nordvpn.com Open in urlscan Pro
104.19.159.190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gonordvpn.xyz/
Effective URL:
https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868
Submission Tags: @ecarlesi possiblethreat phishing nordvpn Search All
Submission: On August 15 via api (August 15th 2024, 9:09:24 am UTC) from IT — Scanned from IT

Summary HTTP 60 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 6 domains to perform 60 HTTP transactions. The main IP is 104.19.159.190, located in and belongs to CLOUDFLARENET, US. The main domain is nordvpn.com. The Cisco Umbrella rank of the primary domain is 12018.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 18th 2023. Valid for: a year.

This is the only time nordvpn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.67.42.145 54.67.42.145	16509 (AMAZON-02) (AMAZON-02)
1 1	52.210.134.198 52.210.134.198	16509 (AMAZON-02) (AMAZON-02)
2 38	104.19.159.190 104.19.159.190	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6810:9b6f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700::68... 2606:4700::6810:9c6f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:264... 2600:9000:2644:ce00:6:e337:e340:93a1	16509 (AMAZON-02) (AMAZON-02)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
3	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
1 2	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
60	9

1 54.67.42.145 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-67-42-145.us-west-1.compute.amazonaws.com

gonordvpn.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.134.198 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-134-198.eu-west-1.compute.amazonaws.com

go.nordvpn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 104.19.159.190 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

visit.nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:9b6f (United States)

ASN13335 (CLOUDFLARENET, US)

s1.nordcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6810:9c6f (United States)

ASN13335 (CLOUDFLARENET, US)

ic.nordcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2644:ce00:6:e337:e340:93a1 (United States)

ASN16509 (AMAZON-02, US)

sb.nordcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	nordvpn.com 2 redirects visit.nordvpn.com — Cisco Umbrella Rank: 621760 nordvpn.com — Cisco Umbrella Rank: 12018 d.nordvpn.com — Cisco Umbrella Rank: 252230 cm.nordvpn.com — Cisco Umbrella Rank: 300148	95 KB
17	nordcdn.com s1.nordcdn.com — Cisco Umbrella Rank: 147106 ic.nordcdn.com — Cisco Umbrella Rank: 397477 sb.nordcdn.com — Cisco Umbrella Rank: 210705	399 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	457 KB
3	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 ade.googlesyndication.com — Cisco Umbrella Rank: 370	918 B
1	nordvpn.net 1 redirects go.nordvpn.net — Cisco Umbrella Rank: 327242	2 KB
1	gonordvpn.xyz 1 redirects gonordvpn.xyz	272 B
60	6

	Domain	Requested by
24	nordvpn.com	1 redirects nordvpn.com
11	ic.nordcdn.com	nordvpn.com
8	d.nordvpn.com	s1.nordcdn.com
5	cm.nordvpn.com	www.googletagmanager.com
5	www.googletagmanager.com	nordvpn.com www.googletagmanager.com
5	s1.nordcdn.com	nordvpn.com
2	ade.googlesyndication.com	1 redirects
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	sb.nordcdn.com	nordvpn.com
1	visit.nordvpn.com	1 redirects
1	go.nordvpn.net	1 redirects
1	gonordvpn.xyz	1 redirects
60	12

This site contains links to these domains. Also see Links.

Domain
www.av-test.org
twitter.com
www.youtube.com
www.forbes.com
www.independent.co.uk
my.nordaccount.com

Subject Issuer	Validity	Valid
*.nordvpn.com AlphaSSL CA - SHA256 - G4	`2023-09-18` - `2024-10-19`	a year	crt.sh
*.nordcdn.com GlobalSign GCC R6 AlphaSSL CA 2023	`2024-03-13` - `2025-04-14`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
nordsecurity.bynder.com Amazon RSA 2048 M02	`2024-02-06` - `2025-03-06`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868
Frame ID: 5F09EACBBCED8C9583261CB463770F14
Requests: 60 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Risparmia e ricevi 3 mesi extra | NordVPN

Page URL History Show full URLs

http://gonordvpn.xyz/ HTTP 307
https://gonordvpn.xyz/ HTTP 302
https://go.nordvpn.net/aff_c?offer_id=612&aff_id=53868 HTTP 302
https://visit.nordvpn.com/?offer_id=612&aff_id=53868&aff_transaction_id=1021e48d221515c5fdc4cdb60eb9b6... HTTP 302
https://nordvpn.com/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm... HTTP 302
https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&... Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

60
Requests

98 %
HTTPS

40 %
IPv6

6
Domains

12
Subdomains

9
IPs

4
Countries

1055 kB
Transfer

2357 kB
Size

21
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.av-test.org/fileadmin/pdf/reports/AV-TEST_NordVPN_Comparative_Test_Report_September_2020.pdf
Title: il rapporto completo

