: br
expires: Tue, 17 Dec 2019 20:15:16 GMT

GET
H2 200 install.php
search.searchsafely.net/wim/static/wi/ Frame 32C9 0
0 528ms
61ms Document
text/html 2606:4700:30::681b:828f
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://search.searchsafely.net/wim/static/wi/install.php?cid=8502_fid71_lp23.5.dk_wit1576610117&yid=b5pr&clickid=77491682921&vert=privateSearch&days=180&extid=ebpjnjghimiofdlpnmhclanhckablllf&npage=skip&bnp=1&icon=img&res=1200x1600&step=0&extType=dm&endpointUrl=http%3A%2F%2Fwww.safelyonline.net
Requested by: Host: www.givemethisoffer.com
URL: https://www.givemethisoffer.com/wim/static/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:828f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

:method: GET
:authority: search.searchsafely.net
:scheme: https
:path: /wim/static/wi/install.php?cid=8502_fid71_lp23.5.dk_wit1576610117&yid=b5pr&clickid=77491682921&vert=privateSearch&days=180&extid=ebpjnjghimiofdlpnmhclanhckablllf&npage=skip&bnp=1&icon=img&res=1200x1600&step=0&extType=dm&endpointUrl=http%3A%2F%2Fwww.safelyonline.net
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE

Response headers

status: 200
date: Tue, 17 Dec 2019 19:15:17 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d9bc31a63e726fb873e28949831bb09881576610117; expires=Thu, 16-Jan-20 19:15:17 GMT; path=/; domain=.searchsafely.net; HttpOnly; SameSite=Lax b5pr_cid=8502_fid71_lp23.5.dk_wit1576610117; Max-Age=31536000; Domain=.searchsafely.net; Path=/; Expires=Wed, 16 Dec 2020 19:15:17 GMT b5pr_extid=ebpjnjghimiofdlpnmhclanhckablllf; Max-Age=31536000; Domain=.searchsafely.net; Path=/; Expires=Wed, 16 Dec 2020 19:15:17 GMT b5pr_clickid=77491682921; Max-Age=31536000; Domain=.searchsafely.net; Path=/; Expires=Wed, 16 Dec 2020 19:15:17 GMT b5pr_vert=privateSearch; Max-Age=31536000; Domain=.searchsafely.net; Path=/; Expires=Wed, 16 Dec 2020 19:15:17 GMT fcid=; Domain=.searchsafely.net; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT gclid=; Domain=.searchsafely.net; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT pclid=; Domain=.searchsafely.net; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT npage=; Max-Age=31536000; Domain=.searchsafely.net; Path=/; Expires=Wed, 16 Dec 2020 19:15:17 GMT b5pr_npage=skip; Max-Age=31536000; Domain=.searchsafely.net; Path=/; Expires=Wed, 16 Dec 2020 19:15:17 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
access-control-allow-credentials: true
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 546b399159b48c7a-VIE
content-encoding: br

GET
H2 200 lobibox.min.js
www.givemethisoffer.com/wim/static/assets/lobibox/js/ 25 KB
6 KB 23ms
22ms XHR
application/javascript 2606:4700:30::681b:907b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemethisoffer.com/wim/static/assets/lobibox/js/lobibox.min.js
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:907b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:16 GMT
via: 1.1 google
cf-cache-status: HIT
age: 706
status: 200
content-encoding: br
last-modified: Tue, 17 Dec 2019 16:08:19 GMT
server: cloudflare
etag: W/"5df8fd73-65d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 546b398e78765a1e-VIE
expires: Tue, 17 Dec 2019 20:03:30 GMT

GET
H2 200 lobibox.min.css
www.givemethisoffer.com/wim/static/assets/lobibox/css/ 23 KB
3 KB 23ms
23ms Stylesheet
text/css 2606:4700:30::681b:907b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemethisoffer.com/wim/static/assets/lobibox/css/lobibox.min.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:907b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:16 GMT
via: 1.1 google
cf-cache-status: HIT
age: 706
status: 200
content-encoding: br
last-modified: Tue, 17 Dec 2019 16:08:19 GMT
server: cloudflare
etag: W/"5df8fd73-5cbd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 546b398ea89c5a1e-VIE
expires: Tue, 17 Dec 2019 20:03:30 GMT

GET
H2 200 wa
www.cherami-cloud.com/report/ 2 B
61 B 51ms
51ms Image
text/plain 2606:4700:30::681f:5df0
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cherami-cloud.com/report/wa?ctag=8502_fid71_lp23.5.dk_wit1576610117&clickid=77491682921&yid=b5pr&vertical=privateSearch&step=0&res=1600X1200&lang=en&dkw=ittvpro.com&extType=dm&action=pageload
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:5df0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:16 GMT
via: 1.1 google
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain; charset=utf-8
status: 200
access-control-allow-credentials: true
cf-ray: 546b398eac2c59e2-VIE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
content-length: 2

GET
H2 200 cookie_notice_1.css
www.givemethisoffer.com/wim/static/components/lp-modal/4.1/src/demos/css/ 648 B
337 B 20ms
17ms Stylesheet
text/css 2606:4700:30::681b:907b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemethisoffer.com/wim/static/components/lp-modal/4.1/src/demos/css/cookie_notice_1.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:907b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:16 GMT
via: 1.1 google
cf-cache-status: HIT
age: 706
status: 200
content-encoding: br
last-modified: Tue, 17 Dec 2019 16:08:19 GMT
server: cloudflare
etag: W/"5df8fd73-288"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 546b398ed8b85a1e-VIE
expires: Tue, 17 Dec 2019 20:03:30 GMT

GET
H2 200 slickmodal.min.css
www.givemethisoffer.com/wim/static/components/lp-modal/4.1/src/plugin/css/ 19 KB
3 KB 25ms
22ms Stylesheet
text/css 2606:4700:30::681b:907b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemethisoffer.com/wim/static/components/lp-modal/4.1/src/plugin/css/slickmodal.min.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:907b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:16 GMT
via: 1.1 google
cf-cache-status: HIT
age: 706
status: 200
content-encoding: br
last-modified: Tue, 17 Dec 2019 16:08:19 GMT
server: cloudflare
etag: W/"5df8fd73-4ad6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 546b398ed8b95a1e-VIE
expires: Tue, 17 Dec 2019 20:03:30 GMT

GET
H2 200 jquery.slickmodal.min.js
www.givemethisoffer.com/wim/static/components/lp-modal/4.1/src/plugin/js/ 16 KB
4 KB 20ms
20ms XHR
application/javascript 2606:4700:30::681b:907b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemethisoffer.com/wim/static/components/lp-modal/4.1/src/plugin/js/jquery.slickmodal.min.js
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:907b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:16 GMT
via: 1.1 google
cf-cache-status: HIT
age: 706
status: 200
content-encoding: br
last-modified: Tue, 17 Dec 2019 16:08:19 GMT
server: cloudflare
etag: W/"5df8fd73-3fae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 546b398ed8ba5a1e-VIE
expires: Tue, 17 Dec 2019 20:03:30 GMT

GET
H2 200 info.png
www.givemethisoffer.com/wim/static/components/info/2/ 655 B
746 B 18ms
18ms Image
image/png 2606:4700:30::681b:907b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.givemethisoffer.com/wim/static/components/info/2/info.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:907b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:16 GMT
via: 1.1 google
cf-cache-status: HIT
age: 706
status: 200
content-length: 655
last-modified: Tue, 17 Dec 2019 16:08:19 GMT
server: cloudflare
etag: "5df8fd73-28f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 546b398f29095a1e-VIE
expires: Tue, 17 Dec 2019 20:03:30 GMT

GET
H2 200 Roboto-Bold.woff2
cdnjs.cloudflare.com/ajax/libs/materialize/0.99.0/fonts/roboto/ 63 KB
63 KB 19ms
18ms Font
application/octet-stream 2606:4700::6811:4004
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/materialize/0.99.0/fonts/roboto/Roboto-Bold.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://cdnjs.cloudflare.com/ajax/libs/materialize/0.99.0/css/materialize.min.css
Origin: https://www.givemethisoffer.com

Response headers

date: Tue, 17 Dec 2019 19:15:17 GMT
cf-cache-status: HIT
age: 21243771
cf-ray: 546b398f389359c4-VIE
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 64800
last-modified: Thu, 17 May 2018 09:22:59 GMT
server: cloudflare
etag: "5afd49f3-fd20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
expires: Sun, 06 Dec 2020 19:15:17 GMT
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
served-in-seconds: 0.008

GET
H2 200 Roboto-Light.woff2
cdnjs.cloudflare.com/ajax/libs/materialize/0.99.0/fonts/roboto/ 63 KB
63 KB 21ms
20ms Font
application/octet-stream 2606:4700::6811:4004
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/materialize/0.99.0/fonts/roboto/Roboto-Light.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://cdnjs.cloudflare.com/ajax/libs/materialize/0.99.0/css/materialize.min.css
Origin: https://www.givemethisoffer.com