Search URL Search Domain Scan URL

URL: https://twitter.com/Alch3m1s7/status/1639579744550133760/?s=20
Title: A|ch3m1st @Alch3m1s7 @NordVPN the new meshnet is mind-blowingly amazing piece of tech 🚀 , with unlimited bottomless use cases. God bless ya all! 🙌 12:47 PM · Mar 25, 2023

Search URL Search Domain Scan URL

URL: https://twitter.com/MrNathanCorliss/status/1636840377494933504/
Title: Nathan Corliss @MrNathanCorliss This is completely unsolicited praise, @NordVPN, is very helpful as an advertiser testing search ads, and as a work-anywhere person who needs to ensure I have a safe internet connection. Great value. So easy to use, I actually use it. Keep up the good work. 11:22 PM · Mar 17, 2023

Search URL Search Domain Scan URL

URL: https://twitter.com/PedroTheKiwi/status/1633502224721793024/
Title: Pedro @PedroTheKiwi I’ve been using NordVPN and their other products for the last 4 years. Absolutely outstanding product and service 10:25 AM · Mar 8, 2023

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch/?v=e4MrEMYNgiw&t=283s
Title: Guarda su YouTube

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch/?v=jl3O7KO8VB8&t=280s
Title: Guarda su YouTube

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch/?v=Yl8aKmuF2k4&t=3s
Title: Guarda su YouTube

Search URL Search Domain Scan URL

URL: https://www.forbes.com/advisor/business/software/best-vpn/
Title: Forbes Advisor

Search URL Search Domain Scan URL

URL: https://www.independent.co.uk/advisor/vpn/nordvpn-review/
Title: Independent Advisor

Search URL Search Domain Scan URL

URL: https://my.nordaccount.com/legal/terms-of-service/
Title: Termini di servizio

Search URL Search Domain Scan URL

URL: https://my.nordaccount.com/legal/cookie-policy/
Title: Informativa sui cookie

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gonordvpn.xyz/ HTTP 307
https://gonordvpn.xyz/ HTTP 302
https://go.nordvpn.net/aff_c?offer_id=612&aff_id=53868 HTTP 302
https://visit.nordvpn.com/?offer_id=612&aff_id=53868&aff_transaction_id=1021e48d221515c5fdc4cdb60eb9b6&source=&aff_sub=&params[ho_asub1]=&url={url}&url_id=533 HTTP 302
https://nordvpn.com/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868 HTTP 302
https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://ade.googlesyndication.com/ddm/activity/src=12123059;type=retar0;cat=purea0;ord=5665012974244;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe48c0v9181811535z86894354za201zb6894354;gcs=G101;gcd=13p3tPp2p7;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fnordvpn.com%2Fit%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%3D%26utm_campaign%3Doff612%26utm_source%3Daff53868 HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=12123059;dc_pre=CIjF85PT9ocDFXUfogMda34hFg;type=retar0;cat=purea0;ord=5665012974244;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe48c0v9181811535z86894354za201zb6894354;gcs=G101;gcd=13p3tPp2p7;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fnordvpn.com%2Fit%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%3D%26utm_campaign%3Doff612%26utm_source%3Daff53868

60 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
nordvpn.com/it/special/
Redirect Chain

http://gonordvpn.xyz/
https://gonordvpn.xyz/
https://go.nordvpn.net/aff_c?offer_id=612&aff_id=53868
https://visit.nordvpn.com/?offer_id=612&aff_id=53868&aff_transaction_id=1021e48d221515c5fdc4cdb60eb9b6&source=&aff_sub=&params[ho_asub1]=&url={url}&url_id=533
https://nordvpn.com/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868
https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

146 KB
33 KB

1110ms
1110ms

Document
text/html

104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6107d3e5cce54e587d1b4703edce637b3399dcee56abc12a773f16dfa4fed32e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
cf-ray: 8b380b6feba80e0f-MXP
content-encoding: br
content-type: text/html
date: Thu, 15 Aug 2024 09:09:15 GMT
last-modified: Wed, 14 Aug 2024 12:42:05 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8b380b6f6a740e0f-MXP
content-length: 0
date: Thu, 15 Aug 2024 09:09:14 GMT
expires: 0
location: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding

GET
H2 200 index.js Show response
s1.nordcdn.com/d/nordvpn/prod/ 16 KB
6 KB 114ms
44ms Script
application/javascript 2606:4700::6810:9b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/d/nordvpn/prod/index.js?cu=https://d.nordvpn.com/1/cc&p=nordvpn

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9b6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f391eb9a6623820668427d28cb122f776344c35bd5400e9e49d5d13c7e6d6bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 09 Aug 2024 09:46:07 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 512223
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 8b380b7788794c39-MXP

GET
H2 200 index.js Show response
s1.nordcdn.com/d/consent/prod/ 128 KB
33 KB 115ms
45ms Script
application/javascript 2606:4700::6810:9b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/d/consent/prod/index.js?isGdpr=true

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9b6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e454a702260ddc76c30af1f832c70fa99c80b9f3083d91136f7fa9aa27fc68b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 10 Jul 2024 08:36:20 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 512222
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 8b380b7788774c39-MXP

GET
H2 200 index.css
s1.nordcdn.com/d/consent/prod/ 8 KB
2 KB 112ms
43ms Stylesheet
text/css 2606:4700::6810:9b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/d/consent/prod/index.css

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9b6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12cfa0eadf781e50f24dab93efc97bdbbd11984500209850461e010e558478e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 10 Jul 2024 08:36:19 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 512223
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 8b380b7788714c39-MXP

GET
H3 200 _slug_.D9d8Xz-i.css
nordvpn.com/static/ 108 KB
19 KB 200ms
199ms Stylesheet
text/css 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/_slug_.D9d8Xz-i.css

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4eca16bb1543f776b2cc6fba29c799e1dd13c00ecee7fd9c54b826f9882bf21c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Aug 2024 08:21:01 GMT
server: cloudflare
age: 261587
etag: W/"66b9c5ed-1ae3f"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=16070400
cf-ray: 8b380b771aa80e0f-MXP
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Feb 2025 09:09:16 GMT

GET
H3 200 hoisted.FgP4boQP.js Show response
nordvpn.com/static/ 22 KB
8 KB 195ms
194ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/hoisted.FgP4boQP.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23e2db14828fd64463f106c92e4d440b7ac27710c0770c61a039cda2a0ddd25e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Aug 2024 08:21:01 GMT
server: cloudflare
age: 261587
etag: W/"66b9c5ed-5962"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 8b380b771aac0e0f-MXP
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Feb 2025 09:09:16 GMT

GET
H2 200 italy-coupons-6-months-xs.png
ic.nordcdn.com/v1/fr_auto,q_70/https://sb.nordcdn.com/m/4387d67d9089def/original/ 76 KB
77 KB 138ms
67ms Image
image/avif 2606:4700::6810:9c6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/fr_auto,q_70/https://sb.nordcdn.com/m/4387d67d9089def/original/italy-coupons-6-months-xs.png?X-Nord-Credential=T4PcHqfACi8Naxvulzf4IE8XT4oypRTi0blOOGwbK2A8L4fcPw52k3qkvbkYH&X-Nord-Signature=xD0tmaRnT2uEgqbiswHJY7y3Z4hAaRcQdWj%2Bdzd0vCs%3D

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9664e3f95b060b1669b0830ea4f5d29da993102ebb2ca362173841c4f4b1b997

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 43f52b151d7f370fd29eece1c460d312.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 78074
cf-resized: internal=ram/m q=0 n=0+140 c=0+0 v=2024.8.1 l=78074 f=false
last-modified: Wed, 14 Aug 2024 21:24:49 GMT
cf-bgj: imgq:70,h2pri
server: cloudflare
etag: "cfLj3rMpwmIfcpiJDeoyDMEFNnCvHN2RGDlYXWZjJbDQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=172800
accept-ranges: bytes
cf-ray: 8b380b778a80baaf-MXP

GET
H2 200 aranzulla-image.png
ic.nordcdn.com/v1/fr_auto,q_70/https://sb.nordcdn.com/m/6491bed074eaf3f1/original/ 4 KB
4 KB 164ms
93ms Image
image/avif 2606:4700::6810:9c6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/fr_auto,q_70/https://sb.nordcdn.com/m/6491bed074eaf3f1/original/aranzulla-image.png?X-Nord-Credential=T4PcHqfACi8Naxvulzf4IE8XT4oypRTi0blOOGwbK2A8L4fcPw52k3qkvbkYH&X-Nord-Signature=097friF1pWYYXxY1FZ%2Bo51yL4jw%2FPPNGoG34w81t8sg%3D

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e9b84f3831b3fbe2dc492f557d514b1caed8d575f0b484d26ae0f9543b2578e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 9886a995a4cb6582b02075d6a33ca978.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 3955
cf-resized: internal=ram/m q=0 n=0+158 c=0+0 v=2024.8.1 l=3955 f=false
last-modified: Wed, 14 Aug 2024 20:20:39 GMT
cf-bgj: imgq:70,h2pri
server: cloudflare
etag: "cfvxnwlLRkF2jQNu0r9kDj1nGtCvHN2RGDlYXWZjJbDQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=172800
accept-ranges: bytes
cf-ray: 8b380b778a87baaf-MXP