Response headers

date: Tue, 17 Dec 2019 19:15:17 GMT
cf-cache-status: HIT
age: 12586879
cf-ray: 546b398f389459c4-VIE
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 64268
last-modified: Thu, 17 May 2018 09:22:59 GMT
server: cloudflare
etag: "5afd49f3-fb0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
expires: Sun, 06 Dec 2020 19:15:17 GMT
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
served-in-seconds: 0.000

GET
H2 200 Roboto-Regular.woff2
cdnjs.cloudflare.com/ajax/libs/materialize/0.99.0/fonts/roboto/ 63 KB
63 KB 19ms
19ms Font
application/octet-stream 2606:4700::6811:4004
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/materialize/0.99.0/fonts/roboto/Roboto-Regular.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://cdnjs.cloudflare.com/ajax/libs/materialize/0.99.0/css/materialize.min.css
Origin: https://www.givemethisoffer.com

Response headers

date: Tue, 17 Dec 2019 19:15:17 GMT
cf-cache-status: HIT
age: 12586879
cf-ray: 546b398f48a159c4-VIE
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 64832
last-modified: Thu, 17 May 2018 09:21:59 GMT
server: cloudflare
etag: "5afd49b7-fd40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
expires: Sun, 06 Dec 2020 19:15:17 GMT
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
served-in-seconds: 0.009

GET
H2 200 css
fonts.googleapis.com/ 9 KB
805 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:600,700,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 17 Dec 2019 19:15:17 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 17 Dec 2019 19:15:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 17 Dec 2019 19:15:17 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:600,700,400,300
Origin: https://www.givemethisoffer.com

Response headers

date: Tue, 19 Nov 2019 09:15:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 2455164
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Wed, 18 Nov 2020 09:15:53 GMT

GET
H2 200 ccValid.php
www.givemethisoffer.com/wim/wi/ 31 B
166 B 51ms
51ms XHR
application/json 2606:4700:30::681b:907b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemethisoffer.com/wim/wi/ccValid.php?skip=false&ctag=8502_fid71_lp23.5.dk_wit1576610117&clickid=77491682921&yid=b5pr&vertical=privateSearch&extType=dm&step=0&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:907b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash

Request headers

Accept: */*
Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 546b39919b085a1e-VIE
date: Tue, 17 Dec 2019 19:15:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
content-encoding: br

POST
H2 200 rcp.php
www.givemethisoffer.com/wim/reports/ 1 B
60 B 80ms
80ms XHR
application/json 2606:4700:30::681b:907b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.givemethisoffer.com/wim/reports/rcp.php
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:907b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash

Request headers

Accept: */*
Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
Origin: https://www.givemethisoffer.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

cf-ray: 546b3991ab185a1e-VIE
date: Tue, 17 Dec 2019 19:15:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
status: 200
content-encoding: br

GET
H/1.1 200 fr
7proof.com/app/ 0
135 B 340ms
113ms Image
text/plain 23.82.9.96
Leaseweb USA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://7proof.com/app/fr?type=l1&dp1=77491682921&score=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.82.9.96 Washington, United States, ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8502&v=23&gnum=6&clickid=77491682921&cachecode=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=ittvpro.com+MT+Computers++mixing+Standardized+%26+Admissions+Tests+Homeschooling++Education++Electronics++graphics+Training+%26+Certification+myvpro.com+Distance+Learning++audio+processing+Primary+%26+Secondary+Schooling+%28K-12%29+digital+media+Teaching+%26+Classroom+Resources+Colleges+%26+Universities+Jobs+Software+Vocational+%26+Continuing+Education&dkw=ittvpro.com&g=GB&cc2=m4zhRsUZJplUdh%2BVRhhOtg%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&geo=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 19:15:17 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 0

GET
H2 200 jquery.min.js Show response
s1.nordcdn.com/jquery/1.12.4/ 95 KB
32 KB 88ms
32ms Script
application/javascript 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/jquery/1.12.4/jquery.min.js?ver=1.11.3

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Mar 2018 12:23:25 GMT
server: cloudflare
age: 26186
x-frame-options: SAMEORIGIN
etag: W/"5abb893d-17b8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b39967ef95a1e-VIE
access-control-allow-origin: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 2501
date: Tue, 17 Dec 2019 18:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Tue, 17 Dec 2019 20:33:37 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 141 KB
41 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:814::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c678726b3840e69053c105142e721cf70428b6127c6d50b3e2bc7ca5df5e47c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 41675
x-xss-protection: 0
expires: Tue, 17 Dec 2019 19:15:18 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 18:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2184
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Tue, 17 Dec 2019 19:38:54 GMT

GET
H2 200 base.css
s1.nordcdn.com/nordvpn/3.469.0/css/ 129 KB
19 KB 56ms
25ms Stylesheet
text/css 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.469.0/css/base.css

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a41a62859fd417ee3fa5a0b68c898eda3d88eb9f4299ef3336cc153b4f19c76

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:44 GMT
server: cloudflare
age: 26186
x-frame-options: SAMEORIGIN
etag: W/"5df10c94-20334"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b39967ef85a1e-VIE
access-control-allow-origin: *

GET
H2 200 nordvpn.svg
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/logos/horizontal/ 2 KB
1 KB 51ms
23ms Image
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/logos/horizontal/nordvpn.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a33a80013bb48d80ed49d506258eded30de3202dc0faa75ca7de2add0b9872cf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 25917
etag: W/"5df10c7a-78f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b39967efb5a1e-VIE
access-control-allow-origin: *

GET
H2 200 nordpass-symbol.png
s1.nordcdn.com/nordvpn/media/1.259.0/images/campaigns/special/christmas-2019/ 1 KB
1 KB 25ms
21ms Image
image/png 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/campaigns/special/christmas-2019/nordpass-symbol.png

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f886f4bbefd564e1a34004df7c71c3a08fa29c0c8c28abe3082c117ee740ee75

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
cf-cache-status: HIT
age: 25996
status: 200
content-length: 1345
last-modified: Wed, 11 Dec 2019 15:34:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5df10c78-541"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
accept-ranges: bytes
cf-ray: 546b3996df535a1e-VIE

GET
H2 200 success.svg
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/16/ 209 B
222 B 36ms
32ms Image
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/16/success.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f27c105f1c08f497757a1daf912c840c0f562a9448c78ae1272c8860c6146653

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 25996
etag: W/"5df10c7a-d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3996df545a1e-VIE
access-control-allow-origin: *

GET
H2 200 nordpass-logo.png
s1.nordcdn.com/nordvpn/media/1.259.0/images/campaigns/special/christmas-2019/ 1 KB
1 KB 24ms
20ms Image
image/png 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/campaigns/special/christmas-2019/nordpass-logo.png

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

aad13d707968aad24d7e80a2efc21eb15251640485b3ddbddb5417cd32cc832b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
cf-cache-status: HIT
age: 25860
status: 200
content-length: 1191
last-modified: Wed, 11 Dec 2019 15:34:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5df10c78-4a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
accept-ranges: bytes
cf-ray: 546b3996df565a1e-VIE

GET
H2 200 checkbox-tick.svg
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/16/ 176 B
207 B 25ms
22ms Image
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/16/checkbox-tick.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2ce5e9649172a30b614b52ab60c01d7620cab645526a13b8e391c2713dc3313

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 25996
etag: W/"5df10c7a-b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3996df575a1e-VIE
access-control-allow-origin: *

GET
H2 200 pcmag-ec.svg
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/logos/horizontal/ 8 KB
3 KB 27ms
24ms Image
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/logos/horizontal/pcmag-ec.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd7175f6d992e0832c0f39a8db7be18bc05be87ba3a5115f2603eb5c00ca33c4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 25996
etag: W/"5df10c7a-1fcd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3996df585a1e-VIE
access-control-allow-origin: *

GET
H2 200 cnet.svg
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/logos/horizontal/ 1 KB
723 B 28ms
25ms Image
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/logos/horizontal/cnet.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7d3b2ff5dcb5311ebf1212197c448cf31273b3a0cabadfd7cbd708bce4da761

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 25996
etag: W/"5df10c7a-4e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3996df5a5a1e-VIE
access-control-allow-origin: *

GET
H2 200 bestvpn.svg
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/logos/affiliates/ 4 KB
2 KB 26ms
23ms Image
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/logos/affiliates/bestvpn.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

04d20cbe817d733d3846f6ea01e84fe89e54ca5b1fdeef86ed7ac3d2f2c9afa9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 25996
etag: W/"5df10c7a-1015"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3996df5b5a1e-VIE
access-control-allow-origin: *

GET
H2 200 tnw.svg
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/logos/horizontal/ 915 B
580 B 23ms
20ms Image
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/logos/horizontal/tnw.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f606b1932ad972a840983b9099c2a48089f061d752a701ee214011489cd2c7da

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 25996
etag: W/"5df10c7a-393"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3996df5c5a1e-VIE
access-control-allow-origin: *

GET
H2 200 buzzfeed.svg
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/logos/horizontal/ 3 KB
2 KB 24ms
21ms Image
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/logos/horizontal/buzzfeed.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

aba35a49aef38631a6364ebfb1ec765d7d3aa4640b1ea43706f0514ec6d2cf73

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 25996
etag: W/"5df10c7a-cd9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3996df5e5a1e-VIE
access-control-allow-origin: *