GET
H2 200 aranzulla-logo.png
ic.nordcdn.com/v1/fr_auto,q_70/https://sb.nordcdn.com/m/24776e8496786a9b/original/ 3 KB
3 KB 163ms
92ms Image
image/avif 2606:4700::6810:9c6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/fr_auto,q_70/https://sb.nordcdn.com/m/24776e8496786a9b/original/aranzulla-logo.png?X-Nord-Credential=T4PcHqfACi8Naxvulzf4IE8XT4oypRTi0blOOGwbK2A8L4fcPw52k3qkvbkYH&X-Nord-Signature=W0gmXijyjm2qywfU2raSk9a3i%2FboexYyxcTAWRAg1R4%3D

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be71fba16305ef09fef342c1a16ede4e03b2e18baae1ea7d7108809fe67dc2bf

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 cdea1d7e104d9e9c60f81a60bab684e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 2865
cf-resized: internal=ok/h q=0 n=16+26 c=0+26 v=2024.8.1 l=2865 f=false
last-modified: Tue, 13 Aug 2024 09:39:40 GMT
cf-bgj: imgq:70,h2pri
server: cloudflare
etag: "cf9bsM79_LGNYfVhhLlyCfBxSJCvHN2RGDlYXWZjJbDQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=172800
accept-ranges: bytes
cf-ray: 8b380b778a86baaf-MXP

GET
H2 200 italy-coupons-banner-bg-xs.svg
ic.nordcdn.com/v1/https://sb.nordcdn.com/m/4d06b39c6ce30a13/original/ 1 KB
879 B 79ms
79ms Image
image/svg+xml 2606:4700::6810:9c6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/https://sb.nordcdn.com/m/4d06b39c6ce30a13/original/italy-coupons-banner-bg-xs.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541e012fd5bd1706a19cf1988ed8763000c3d193d950e083ce952c53e96f144c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 607e6c551b82b220527c4223c1cb1d78.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
age: 96425
x-amz-cf-pop: MXP53-P4
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-disposition: inline
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 14 Aug 2024 06:22:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-api-correlation-id: a59267fe-7f1b-e67e-bc3b-e64bd8691a59
cache-control: public, max-age=172800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8b380b77db26baaf-MXP
x-amz-cf-id: mUGfCqV88e_UTJP7JwMmlQSZWa4BIHICLD0Tm8ycMzl9UznSupXIVw==
expires: Sat, 17 Aug 2024 09:09:16 GMT

GET
H2 200 threat-protection-secure-access-bubble-female-md.svg
ic.nordcdn.com/v1/https://sb.nordcdn.com/m/d642e7338b6a459/original/ 14 KB
6 KB 165ms
94ms Image
image/svg+xml 2606:4700::6810:9c6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/https://sb.nordcdn.com/m/d642e7338b6a459/original/threat-protection-secure-access-bubble-female-md.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

133d9660262505884ba3e7beb7b22543fdb3887633f59225c15ecb262f665e70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 b2cad6abf512e2a0102db7f82b0bbb90.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
age: 66383
x-amz-cf-pop: MXP53-P4
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-disposition: inline
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 14 Aug 2024 14:42:53 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-api-correlation-id: 4bb14cb5-d8ad-1301-fe4c-83fb79b6e132
cache-control: public, max-age=172800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8b380b778a84baaf-MXP
x-amz-cf-id: HuxP6ylv3NeG44j-YbpRwn0Sqwt7fV0kGn069HVnLAGGaWolM5zjzw==
expires: Sat, 17 Aug 2024 09:09:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 296 KB
100 KB 136ms
55ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5a0a21bd3911fb548f536e1e018755f7a895ee54d65f00ecabab4aa6a3a1227

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102342
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 15 Aug 2024 09:09:16 GMT

GET
H3 200 sendEvent.tfLlaSYr.js Show response
nordvpn.com/static/ 2 KB
1 KB 65ms
65ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/sendEvent.tfLlaSYr.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b82bea9165b1a22b8c7eed4bc037aa37cc580c933b3d823f91dae447037c6517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/static/hoisted.FgP4boQP.js
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Aug 2024 08:21:01 GMT
server: cloudflare
age: 261586
etag: W/"66b9c5ed-6c8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 8b380b785cce0e0f-MXP
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Feb 2025 09:09:16 GMT

GET
H3 200 _sentry-release-injection-file.C1Fmc3Zv.js Show response
nordvpn.com/static/ 492 B
530 B 78ms
78ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/_sentry-release-injection-file.C1Fmc3Zv.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff3437d5b9e982315aedfaef069a6aed818fb21e3393c2e06dacc6c95a7be279