GET
H2 200 techradar-white-transparent.svg
s1.nordcdn.com/nordvpn/media/1.256.0/images/global/logos/horizontal/ 6 KB
2 KB 27ms
25ms Image
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.256.0/images/global/logos/horizontal/techradar-white-transparent.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

64064d5a5413c820e59c4a91284746fca8e1dee6225ef04f96a260ed5dbc614f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Mon, 09 Dec 2019 08:41:49 GMT
server: cloudflare
age: 25996
etag: W/"5dee08cd-1886"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3996df5f5a1e-VIE
access-control-allow-origin: *

GET
H2 200 desktop-app-female-street_thumb_blur.jpg
s1.nordcdn.com/nordvpn/media/1.259.0/images/campaigns/default-special/ 1 KB
1 KB 28ms
26ms Image
image/jpeg 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/campaigns/default-special/desktop-app-female-street_thumb_blur.jpg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3c4a03f5ffb7184c92a0fc6c521c477d9dbce23b108f0b4510ca5882db4adee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
cf-cache-status: HIT
age: 25917
status: 200
content-length: 1042
last-modified: Wed, 11 Dec 2019 15:34:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5df10c78-412"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
accept-ranges: bytes
cf-ray: 546b3996df605a1e-VIE

GET
H2 200 lock.svg
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/ 286 B
585 B 31ms
29ms Image
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/lock.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

10481ae6bb8b6b59e857506fbbf2e96ce0e20f54725a58528168ddd6694ac81f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 26280
etag: W/"5df10c7a-11e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3996df615a1e-VIE
access-control-allow-origin: *

GET
H2 200 cross-platform_thumb_blur.jpg
s1.nordcdn.com/nordvpn/media/1.259.0/images/campaigns/default-special/ 1 KB
1 KB 25ms
22ms Image
image/jpeg 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/campaigns/default-special/cross-platform_thumb_blur.jpg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

27eaca4e58bac1e0db9307dbedb9a900b5b386c28f2d19678012acea4650c675

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
cf-cache-status: HIT
age: 26006
status: 200
content-length: 1256
last-modified: Wed, 11 Dec 2019 15:34:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5df10c78-4e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
accept-ranges: bytes
cf-ray: 546b3996df625a1e-VIE

GET
H2 200 multiple-devices.svg
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/ 344 B
271 B 28ms
25ms Image
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/multiple-devices.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c895b61f1f7fb93a2d65c30ffd4ada8dd5ea0f393b2956751fa54e238827ca9c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 26013
etag: W/"5df10c7a-158"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3996df635a1e-VIE
access-control-allow-origin: *

GET
H2 200 tv-content_thumb_blur.png
s1.nordcdn.com/nordvpn/media/1.259.0/images/campaigns/default-special/ 26 KB
26 KB 29ms
26ms Image
image/png 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/campaigns/default-special/tv-content_thumb_blur.png

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

86f2c89ef251ab652a4d01af8fdc998af9e829ec82174ba95e38a10cd680d0d5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
cf-cache-status: HIT
age: 25917
status: 200
content-length: 26601
last-modified: Wed, 11 Dec 2019 15:34:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5df10c78-67e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
accept-ranges: bytes
cf-ray: 546b3996df665a1e-VIE

GET
H2 200 globe.svg
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/ 892 B
561 B 32ms
29ms Image
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/globe.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2f1263d2a05584e2114338f686805fb5c714e7dcf8c10d10b59b2080c8029e6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 26013
etag: W/"5df10c7a-37c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3996df675a1e-VIE
access-control-allow-origin: *

GET
H2 200 success.svg
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/ 225 B
230 B 28ms
26ms Image
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/success.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5349b6daaeb8431fcf48a366272d5729935b3311b07396b41ed07ce8e0b6f4af

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 26006
etag: W/"5df10c7a-e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3996df685a1e-VIE
access-control-allow-origin: *

GET
H2 200 play.svg
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/ 345 B
302 B 33ms
31ms Image
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/play.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

52c758cdbdcc2966a525df71b19e4c05eccba65b7c0776a1e32efa34ebf8117b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 26006
etag: W/"5df10c7a-159"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3996df6a5a1e-VIE
access-control-allow-origin: *

GET
H2 200 eye-disabled.svg
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/ 824 B
529 B 29ms
27ms Image
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/eye-disabled.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7dda2090caf41000364180644ae481c0b3174e7a8004d94de79a8e6dc394ad1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 26006
etag: W/"5df10c7a-338"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3996df6b5a1e-VIE
access-control-allow-origin: *

GET
H2 200 live-chat.svg
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/ 280 B
255 B 34ms
32ms Image
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/live-chat.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

845176754a70e3db8a1a80f45d2707584ff2e71c203ef322802d37544e3d6898

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 26013
etag: W/"5df10c7a-118"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3996df6c5a1e-VIE
access-control-allow-origin: *

GET
H2 200 visa-card.svg
s1.nordcdn.com/nordvpn/media/0.39.0/images/global/logos/mini/ 1 KB
732 B 32ms
30ms Image
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/0.39.0/images/global/logos/mini/visa-card.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b07e99ecb5e1b6b2f06343714c0d6da8a75bd6dd35d8d7f6bb7520a616fdc85b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Tue, 22 May 2018 13:34:07 GMT
server: cloudflare
age: 26095
etag: W/"5b041c4f-4d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3996df6d5a1e-VIE
access-control-allow-origin: *

GET
H2 200 mastercard-card.svg
s1.nordcdn.com/nordvpn/media/0.39.0/images/global/logos/mini/ 727 B
479 B 33ms
31ms Image
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/0.39.0/images/global/logos/mini/mastercard-card.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9da8e5272e73a6c59036474aa9a12c1f59e704d2d2fede9f709c26eb1b6a720

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Tue, 22 May 2018 13:34:07 GMT
server: cloudflare
age: 26095
etag: W/"5b041c4f-2d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3996df6e5a1e-VIE
access-control-allow-origin: *

GET
H2 200 amex-card.svg
s1.nordcdn.com/nordvpn/media/0.39.0/images/global/logos/mini/ 941 B
654 B 30ms
28ms Image
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/0.39.0/images/global/logos/mini/amex-card.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

844bfc2c459eb7aad66b59333b5359a9f2eb16c7ea849c39c09fef3a0c1aecea

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Tue, 22 May 2018 13:34:07 GMT
server: cloudflare
age: 26095
etag: W/"5b041c4f-3ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3996df6f5a1e-VIE
access-control-allow-origin: *

GET
H2 200 discover-card.svg
s1.nordcdn.com/nordvpn/media/0.39.0/images/global/logos/mini/ 1 KB
748 B 33ms
31ms Image
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/0.39.0/images/global/logos/mini/discover-card.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

de5e3c0f209dfc228dc9a4866159a83d0dab403e77779407f1dc649938147da2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Tue, 22 May 2018 13:34:07 GMT
server: cloudflare
age: 26095
etag: W/"5b041c4f-570"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3996df705a1e-VIE
access-control-allow-origin: *

GET
H2 200 lazyload.min.js Show response
s1.nordcdn.com/nordvpn/3.125.0/js/ 9 KB
4 KB 32ms
30ms Script
application/javascript 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.125.0/js/lazyload.min.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ce84507943fb6119ae9d538ab1ec50d8947741ffd72a6f13c945f30c727df0c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 May 2018 13:34:39 GMT
server: cloudflare
age: 26095
x-frame-options: SAMEORIGIN
etag: W/"5b041c6f-2580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3996df715a1e-VIE
access-control-allow-origin: *

GET
H2 200 countdown.min.js Show response
s1.nordcdn.com/nordvpn/3.410.0/js/ 6 KB
2 KB 34ms
32ms Script
application/javascript 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.410.0/js/countdown.min.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2214bb8a67a3c90f321c15d30351460304b3b34d136d8f145e426654e1462d6f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Aug 2019 07:11:51 GMT
server: cloudflare
age: 26095
x-frame-options: SAMEORIGIN
etag: W/"5d68cc37-1878"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3996df735a1e-VIE
access-control-allow-origin: *

GET
H2 200 scripts.min.js Show response
nordvpn.com/wp-content/plugins/cookie-consent-plugin/public/1548142014/ 572 B
440 B 57ms
57ms Script
application/javascript 104.18.230.229
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/wp-content/plugins/cookie-consent-plugin/public/1548142014/scripts.min.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.230.229 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

07d228b722ed9ab3e8bad5143d666e3573dedf6c18ee4aaeeeb85bf965d36c6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 7137
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 22 Jan 2019 07:40:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"5c46c8e8-23c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 546b39965d6a6a23-LHR
expires: Fri, 17 Jan 2020 19:15:18 GMT

GET
H2 200 compiled.min.js Show response
nordvpn.com/wp-content/plugins/popups-plugin/dist/ 30 KB
9 KB 55ms
55ms Script
application/javascript 104.18.230.229
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/wp-content/plugins/popups-plugin/dist/compiled.min.js?ver=3.5.0

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.230.229 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1abd2a0e736646c66d6c0faa0aaa47820d8a0f3b58317129417a77102f4103f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 7106
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 16 Aug 2019 10:21:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"5d5683a6-7687"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 546b3996ada86a23-LHR
expires: Fri, 17 Jan 2020 19:15:18 GMT

GET
H2 200 base.min.js Show response
s1.nordcdn.com/nordvpn/3.469.0/js/ 158 KB
39 KB 26ms
26ms Script
application/javascript 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.469.0/js/base.min.js?ver=1.0.0

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cd60219809d913eeb524476105957e109fbfd003b87bd629d1f396c96090946

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:44 GMT
server: cloudflare
age: 26186
x-frame-options: SAMEORIGIN
etag: W/"5df10c94-278e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3996af285a1e-VIE
access-control-allow-origin: *

GET
H2 200 scripts.js Show response
nordvpn.com/wp-content/plugins/cf7-conditional-fields/js/ 64 KB
15 KB 49ms
47ms Script
application/javascript 104.18.230.229
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/wp-content/plugins/cf7-conditional-fields/js/scripts.js?ver=1.7.8

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.230.229 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b36b6b8294047a1082b3f16dd18f422859c143135a8e47342d3f8f6e7bfd0bd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 6801
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 17 Dec 2019 09:13:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5df89c24-10053"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-generator: front-eu-web-3
cache-control: public, max-age=2678400
cf-ray: 546b3996ddde6a23-LHR
expires: Fri, 17 Jan 2020 19:15:18 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 78 KB
28 KB 26ms
24ms Script
application/javascript 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KV49WTQ&cid=1540730887.1576610118

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dab9e2e1add82849284b80d0cae0c19f74e8f1205c5b33a832d723a8dad0c5e1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 28436
x-xss-protection: 0
expires: Tue, 17 Dec 2019 19:15:18 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 130ms
49ms Script
text/javascript 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

77ce0ec2a02b410eee12285bd7487b2599970ac39b6ff58c0b748b6e2df36f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9933
x-xss-protection: 0
server: cafe
etag: 9795501548502167919
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 17 Dec 2019 19:15:18 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 126ms
41ms Script
application/javascript 151.101.112.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: gzip
age: 39720
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-hhn4033-HHN
last-modified: Tue, 23 Jan 2018 20:09:00 GMT
x-timer: S1576610118.304183,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 240 B
240 B Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1f389a4a583504e955a630f2dc66ba3ef895fed89b6c6477f30fef9e09fd631

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://nordvpn.com

Response headers

Content-Type: font/woff2

GET
H2 200 hero-christmas-tree_thumb_blur.jpg
s1.nordcdn.com/nordvpn/media/1.259.0/images/campaigns/special/christmas-2019/ 463 B
540 B 22ms
22ms Image
image/jpeg 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/campaigns/special/christmas-2019/hero-christmas-tree_thumb_blur.jpg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9115a297775fa267ce6abfc6c6aa41194b8e6de17373e674bdbbad3015c2381a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
cf-cache-status: HIT
age: 25996
status: 200
content-length: 463
last-modified: Wed, 11 Dec 2019 15:34:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5df10c78-1cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
accept-ranges: bytes
cf-ray: 546b3996ef745a1e-VIE

GET
H2 200 css
fonts.googleapis.com/ 452 B
393 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Yesteryear&display=swap

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

eb1939d0033ddf929529d65c7f981bb1c13853969ea8f3d7ce9a934a3436171d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 17 Dec 2019 19:15:18 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 17 Dec 2019 19:15:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 17 Dec 2019 19:15:18 GMT

GET
H2 200 dropdown-arrow-white.svg
s1.nordcdn.com/nordvpn/3.178.0/images/global/icons/16/ 145 B
316 B 18ms
17ms Image
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/3.178.0/images/global/icons/16/dropdown-arrow-white.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f3349d876701633d974b9d69911cb220b4b0d6c8bebec6fd2f9fb06dbcec87e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://s1.nordcdn.com/nordvpn/3.469.0/css/base.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Fri, 03 Aug 2018 09:25:08 GMT
server: cloudflare
age: 26094
etag: W/"5b641f74-91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b39972fa45a1e-VIE
access-control-allow-origin: *

GET
H2 200 dg4g_p78rroaKl8kRKo1n7sNTigkiy0.woff2
fonts.gstatic.com/s/yesteryear/v8/ 22 KB
22 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/yesteryear/v8/dg4g_p78rroaKl8kRKo1n7sNTigkiy0.woff2

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b12161238d1fd7aa4d642d243b5dda146907ea70d32bcd973c5fa571fa46ae7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Yesteryear&display=swap
Origin: https://nordvpn.com

Response headers

date: Sat, 14 Dec 2019 11:57:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 03:48:02 GMT
server: sffe
age: 285492
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 22756
x-xss-protection: 0
expires: Sun, 13 Dec 2020 11:57:06 GMT

GET
H2 200 admin-ajax.php Show response
nordvpn.com/wp-admin/ 191 B
363 B 144ms
144ms XHR
application/json 104.18.230.229
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/wp-admin/admin-ajax.php?action=get_user_info_data

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/jquery/1.12.4/jquery.min.js?ver=1.11.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.230.229 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc110e47c20b084ac1d29f5cfc5f30b5e0e37ca31cedfde29026d4e2e922689d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept: */*
Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
vary: Accept-Encoding
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-robots-tag: noindex
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=UTF-8
x-generator: front-eu-web-2
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 546b3997aef26a23-LHR
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 admin-ajax.php Show response
nordvpn.com/wp-admin/ 368 B
280 B 146ms
146ms XHR
application/json 104.18.230.229
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/wp-admin/admin-ajax.php?resolution=1585&currentUrl=https%3A%2F%2Fnordvpn.com%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3D8502%26utm_campaign%3Doff18%26utm_source%3Daff3929&action=pop_get_relative_popup

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/jquery/1.12.4/jquery.min.js?ver=1.11.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.230.229 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

29f20ffd765965f56df2d6a78647144f5c4f9e46c5b67c3ab65705469ae7fd65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
vary: Accept-Encoding
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-robots-tag: noindex
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=UTF-8
x-generator: front-eu-web-4
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 546b3997aef36a23-LHR
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 success.svg Show response
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/16/ 209 B
217 B 54ms
26ms XHR
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/16/success.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/jquery/1.12.4/jquery.min.js?ver=1.11.3

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f27c105f1c08f497757a1daf912c840c0f562a9448c78ae1272c8860c6146653

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
status: 200
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 25859
x-frame-options: SAMEORIGIN
etag: W/"5df10c7a-d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3997df02cbb8-VIE

GET
H2 200 checkbox-tick.svg Show response
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/16/ 176 B
195 B 97ms
69ms XHR
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/16/checkbox-tick.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/jquery/1.12.4/jquery.min.js?ver=1.11.3

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2ce5e9649172a30b614b52ab60c01d7620cab645526a13b8e391c2713dc3313

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
status: 200
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 25859
x-frame-options: SAMEORIGIN
etag: W/"5df10c7a-b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3997df17cbb8-VIE

GET
H2 200 checkbox-tick.svg Show response
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/16/ 176 B
194 B 55ms
28ms XHR
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/16/checkbox-tick.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/jquery/1.12.4/jquery.min.js?ver=1.11.3

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2ce5e9649172a30b614b52ab60c01d7620cab645526a13b8e391c2713dc3313

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
status: 200
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 25859
x-frame-options: SAMEORIGIN
etag: W/"5df10c7a-b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3997ef61cbb8-VIE

GET
H2 200 checkbox-tick.svg Show response
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/16/ 176 B
208 B 51ms
25ms XHR
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/16/checkbox-tick.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/jquery/1.12.4/jquery.min.js?ver=1.11.3

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2ce5e9649172a30b614b52ab60c01d7620cab645526a13b8e391c2713dc3313

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
status: 200
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 25859
x-frame-options: SAMEORIGIN
etag: W/"5df10c7a-b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3997df08cbb8-VIE

GET
H2 200 lock.svg Show response
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/ 286 B
256 B 52ms
26ms XHR
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/lock.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/jquery/1.12.4/jquery.min.js?ver=1.11.3

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

10481ae6bb8b6b59e857506fbbf2e96ce0e20f54725a58528168ddd6694ac81f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
status: 200
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 25859
x-frame-options: SAMEORIGIN
etag: W/"5df10c7a-11e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3997df0ccbb8-VIE

GET
H2 200 multiple-devices.svg Show response
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/ 344 B
267 B 53ms
27ms XHR
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/multiple-devices.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/jquery/1.12.4/jquery.min.js?ver=1.11.3

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c895b61f1f7fb93a2d65c30ffd4ada8dd5ea0f393b2956751fa54e238827ca9c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
status: 200
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 25859
x-frame-options: SAMEORIGIN
etag: W/"5df10c7a-158"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3997df07cbb8-VIE