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/static/hoisted.FgP4boQP.js
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Aug 2024 08:21:01 GMT
server: cloudflare
age: 261586
etag: W/"66b9c5ed-1ec"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 8b380b785cd20e0f-MXP
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Feb 2025 09:09:16 GMT

GET
H3 200 sendTracyEvent.BolQs_Bu.js Show response
nordvpn.com/static/ 2 KB
2 KB 72ms
71ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/sendTracyEvent.BolQs_Bu.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa212310ada397a8a9857d60cd72c211ce86f0f59fd735abcbc29f6468483c04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/static/hoisted.FgP4boQP.js
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Aug 2024 08:21:01 GMT
server: cloudflare
age: 261586
etag: W/"66b9c5ed-989"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 8b380b785cd40e0f-MXP
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Feb 2025 09:09:16 GMT

GET
H3 200 throttle.DCC5X6oA.js Show response
nordvpn.com/static/ 523 B
592 B 72ms
72ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/throttle.DCC5X6oA.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6d52563029ccf3444cb3025f8b03c78b161743a6118e9a2e6413707cf439fce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/static/hoisted.FgP4boQP.js
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Aug 2024 08:21:01 GMT
server: cloudflare
age: 261586
etag: W/"66b9c5ed-20b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 8b380b785cd60e0f-MXP
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Feb 2025 09:09:16 GMT

GET
H3 200 constants.fXIVYgbU.js Show response
nordvpn.com/static/ 540 B
604 B 61ms
61ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/constants.fXIVYgbU.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f4c31033aec673d00dfe179c2c8e07502284e040f676f1fb990ab034fe650ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/static/hoisted.FgP4boQP.js
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Aug 2024 08:21:01 GMT
server: cloudflare
age: 261586
etag: W/"66b9c5ed-21c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 8b380b785cd80e0f-MXP
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Feb 2025 09:09:16 GMT

GET
H3 200 getCookieValue.CAII_wCe.js Show response
nordvpn.com/static/ 746 B
730 B 70ms
69ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/getCookieValue.CAII_wCe.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7df74d0fa6808e5e75b5428347478c5d0286592a859b819dd204a12f73640f5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/static/hoisted.FgP4boQP.js
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Aug 2024 08:21:01 GMT
server: cloudflare
age: 261586
etag: W/"66b9c5ed-2ea"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 8b380b785cda0e0f-MXP
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Feb 2025 09:09:16 GMT

GET
H3 200 getExperiments.BEVJwUUL.js Show response
nordvpn.com/static/ 559 B
606 B 82ms
81ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/getExperiments.BEVJwUUL.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec81fa653a2d1042a6acbe27f2d8a508220492984ea60c3dce079066307661a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/static/hoisted.FgP4boQP.js
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Aug 2024 08:21:01 GMT
server: cloudflare
age: 261586
etag: W/"66b9c5ed-22f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 8b380b785cdc0e0f-MXP
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Feb 2025 09:09:16 GMT

GET
H3 200 Countdown.DYjV7Cdy.js Show response
nordvpn.com/static/ 2 KB
1 KB 66ms
66ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/Countdown.DYjV7Cdy.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78d4c13fee02ebb243f449d1638b5a69322c67d9dc2aab97dbbacf6a90e3162a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Aug 2024 08:21:01 GMT
server: cloudflare
age: 261587
etag: W/"66b9c5ed-8de"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 8b380b788d200e0f-MXP
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Feb 2025 09:09:16 GMT

GET
H3 200 client.CpZVz6UT.js Show response
nordvpn.com/static/ 1 KB
963 B 75ms
75ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/client.CpZVz6UT.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

193b3b98a733e26cc312454ef13198d3290ff1bd0ec6ff6ed05b34bc12d5b505

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Aug 2024 08:21:01 GMT
server: cloudflare
age: 261586
etag: W/"66b9c5ed-4c7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 8b380b788d250e0f-MXP
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Feb 2025 09:09:16 GMT

GET
H3 200 StatusBox.BOENDLx8.js Show response
nordvpn.com/static/ 7 KB
3 KB 67ms
67ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/StatusBox.BOENDLx8.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d39c913e6a0405271dda22b046bcbef7d694d55ddae32c87f489088d9d163b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Aug 2024 08:21:01 GMT
server: cloudflare
age: 261586
etag: W/"66b9c5ed-1a6c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 8b380b788d2b0e0f-MXP
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Feb 2025 09:09:16 GMT

GET
H3 200 TabsProvider.0Z4GBm22.js Show response
nordvpn.com/static/ 2 KB
1 KB 83ms
83ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/TabsProvider.0Z4GBm22.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c07d5fe2771f0ea4dabded5dc1494a8a55625ee5a8138a07d8bf9768394d373