GET
H2 200 globe.svg Show response
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/ 892 B
562 B 51ms
25ms XHR
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/globe.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/jquery/1.12.4/jquery.min.js?ver=1.11.3

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2f1263d2a05584e2114338f686805fb5c714e7dcf8c10d10b59b2080c8029e6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
status: 200
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 25859
x-frame-options: SAMEORIGIN
etag: W/"5df10c7a-37c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3997df19cbb8-VIE

GET
H2 200 success.svg Show response
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/ 225 B
231 B 59ms
34ms XHR
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/success.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/jquery/1.12.4/jquery.min.js?ver=1.11.3

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5349b6daaeb8431fcf48a366272d5729935b3311b07396b41ed07ce8e0b6f4af

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
status: 200
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 25859
x-frame-options: SAMEORIGIN
etag: W/"5df10c7a-e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3997df16cbb8-VIE

GET
H2 200 lock.svg Show response
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/ 286 B
242 B 52ms
27ms XHR
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/lock.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/jquery/1.12.4/jquery.min.js?ver=1.11.3

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

10481ae6bb8b6b59e857506fbbf2e96ce0e20f54725a58528168ddd6694ac81f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
status: 200
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 25859
x-frame-options: SAMEORIGIN
etag: W/"5df10c7a-11e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3997df10cbb8-VIE

GET
H2 200 play.svg Show response
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/ 345 B
303 B 48ms
24ms XHR
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/play.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/jquery/1.12.4/jquery.min.js?ver=1.11.3

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

52c758cdbdcc2966a525df71b19e4c05eccba65b7c0776a1e32efa34ebf8117b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
status: 200
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 25859
x-frame-options: SAMEORIGIN
etag: W/"5df10c7a-159"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3997df0dcbb8-VIE

GET
H2 200 globe.svg Show response
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/ 892 B
547 B 52ms
27ms XHR
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/globe.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/jquery/1.12.4/jquery.min.js?ver=1.11.3

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2f1263d2a05584e2114338f686805fb5c714e7dcf8c10d10b59b2080c8029e6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
status: 200
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 25859
x-frame-options: SAMEORIGIN
etag: W/"5df10c7a-37c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3997df12cbb8-VIE

GET
H2 200 eye-disabled.svg Show response
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/ 824 B
527 B 58ms
33ms XHR
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/eye-disabled.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/jquery/1.12.4/jquery.min.js?ver=1.11.3

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7dda2090caf41000364180644ae481c0b3174e7a8004d94de79a8e6dc394ad1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
status: 200
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 25859
x-frame-options: SAMEORIGIN
etag: W/"5df10c7a-338"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3997ef63cbb8-VIE

GET
H2 200 live-chat.svg Show response
s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/ 280 B
593 B 47ms
23ms XHR
image/svg+xml 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/global/icons/32/live-chat.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/jquery/1.12.4/jquery.min.js?ver=1.11.3

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

845176754a70e3db8a1a80f45d2707584ff2e71c203ef322802d37544e3d6898

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: br
status: 200
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 15:34:18 GMT
server: cloudflare
age: 25859
x-frame-options: SAMEORIGIN
etag: W/"5df10c7a-118"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 546b3997df15cbb8-VIE

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1307003131&t=pageview&_s=1&dl=https%3A%2F%2Fnordvpn.com%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3D8502%26utm_campaign%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-42858496-1&cid=1540730887.1576610118&jid=1933337883&_gid=1805789056.1576610118&gjid=1388184689&_v=j79&z=242798171
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42858496-1&cid=1540730887.1576610118&jid=1933337883&_v=j79&z=242798171
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42858496-1&cid=1540730887.1576610118&jid=1933337883&_v=j79&z=242798171&slf_rd=1&random=1917692686

42 B
109 B

30ms
30ms

Image
image/gif

2a00:1450:4001:824::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42858496-1&cid=1540730887.1576610118&jid=1933337883&_v=j79&z=242798171&slf_rd=1&random=1917692686

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Dec 2019 19:15:18 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Dec 2019 19:15:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42858496-1&cid=1540730887.1576610118&jid=1933337883&_v=j79&z=242798171&slf_rd=1&random=1917692686
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 47ms
47ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: btpnative.com
URL: http://btpnative.com/click?data=ZVQ2Unk5VXF5NnVjU0Z4UWtXWkt6a0daMTdjTHZRTGItazZjWmlZWUJucjVZMFZFMXRMd1d0MnRaVnE5cERsTWNqSC1fSEZFVk42cXprckIyZ2JpTGpvdW44X1NmNVl1Z2p2bHJGbHVyWmhlVlg5eHpkUDJfeWVmbmp3YUw0LWpjM21DQmRDVzQwb3BlZFlzek9zQ1lBMg2&id=955c8c99-e328-46fe-8a98-a44eafd3993d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref: Ref A: 9285EE973D9A48B780BE1D70D61A2A85 Ref B: VIEEDGE0418 Ref C: 2019-12-17T19:15:18Z
access-control-allow-origin: *
etag: "09c5197968d51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7148

GET
H/1.1 200
OK tv2track.js Show response
collector-3215.tvsquared.com/ 20 KB
9 KB 182ms
37ms Script
application/javascript 34.248.147.20
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-3215.tvsquared.com/tv2track.js
Requested by: Host: btpnative.com
URL: http://btpnative.com/click?data=ZVQ2Unk5VXF5NnVjU0Z4UWtXWkt6a0daMTdjTHZRTGItazZjWmlZWUJucjVZMFZFMXRMd1d0MnRaVnE5cERsTWNqSC1fSEZFVk42cXprckIyZ2JpTGpvdW44X1NmNVl1Z2p2bHJGbHVyWmhlVlg5eHpkUDJfeWVmbmp3YUw0LWpjM21DQmRDVzQwb3BlZFlzek9zQ1lBMg2&id=955c8c99-e328-46fe-8a98-a44eafd3993d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.147.20 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-248-147-20.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0a9aa75388f20120607c9ca759ff9be8076260ee661c01ca367dada52c8f36a0

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 19:15:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Mar 2019 11:09:36 GMT
Server: nginx
ETag: "5c8a3670-2113"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
X-Robots-Tag: noindex
Content-Length: 8467
Expires: Tue, 17 Dec 2019 19:25:18 GMT

GET
H2 200 hero-christmas-tree.jpg
s1.nordcdn.com/nordvpn/media/1.259.0/images/campaigns/special/christmas-2019/ 179 KB
179 KB 26ms
25ms Image
image/jpeg 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/campaigns/special/christmas-2019/hero-christmas-tree.jpg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b04d1a18fb053f6ca2356fe92974cd8350d7526c876af29c7f8e041bf3730b6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
cf-cache-status: HIT
age: 26033
status: 200
content-length: 183127
last-modified: Wed, 11 Dec 2019 15:34:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5df10c78-2cb57"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
accept-ranges: bytes
cf-ray: 546b3997e8285a1e-VIE

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/950534254/ 4 KB
2 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950534254/?random=1576610118385&cv=9&fst=1576610118385&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fnordvpn.com%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3D8502%26utm_campaign%3Doff18%26utm_source%3Daff3929&ref=https%3A%2F%2Fwww.givemethisoffer.com%2Fwim%2Fstatic%2Fwi%2Fmain3.html%3Ftp%3Diw%26cid%3D8502%26v%3D23%26gnum%3D6%26clickid%3D77491682921%26cachecode%3Dm4zhRsUZJplUdh%252BVRhhOtg%253D%253D%253AZmVkY2JhOTg3NjU0MzIxMA%253D%253D%26q%3Dittvpro.com%2BMT%2BComputers%2B%2Bmixing%2BStandardized%2B%2526%2BAdmissions%2BTests%2BHomeschooling%2B%2BEducation%2B%2BElectronics%2B%2Bgraphics%2BTraining%2B%2526%2BCertification%2Bmyvpro.com%2BDistance%2BLearning%2B%2Baudio%2Bprocessing%2BPrimary%2B%2526%2BSecondary%2BSchooling%2B%2528K-12%2529%2Bdigital%2Bmedia%2BTeaching%2B%2526%2BClassroom%2BResources%2BColleges%2B%2526%2BUniversities%2BJobs%2BSoftware%2BVocational%2B%2526%2B&tiba=Get%203%20months%20free%20with%20the%203-year%20NordVPN%20plan%20for%20%243.49%2Fmo.%20%7C%20NordVPN&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