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Aug 2024 08:21:01 GMT
server: cloudflare
age: 261586
etag: W/"66b9c5ed-95b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 8b380b788d310e0f-MXP
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Feb 2025 09:09:16 GMT

GET
H2 200 italy-coupons-6-months-xl.png
ic.nordcdn.com/v1/fr_auto,q_70/https://sb.nordcdn.com/m/61468fcbe6eb039a/original/ 138 KB
139 KB 53ms
52ms Image
image/webp 2606:4700::6810:9c6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/fr_auto,q_70/https://sb.nordcdn.com/m/61468fcbe6eb039a/original/italy-coupons-6-months-xl.png?X-Nord-Credential=T4PcHqfACi8Naxvulzf4IE8XT4oypRTi0blOOGwbK2A8L4fcPw52k3qkvbkYH&X-Nord-Signature=WYMbCvhRK9ndlx1kslMUketXKb71QYp1pZklYSvkBZk%3D

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c88b485196040b854f9c9ec5f4cc3297a9bec7fb543eec541f3ec3e64086764f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 fea184b77c563e367c19bf00650cf190.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 141544
cf-resized: internal=ram/m q=0 n=0+152 c=0+0 v=2024.8.1 l=141544 f=false
last-modified: Tue, 13 Aug 2024 12:40:48 GMT
cf-bgj: imgq:71,h2pri
server: cloudflare
etag: "cfcoYJSHSla0mG_qFVkhPYSssKCvHN2RGDlYXWZjJbDQ"
vary: Accept, Accept-Encoding
warning: cf-images 299 "image too large for AVIF"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=172800
accept-ranges: bytes
cf-ray: 8b380b78ac86baaf-MXP

GET
H2 200 nordvpn-default.svg
ic.nordcdn.com/v1/https://sb.nordcdn.com/m/1431cb1f1a5ca2c9/original/ 2 KB
1 KB 63ms
62ms Image
image/svg+xml 2606:4700::6810:9c6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/https://sb.nordcdn.com/m/1431cb1f1a5ca2c9/original/nordvpn-default.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75f28438681332b67561059131289f90d029016eec52cb8fc0f2a5b37ab7d08c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 607e6c551b82b220527c4223c1cb1d78.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
age: 57717
x-amz-cf-pop: MXP53-P4
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-disposition: inline
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 14 Aug 2024 17:07:19 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-api-correlation-id: aaded48c-1769-35e2-326a-639cdd8a0430
cache-control: public, max-age=172800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8b380b78ac88baaf-MXP
x-amz-cf-id: J0I3GxjJ0pnHEbLnx1Nxc-cUx5JRRtBqYJbWdBN1oAbF_-dHUrIXCA==
expires: Sat, 17 Aug 2024 09:09:16 GMT

GET
H2 200 table-expressvpn-logo.svg
ic.nordcdn.com/v1/https://sb.nordcdn.com/m/6a6a63c28e036c45/original/ 5 KB
3 KB 66ms
65ms Image
image/svg+xml 2606:4700::6810:9c6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/https://sb.nordcdn.com/m/6a6a63c28e036c45/original/table-expressvpn-logo.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71867ba089cf906c39bb6a75c67ee28a3f833ec3d4bb70d8e7208a47269286e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 4438d80ecceaff2bd58c75a723959ddc.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
age: 88246
x-amz-cf-pop: MXP53-P4
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-disposition: inline
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 14 Aug 2024 08:38:30 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-api-correlation-id: ab072d76-c2f0-9c24-71cf-7b658f5e01a6
cache-control: public, max-age=172800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8b380b78ac89baaf-MXP
x-amz-cf-id: 543opTcF6jZbD6Swde67H9Ml3XtMAi0UKxKCL2vxO4CUypOHFWqBIA==
expires: Sat, 17 Aug 2024 09:09:16 GMT

GET
H2 200 table-privatevpn-logo.svg
ic.nordcdn.com/v1/https://sb.nordcdn.com/m/5581e5a9bfc2b47a/original/ 11 KB
8 KB 93ms
93ms Image
image/svg+xml 2606:4700::6810:9c6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/https://sb.nordcdn.com/m/5581e5a9bfc2b47a/original/table-privatevpn-logo.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44d73d6b245a7f0b3f6c0c540b39d7cb75094e1b930984d23a1982709c5f5d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 2d79ad1754df559bcdb8cc1ffa8e62f6.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
age: 88246
x-amz-cf-pop: MXP53-P4
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-disposition: inline
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 14 Aug 2024 08:38:30 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-api-correlation-id: 2a928b38-9c70-e1bd-df25-a84c750f0a6f
cache-control: public, max-age=172800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8b380b78ac8bbaaf-MXP
x-amz-cf-id: 2LYgarj2PmAFfdsQrl-wbpG925fmUvNcaD1axDjPZMEevUGTrMMk0A==
expires: Sat, 17 Aug 2024 09:09:16 GMT

GET
H2 200 table-protonvpn-logo.svg
ic.nordcdn.com/v1/https://sb.nordcdn.com/m/181e90885a5e30d7/original/ 6 KB
3 KB 71ms
70ms Image
image/svg+xml 2606:4700::6810:9c6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/https://sb.nordcdn.com/m/181e90885a5e30d7/original/table-protonvpn-logo.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d392f9691ae4316fa5b8f7fbe9fa46f46d5854472cfc87ec4c265d348f47b78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 613c377266b5c8c7d5a859aea0e6eaca.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
age: 88246
x-amz-cf-pop: MXP53-P4
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-disposition: inline
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 14 Aug 2024 08:38:30 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-api-correlation-id: 3f2db1f3-e1cc-53a3-e52d-4e85dc8cb301
cache-control: public, max-age=172800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8b380b78ac8cbaaf-MXP
x-amz-cf-id: 4rHphGsqKgXLcloMHT_NALO5KeRYp4chRYd6b4c7Oc9FIawe0o9vlg==
expires: Sat, 17 Aug 2024 09:09:16 GMT

GET
H2 200 table-purevpn-logo.svg
ic.nordcdn.com/v1/https://sb.nordcdn.com/m/30228f737077932d/original/ 9 KB
4 KB 61ms
60ms Image
image/svg+xml 2606:4700::6810:9c6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/https://sb.nordcdn.com/m/30228f737077932d/original/table-purevpn-logo.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8e24310b0e306003276b69c77726f8c30d61ab75bc1cac841e36e999c43bb0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 cb210b32cb63accb1dee8d789e368c9c.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
age: 88246
x-amz-cf-pop: MXP53-P4
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-disposition: inline
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 14 Aug 2024 08:38:30 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-api-correlation-id: 6cc2f2c1-9da3-013f-4e9b-5c526b12022d
cache-control: public, max-age=172800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8b380b78ac8ebaaf-MXP
x-amz-cf-id: diBzP4JK-WvJzubGzX4qOsoBDa2IlEO72-Wzc_sqgvRest6gVCA6cw==
expires: Sat, 17 Aug 2024 09:09:16 GMT

GET
H3 200 StatusBar.DXNtca6o.js Show response
nordvpn.com/static/ 3 KB
2 KB 62ms
62ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/StatusBar.DXNtca6o.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85af712ef86440eb273cf9d88b0a1e72c611736cab32be8981e82ba210eeaf5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Aug 2024 08:21:01 GMT
server: cloudflare
age: 261586
etag: W/"66b9c5ed-d73"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 8b380b78cddc0e0f-MXP
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Feb 2025 09:09:16 GMT

OPTIONS
H3 204 cc
d.nordvpn.com/1/ 0
0 203ms
153ms Preflight 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nordvpn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://nordvpn.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b380b792ff1baa0-MXP
content-length: 0
date: Thu, 15 Aug 2024 09:09:16 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload

POST
H3 202 cc
d.nordvpn.com/1/ 0
337 B 213ms
169ms Ping
text/plain 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/d/nordvpn/prod/index.js?cu=https://d.nordvpn.com/1/cc&p=nordvpn

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 600
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://nordvpn.com
access-control-allow-credentials: true
cf-ray: 8b380b7a69df0e8d-MXP
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 0
x-request-id: 3286ee1b6c11d870800163d3b3a25101

GET
H2 200 en-woff2 Show response
sb.nordcdn.com/m/1f322001e9afbdc5/original/ 139 KB
106 KB 135ms
40ms XHR
text/css 2600:9000:2644:ce00:6:e337:e340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sb.nordcdn.com/m/1f322001e9afbdc5/original/en-woff2

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/static/hoisted.FgP4boQP.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2644:ce00:6:e337:e340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1470fbce81226e1cf7776b3c45e31fb4cb8d7bf11a1e8c00881b1dcd3c151d37

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 08:36:32 GMT
content-encoding: gzip
via: 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P6
age: 88364
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-disposition: attachment;filename="en-woff2.css"
referrer-policy: strict-origin-when-cross-origin
server: nginx
content-type: text/css
access-control-allow-origin: *
x-api-correlation-id: e81ba8ab-143d-9bc5-b51d-15bf93e72048
cache-control: public, max-age=172800
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
x-amz-cf-id: MvtXFXSJulq6iksvavpqL12dDY_dCqvo4auWKWwqPEb72y_GhmomCw==