f5511b575c66aa641e2ba21ade04aafbffcbbfdf076b7c4d6e95bc1f38d28573

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1471
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
449 B 196ms
143ms Image
image/gif 104.244.42.5
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o28e0&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 0
x-response-time: 117
pragma: no-cache
last-modified: Tue, 17 Dec 2019 19:15:18 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 07f7ca4c877d90698441be05c82dfd43
x-transaction: 00856e5800d7c098
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/950534254/ 42 B
151 B 44ms
43ms Image
image/gif 2a00:1450:4001:824::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/950534254/?random=1576610118385&cv=9&fst=1576609200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fnordvpn.com%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3D8502%26utm_campaign%3Doff18%26utm_source%3Daff3929&ref=https%3A%2F%2Fwww.givemethisoffer.com%2Fwim%2Fstatic%2Fwi%2Fmain3.html%3Ftp%3Diw%26cid%3D8502%26v%3D23%26gnum%3D6%26clickid%3D77491682921%26cachecode%3Dm4zhRsUZJplUdh%252BVRhhOtg%253D%253D%253AZmVkY2JhOTg3NjU0MzIxMA%253D%253D%26q%3Dittvpro.com%2BMT%2BComputers%2B%2Bmixing%2BStandardized%2B%2526%2BAdmissions%2BTests%2BHomeschooling%2B%2BEducation%2B%2BElectronics%2B%2Bgraphics%2BTraining%2B%2526%2BCertification%2Bmyvpro.com%2BDistance%2BLearning%2B%2Baudio%2Bprocessing%2BPrimary%2B%2526%2BSecondary%2BSchooling%2B%2528K-12%2529%2Bdigital%2Bmedia%2BTeaching%2B%2526%2BClassroom%2BResources%2BColleges%2B%2526%2BUniversities%2BJobs%2BSoftware%2BVocational%2B%2526%2B&tiba=Get%203%20months%20free%20with%20the%203-year%20NordVPN%20plan%20for%20%243.49%2Fmo.%20%7C%20NordVPN&async=1&fmt=3&is_vtc=1&random=2198601440&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Dec 2019 19:15:18 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/950534254/ 42 B
110 B 24ms
24ms Image
image/gif 2a00:1450:4001:824::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/950534254/?random=1576610118385&cv=9&fst=1576609200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fnordvpn.com%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3D8502%26utm_campaign%3Doff18%26utm_source%3Daff3929&ref=https%3A%2F%2Fwww.givemethisoffer.com%2Fwim%2Fstatic%2Fwi%2Fmain3.html%3Ftp%3Diw%26cid%3D8502%26v%3D23%26gnum%3D6%26clickid%3D77491682921%26cachecode%3Dm4zhRsUZJplUdh%252BVRhhOtg%253D%253D%253AZmVkY2JhOTg3NjU0MzIxMA%253D%253D%26q%3Dittvpro.com%2BMT%2BComputers%2B%2Bmixing%2BStandardized%2B%2526%2BAdmissions%2BTests%2BHomeschooling%2B%2BEducation%2B%2BElectronics%2B%2Bgraphics%2BTraining%2B%2526%2BCertification%2Bmyvpro.com%2BDistance%2BLearning%2B%2Baudio%2Bprocessing%2BPrimary%2B%2526%2BSecondary%2BSchooling%2B%2528K-12%2529%2Bdigital%2Bmedia%2BTeaching%2B%2526%2BClassroom%2BResources%2BColleges%2B%2526%2BUniversities%2BJobs%2BSoftware%2BVocational%2B%2526%2B&tiba=Get%203%20months%20free%20with%20the%203-year%20NordVPN%20plan%20for%20%243.49%2Fmo.%20%7C%20NordVPN&async=1&fmt=3&is_vtc=1&random=2198601440&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Dec 2019 19:15:18 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
171 B 1365ms
1365ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5060812&Ver=2&mid=ba27fec9-0364-f197-2513-ac5518c8ffbf&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Get%203%20months%20free%20with%20the%203-year%20NordVPN%20plan%20for%20%243.49%2Fmo.%20%7C%20NordVPN&p=https%3A%2F%2Fnordvpn.com%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3D8502%26utm_campaign%3Doff18%26utm_source%3Daff3929&r=https%3A%2F%2Fwww.givemethisoffer.com%2Fwim%2Fstatic%2Fwi%2Fmain3.html%3Ftp%3Diw%26cid%3D8502%26v%3D23%26gnum%3D6%26clickid%3D77491682921%26cachecode%3Dm4zhRsUZJplUdh%252BVRhhOtg%253D%253D%253AZmVkY2JhOTg3NjU0MzIxMA%253D%253D%26q%3Dittvpro.com%2BMT%2BComputers%2B%2Bmixing%2BStandardized%2B%2526%2BAdmissions%2BTests%2BHomeschooling%2B%2BEducation%2B%2BElectronics%2B%2Bgraphics%2BTraining%2B%2526%2BCertification%2Bmyvpro.com%2BDistance%2BLearning%2B%2Baudio%2Bprocessing%2BPrimary%2B%2526%2BSecondary%2BSchooling%2B%2528K-12%2529%2Bdigital%2Bmedia%2BTeaching%2B%2526%2BClassroom%2BResources%2BColleges%2B%2526%2BUniversities%2BJobs%2BSoftware%2BVocational%2B%2526%2BContinuing%2BEducation%26dkw%3Dittvpro.com%26g%3DGB%26cc2%3Dm4zhRsUZJplUdh%252BVRhhOtg%253D%253D%253AZmVkY2JhOTg3NjU0MzIxMA%253D%253D%26geo%3DDE&lt=1596&evt=pageLoad&msclkid=N&rn=6560
Requested by: Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Tue, 17 Dec 2019 19:15:19 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 6BE2E76B82094380B246CE60A1E453E2 Ref B: VIEEDGE0418 Ref C: 2019-12-17T19:15:18Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 desktop-app-female-street.jpg
s1.nordcdn.com/nordvpn/media/1.259.0/images/campaigns/default-special/ 45 KB
45 KB 22ms
21ms Image
image/jpeg 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.259.0/images/campaigns/default-special/desktop-app-female-street.jpg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a00bdbbde0847fa0912fdf19cff971fbb08efd77d141c0c6bb32e77502e21a46

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:18 GMT
cf-cache-status: HIT
age: 25859
status: 200
content-length: 45837
last-modified: Wed, 11 Dec 2019 15:34:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5df10c78-b30d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
accept-ranges: bytes
cf-ray: 546b3998c8b25a1e-VIE

GET
H/1.1 200
OK tv2track.php
collector-3215.tvsquared.com/ 43 B
371 B 47ms
46ms Image
image/gif 34.248.147.20
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-3215.tvsquared.com/tv2track.php?action_name=Get%203%20months%20free%20with%20the%203-year%20NordVPN%20plan%20for%20%243.49%2Fmo.%20%7C%20NordVPN&idsite=TV-63728145-1&rec=1&r=829113&h=20&m=15&s=18&url=https%3A%2F%2Fnordvpn.com%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3D8502%26utm_campaign%3Doff18%26utm_source%3Daff3929&urlref=https%3A%2F%2Fwww.givemethisoffer.com%2Fwim%2Fstatic%2Fwi%2Fmain3.html%3Ftp%3Diw%26cid%3D8502%26v%3D23%26gnum%3D6%26clickid%3D77491682921%26cachecode%3Dm4zhRsUZJplUdh%252BVRhhOtg%253D%253D%253AZmVkY2JhOTg3NjU0MzIxMA%253D%253D%26q%3Dittvpro.com%2BMT%2BComputers%2B%2Bmixing%2BStandardized%2B%2526%2BAdmissions%2BTests%2BHomeschooling%2B%2BEducation%2B%2BElectronics%2B%2Bgraphics%2BTraining%2B%2526%2BCertification%2Bmyvpro.com%2BDistance%2BLearning%2B%2Baudio%2Bprocessing%2BPrimary%2B%2526%2BSecondary%2BSchooling%2B%2528K-12%2529%2Bdigital%2Bmedia%2BTeaching%2B%2526%2BClassroom%2BResources%2BColleges%2B%2526%2BUniversities%2BJobs%2BSoftware%2BVocational%2B%2526%2BContinuing%2BEducation%26dkw%3Dittvpro.com%26g%3DGB%26cc2%3Dm4zhRsUZJplUdh%252BVRhhOtg%253D%253D%253AZmVkY2JhOTg3NjU0MzIxMA%253D%253D%26geo%3DDE&_id=ebd3bb08512bbda0&_idts=1576610119&_idvc=0&_idn=1&_viewts=&cookie=1&res=1600x1200&gt_ms=114
Requested by: Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.147.20 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-248-147-20.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 19:15:18 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP='OTI DSP COR NID STP UNI OTPa OUR'

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
935 B 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 18:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2698
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Tue, 17 Dec 2019 19:30:21 GMT

GET
H2 200 woff2.css
s1.nordcdn.com/nordvpn/media/1.23.0/fonts/gordita/ 158 KB
119 KB 21ms
21ms Stylesheet
text/css 2606:4700::6811:a71e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.23.0/fonts/gordita/woff2.css

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

03be3950cd1b3a16ee9906ecf17cf12364bdee4c9588961ac0347f52e1ed6669

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Aug 2018 12:17:24 GMT
server: cloudflare
age: 15503
x-frame-options: SAMEORIGIN
etag: W/"5b61a4d4-2779e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=16070400, immutable
cf-ray: 546b39a0cfd05a1e-VIE
access-control-allow-origin: *

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
634 B 199ms
145ms Script
application/javascript 104.244.42.3
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o28e0&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fnordvpn.com%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3D8502%26utm_campaign%3Doff18%26utm_source%3Daff3929

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 19:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 120
pragma: no-cache
last-modified: Tue, 17 Dec 2019 19:15:19 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 073b47d07928224f81190be369b75947
x-transaction: 00afcfe000fa73f7
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1307003131&t=event&ni=1&_s=1&dl=https%3A%2F%2Fnordvpn.com%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3D8502%26utm_campaig...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-42858496-1&cid=1540730887.1576610118&jid=744310541&_gid=1805789056.1576610118&gjid=1932358206&_v=j79&z=1077921590
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42858496-1&cid=1540730887.1576610118&jid=744310541&_v=j79&z=1077921590
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42858496-1&cid=1540730887.1576610118&jid=744310541&_v=j79&z=1077921590&slf_rd=1&random=2076051851

42 B
109 B

55ms
55ms

Image
image/gif

2a00:1450:4001:824::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42858496-1&cid=1540730887.1576610118&jid=744310541&_v=j79&z=1077921590&slf_rd=1&random=2076051851

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Dec 2019 19:15:19 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Dec 2019 19:15:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42858496-1&cid=1540730887.1576610118&jid=744310541&_v=j79&z=1077921590&slf_rd=1&random=2076051851
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 8ms
8ms Image
image/gif 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1307003131&t=event&ni=1&_s=2&dl=https%3A%2F%2Fnordvpn.com%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3D8502%26utm_campaign%3Doff18%26utm_source%3Daff3929&dr=https%3A%2F%2Fwww.givemethisoffer.com%2Fwim%2Fstatic%2Fwi%2Fmain3.html%3Ftp%3Diw%26cid%3D8502%26v%3D23%26gnum%3D6%26clickid%3D77491682921%26cachecode%3Dm4zhRsUZJplUdh%252BVRhhOtg%253D%253D%253AZmVkY2JhOTg3NjU0MzIxMA%253D%253D%26q%3Dittvpro.com%2BMT%2BComputers%2B%2Bmixing%2BStandardized%2B%2526%2BAdmissions%2BTests%2BHomeschooling%2B%2BEducation%2B%2BElectronics%2B%2Bgraphics%2BTraining%2B%2526%2BCertification%2Bmyvpro.com%2BDistance%2BLearning%2B%2Baudio%2Bprocessing%2BPrimary%2B%2526%2BSecondary%2BSchooling%2B%2528K-12%2529%2Bdigital%2Bmedia%2BTeaching%2B%2526%2BClassroom%2BResources%2BColleges%2B%2526%2BUniversities%2BJobs%2BSoftware%2BVocational%2B%2526%2BContinuing%2BEducation%26dkw%3Dittvpro.com%26g%3DGB%26cc2%3Dm4zhRsUZJplUdh%252BVRhhOtg%253D%253D%253AZmVkY2JhOTg3NjU0MzIxMA%253D%253D%26geo%3DDE&ul=en-us&de=UTF-8&dt=Get%203%20months%20free%20with%20the%203-year%20NordVPN%20plan%20for%20%243.49%2Fmo.%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Currency&ea=Loaded&el=GBP&ev=0&_u=aGDACUIrR~&jid=&gjid=&cid=1540730887.1576610118&tid=UA-42858496-1&_gid=1805789056.1576610118&z=725284328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Nov 2019 05:30:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2382283
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 7ms
7ms Image
image/gif 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1307003131&t=event&ni=1&_s=3&dl=https%3A%2F%2Fnordvpn.com%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3D8502%26utm_campaign%3Doff18%26utm_source%3Daff3929&dr=https%3A%2F%2Fwww.givemethisoffer.com%2Fwim%2Fstatic%2Fwi%2Fmain3.html%3Ftp%3Diw%26cid%3D8502%26v%3D23%26gnum%3D6%26clickid%3D77491682921%26cachecode%3Dm4zhRsUZJplUdh%252BVRhhOtg%253D%253D%253AZmVkY2JhOTg3NjU0MzIxMA%253D%253D%26q%3Dittvpro.com%2BMT%2BComputers%2B%2Bmixing%2BStandardized%2B%2526%2BAdmissions%2BTests%2BHomeschooling%2B%2BEducation%2B%2BElectronics%2B%2Bgraphics%2BTraining%2B%2526%2BCertification%2Bmyvpro.com%2BDistance%2BLearning%2B%2Baudio%2Bprocessing%2BPrimary%2B%2526%2BSecondary%2BSchooling%2B%2528K-12%2529%2Bdigital%2Bmedia%2BTeaching%2B%2526%2BClassroom%2BResources%2BColleges%2B%2526%2BUniversities%2BJobs%2BSoftware%2BVocational%2B%2526%2BContinuing%2BEducation%26dkw%3Dittvpro.com%26g%3DGB%26cc2%3Dm4zhRsUZJplUdh%252BVRhhOtg%253D%253D%253AZmVkY2JhOTg3NjU0MzIxMA%253D%253D%26geo%3DDE&ul=en-us&de=UTF-8&dt=Get%203%20months%20free%20with%20the%203-year%20NordVPN%20plan%20for%20%243.49%2Fmo.%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Scroll&el=01%20-%20StickyHeader&ev=0&_u=aGDACUIrR~&jid=&gjid=&cid=1540730887.1576610118&tid=UA-42858496-1&_gid=1805789056.1576610118&z=358933475

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Nov 2019 05:30:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2382283
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 7ms
6ms Image
image/gif 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1307003131&t=event&ni=1&_s=4&dl=https%3A%2F%2Fnordvpn.com%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3D8502%26utm_campaign%3Doff18%26utm_source%3Daff3929&dr=https%3A%2F%2Fwww.givemethisoffer.com%2Fwim%2Fstatic%2Fwi%2Fmain3.html%3Ftp%3Diw%26cid%3D8502%26v%3D23%26gnum%3D6%26clickid%3D77491682921%26cachecode%3Dm4zhRsUZJplUdh%252BVRhhOtg%253D%253D%253AZmVkY2JhOTg3NjU0MzIxMA%253D%253D%26q%3Dittvpro.com%2BMT%2BComputers%2B%2Bmixing%2BStandardized%2B%2526%2BAdmissions%2BTests%2BHomeschooling%2B%2BEducation%2B%2BElectronics%2B%2Bgraphics%2BTraining%2B%2526%2BCertification%2Bmyvpro.com%2BDistance%2BLearning%2B%2Baudio%2Bprocessing%2BPrimary%2B%2526%2BSecondary%2BSchooling%2B%2528K-12%2529%2Bdigital%2Bmedia%2BTeaching%2B%2526%2BClassroom%2BResources%2BColleges%2B%2526%2BUniversities%2BJobs%2BSoftware%2BVocational%2B%2526%2BContinuing%2BEducation%26dkw%3Dittvpro.com%26g%3DGB%26cc2%3Dm4zhRsUZJplUdh%252BVRhhOtg%253D%253D%253AZmVkY2JhOTg3NjU0MzIxMA%253D%253D%26geo%3DDE&ul=en-us&de=UTF-8&dt=Get%203%20months%20free%20with%20the%203-year%20NordVPN%20plan%20for%20%243.49%2Fmo.%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Cookie%20Consent&ea=Cookie%20Consent&el=Loaded&ev=0&_u=aGDACUIrR~&jid=&gjid=&cid=1540730887.1576610118&tid=UA-42858496-1&_gid=1805789056.1576610118&z=488896565

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content=8502&utm_campaign=off18&utm_source=aff3929
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Nov 2019 05:30:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2382283
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 39 KB
39 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16700299825af53dc7542965d18c168592f7fba26c499d27caad2ed18524977d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://nordvpn.com

Response headers

Content-Type: font/woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 40 KB
40 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dc56987c77cc3936d6c8bd1e30d5cb73a914f1bd54dbf1e364ba7e289b54a26

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://nordvpn.com

Response headers

Content-Type: font/woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 40 KB
40 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37003cb20372958078633e3eec7b1b0be522f2a1462842d8f36abb71151ebddc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://nordvpn.com

Response headers

Content-Type: font/woff2;charset=utf-8

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nordvpn.com/	1970-01-19 23:28:02	Name: _tq_id.TV-63728145-1.2f26 Value: ebd3bb08512bbda0.1576610119.0.1576610119..
.nordvpn.com/	1970-01-19 06:40:02	Name: __cfduid Value: da9cc10dcdd9418127a84801a8fb88b751576610117
.nordvpn.com/	1970-01-19 08:06:26	Name: _gcl_au Value: 1.1.441152006.1576610118
.nordvpn.com/	1970-01-19 06:06:54	Name: nord_countdown Value: 1576644882364
.nordvpn.com/	1970-01-19 05:58:16	Name: _gid Value: GA1.2.1805789056.1576610118
.nordvpn.com/	1970-01-19 23:28:02	Name: _ga Value: GA1.2.1540730887.1576610118
.nordvpn.com/	1970-01-19 06:40:02	Name: aff_transaction_id Value: 1029e5ac54a9bd1a7d0b4fac8bb205
.nordvpn.com/	1970-01-19 10:18:54	Name: FirstSession Value: source%3Daff3929%26campaign%3Doff18%26medium%3Daffiliate%26term%3D%26content%3D8502%26hostname%3Dnordvpn.com%26pathname%3D/special/%26date%3D20191217
.nordvpn.com/	1970-01-19 10:18:54	Name: CurrentSession Value: source%3Daff3929%26campaign%3Doff18%26medium%3Daffiliate%26term%3D%26content%3D8502%26hostname%3Dnordvpn.com%26pathname%3D/special/%26date%3D20191217
.nordvpn.com/	1970-01-19 14:42:26	Name: locale Value: en
.nordvpn.com/	1970-01-19 06:40:02	Name: aff_id Value: 3929
.nordvpn.com/	1970-01-19 05:56:50	Name: _gat Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.givemethisoffer.com/wim/static/dist/bundle.js(Line 1) Message: OfferManager: No chrome object

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

252.securefinds2.com
7lyonline.com
7proof.com
analytics.twitter.com
bat.bing.com
browser.sentry-cdn.com
btpnative.com
cdnjs.cloudflare.com
code.jquery.com
collector-3215.tvsquared.com
fonts.googleapis.com
fonts.gstatic.com
forwrdnow.com
gate.baseresults.com
go.nordvpn.net
googleads.g.doubleclick.net
ittvpro.com
nordvpn.com
s1.nordcdn.com
search.searchsafely.net
static.ads-twitter.com
stats.g.doubleclick.net
t.co
visit.nordvpn.com
www.cherami-cloud.com
www.givemeapplink.com
www.givemethisoffer.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.17.49.74
104.18.230.229
104.244.42.3
104.244.42.5
108.168.193.184
151.101.112.157
151.101.130.217
172.217.23.98
173.192.101.29
2001:4de0:ac19::1:b:2b
209.15.13.136
23.82.9.96
2606:4700:30::681b:828f
2606:4700:30::681b:907b
2606:4700:30::681f:5584
2606:4700:30::681f:5df0
2606:4700::6811:4004
2606:4700::6811:a71e
2620:1ec:c11::200
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:814::2008
2a00:1450:4001:814::200e
2a00:1450:4001:816::2003
2a00:1450:4001:824::2003
2a00:1450:4001:824::2004
2a00:1450:400c:c00::9c
34.248.147.20
34.98.97.120
5.79.79.211
54.171.39.37
03be3950cd1b3a16ee9906ecf17cf12364bdee4c9588961ac0347f52e1ed6669
04d20cbe817d733d3846f6ea01e84fe89e54ca5b1fdeef86ed7ac3d2f2c9afa9
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
07d228b722ed9ab3e8bad5143d666e3573dedf6c18ee4aaeeeb85bf965d36c6f
0a9aa75388f20120607c9ca759ff9be8076260ee661c01ca367dada52c8f36a0
0cd60219809d913eeb524476105957e109fbfd003b87bd629d1f396c96090946
10481ae6bb8b6b59e857506fbbf2e96ce0e20f54725a58528168ddd6694ac81f
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16700299825af53dc7542965d18c168592f7fba26c499d27caad2ed18524977d
1b5aee94843076932d9cfa527f447f41306acdf650abf4e02527731e8119a639
2214bb8a67a3c90f321c15d30351460304b3b34d136d8f145e426654e1462d6f
27eaca4e58bac1e0db9307dbedb9a900b5b386c28f2d19678012acea4650c675
29f20ffd765965f56df2d6a78647144f5c4f9e46c5b67c3ab65705469ae7fd65
2b04d1a18fb053f6ca2356fe92974cd8350d7526c876af29c7f8e041bf3730b6
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
37003cb20372958078633e3eec7b1b0be522f2a1462842d8f36abb71151ebddc
4ce84507943fb6119ae9d538ab1ec50d8947741ffd72a6f13c945f30c727df0c
4f3349d876701633d974b9d69911cb220b4b0d6c8bebec6fd2f9fb06dbcec87e
52c758cdbdcc2966a525df71b19e4c05eccba65b7c0776a1e32efa34ebf8117b
5349b6daaeb8431fcf48a366272d5729935b3311b07396b41ed07ce8e0b6f4af
5377a44c6162a3493448b48cb356c7537273f3e96f64f2096d7b087ba390915c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57a095be832d3f3aacf0405aa8616d63bfeaa395673b5c90f76ba5e994696a14
64064d5a5413c820e59c4a91284746fca8e1dee6225ef04f96a260ed5dbc614f
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
77ce0ec2a02b410eee12285bd7487b2599970ac39b6ff58c0b748b6e2df36f3c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844bfc2c459eb7aad66b59333b5359a9f2eb16c7ea849c39c09fef3a0c1aecea
845176754a70e3db8a1a80f45d2707584ff2e71c203ef322802d37544e3d6898
86f2c89ef251ab652a4d01af8fdc998af9e829ec82174ba95e38a10cd680d0d5
8dc56987c77cc3936d6c8bd1e30d5cb73a914f1bd54dbf1e364ba7e289b54a26
9115a297775fa267ce6abfc6c6aa41194b8e6de17373e674bdbbad3015c2381a
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9a41a62859fd417ee3fa5a0b68c898eda3d88eb9f4299ef3336cc153b4f19c76
a00bdbbde0847fa0912fdf19cff971fbb08efd77d141c0c6bb32e77502e21a46
a1f389a4a583504e955a630f2dc66ba3ef895fed89b6c6477f30fef9e09fd631
a33a80013bb48d80ed49d506258eded30de3202dc0faa75ca7de2add0b9872cf
a3c4a03f5ffb7184c92a0fc6c521c477d9dbce23b108f0b4510ca5882db4adee
a7d3b2ff5dcb5311ebf1212197c448cf31273b3a0cabadfd7cbd708bce4da761
aad13d707968aad24d7e80a2efc21eb15251640485b3ddbddb5417cd32cc832b
aba35a49aef38631a6364ebfb1ec765d7d3aa4640b1ea43706f0514ec6d2cf73
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b07e99ecb5e1b6b2f06343714c0d6da8a75bd6dd35d8d7f6bb7520a616fdc85b
b12161238d1fd7aa4d642d243b5dda146907ea70d32bcd973c5fa571fa46ae7a
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b1abd2a0e736646c66d6c0faa0aaa47820d8a0f3b58317129417a77102f4103f
b36b6b8294047a1082b3f16dd18f422859c143135a8e47342d3f8f6e7bfd0bd4
bd7175f6d992e0832c0f39a8db7be18bc05be87ba3a5115f2603eb5c00ca33c4
c2cca14e4dbf2994f90b91ef01ec4d6eb6b560b429d028317d624d9b5f4bdcb0
c678726b3840e69053c105142e721cf70428b6127c6d50b3e2bc7ca5df5e47c5
c895b61f1f7fb93a2d65c30ffd4ada8dd5ea0f393b2956751fa54e238827ca9c
ce6e63494571117bfc843f6d8113679e7d4d0231f1e6f86e180e0f4dad216545
d0c23f4d409a58cbb346b4bcf769b3022ce8895a370dd8664c242b3296d19737
d2ce5e9649172a30b614b52ab60c01d7620cab645526a13b8e391c2713dc3313
dab9e2e1add82849284b80d0cae0c19f74e8f1205c5b33a832d723a8dad0c5e1
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc110e47c20b084ac1d29f5cfc5f30b5e0e37ca31cedfde29026d4e2e922689d
de5e3c0f209dfc228dc9a4866159a83d0dab403e77779407f1dc649938147da2
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e2f1263d2a05584e2114338f686805fb5c714e7dcf8c10d10b59b2080c8029e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64bca1eaf8541b64a5b8ead9994b4fb0437ceaa94fa547e6630834ddd34035c
e7dda2090caf41000364180644ae481c0b3174e7a8004d94de79a8e6dc394ad1
e9da8e5272e73a6c59036474aa9a12c1f59e704d2d2fede9f709c26eb1b6a720
eb1939d0033ddf929529d65c7f981bb1c13853969ea8f3d7ce9a934a3436171d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27c105f1c08f497757a1daf912c840c0f562a9448c78ae1272c8860c6146653
f5511b575c66aa641e2ba21ade04aafbffcbbfdf076b7c4d6e95bc1f38d28573
f606b1932ad972a840983b9099c2a48089f061d752a701ee214011489cd2c7da
f886f4bbefd564e1a34004df7c71c3a08fa29c0c8c28abe3082c117ee740ee75

nordvpn.com Open in urlscan Pro 104.18.230.229 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

111 Requests

99 %HTTPS

53 %IPv6

30 Domains

33 Subdomains

25 IPs

6 Countries

1219 kBTransfer

2515 kBSize

12 Cookies

5 Outgoing links

Page URL History

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nordvpn.com Open in urlscan Pro
104.18.230.229 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

99 %
HTTPS

53 %
IPv6

30
Domains

33
Subdomains

25
IPs

6
Countries

1219 kB
Transfer

2515 kB
Size

12
Cookies

111 HTTP transactions
4 data transactions