GET
H3 200 web.CwEVFIm5.js Show response
nordvpn.com/static/ 22 KB
9 KB 97ms
97ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/web.CwEVFIm5.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

925224f0431cc7070f4cd7a33fcf3f804a7b757e5be54657ab00aac3ce382b78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/static/Countdown.DYjV7Cdy.js
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Aug 2024 08:21:01 GMT
server: cloudflare
age: 261586
etag: W/"66b9c5ed-5698"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 8b380b78fe370e0f-MXP
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Feb 2025 09:09:16 GMT

GET
H3 200 BPP2V2OU.CnZ6TvhK.js Show response
nordvpn.com/static/ 6 KB
3 KB 74ms
73ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/BPP2V2OU.CnZ6TvhK.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58c7b720ff28d73f3a1ee33da3e724229cb583ac9f330b6378295818cd7c2062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/static/StatusBox.BOENDLx8.js
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Aug 2024 08:21:01 GMT
server: cloudflare
age: 261586
etag: W/"66b9c5ed-19bf"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 8b380b78fe3a0e0f-MXP
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Feb 2025 09:09:16 GMT

OPTIONS
H3 204 cc
d.nordvpn.com/1/ 0
0 144ms
144ms Preflight 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nordvpn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://nordvpn.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b380b795838baa0-MXP
content-length: 0
date: Thu, 15 Aug 2024 09:09:16 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload

OPTIONS
H3 204 cc
d.nordvpn.com/1/ 0
0 337ms
336ms Preflight 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nordvpn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://nordvpn.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b380b79583dbaa0-MXP
content-length: 0
date: Thu, 15 Aug 2024 09:09:16 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 338 KB
113 KB 60ms
60ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3cd5e9b5c4d3f95f215d799a05aea1f9ba3da9e0c5c002df89827c1316ef788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 115689
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 15 Aug 2024 09:09:16 GMT

POST
H3 202 cc
d.nordvpn.com/1/ 0
374 B 197ms
167ms Ping
text/plain 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/d/nordvpn/prod/index.js?cu=https://d.nordvpn.com/1/cc&p=nordvpn

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 600
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://nordvpn.com
access-control-allow-credentials: true
cf-ray: 8b380b7a69da0e8d-MXP
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 0
x-request-id: 3ab9239b5720c5770a081a2d3db35a20

POST
H3 202 cc
d.nordvpn.com/1/ 0
337 B 170ms
168ms Ping
text/plain 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/d/nordvpn/prod/index.js?cu=https://d.nordvpn.com/1/cc&p=nordvpn

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 600
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://nordvpn.com
access-control-allow-credentials: true
cf-ray: 8b380b7b7ba10e8d-MXP
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 0
x-request-id: 8053e53fa174db23ac9a27c22ca13826

POST
H3 200 collect
cm.nordvpn.com/g/ 0
0 231ms
222ms Fetch 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.nordvpn.com/g/collect?v=2&tid=G-LEXMJ1N516&gtm=45je48c0v874252800za200&_p=1723712956352&gcs=G101&gcd=13p3tPp2p7&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=1196262547.1723712956&ul=it-it&sr=1600x1200&_fplc=0&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&_s=1&sid=1723712956&sct=1&seg=0&dl=https%3A%2F%2Fnordvpn.com%2Fit%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%3D%26utm_campaign%3Doff612%26utm_source%3Daff53868&dt=Risparmia%20e%20ricevi%203%20mesi%20extra%20%7C%20NordVPN&en=scroll&_fv=1&_nsi=1&_ss=2&_ee=1&ep.consent_ver=v2gdpr&ep.cf_country=IT&ep.experiment=rOxpP.1&ep.product=nordvpn&ep.version=nordvpn-main%400.133.3&ep.page_lang=IT&ep.section_id=01&ep.section_name=Header&tfd=3040

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8b380b798f3a0e0f-MXP
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 Link.DyvSCa7o.js Show response
nordvpn.com/static/ 4 KB
2 KB 74ms
73ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/Link.DyvSCa7o.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8544b01dde7de0bfc1dfad5cb1a9f3a9d3c4b787c3c6d3f1c04aab125fec0f82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/static/StatusBar.DXNtca6o.js
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Aug 2024 08:21:01 GMT
server: cloudflare
age: 261586
etag: W/"66b9c5ed-e65"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 8b380b79bf9b0e0f-MXP
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Feb 2025 09:09:16 GMT

GET
H3 200 Text.ByJxcsZc.js Show response
nordvpn.com/static/ 1 KB
891 B 79ms
78ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/Text.ByJxcsZc.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee22c4618b120f0c9e80835ca44efafdb23e54930dbf38f8af686c5b314314d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/static/StatusBar.DXNtca6o.js
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Aug 2024 08:21:01 GMT
server: cloudflare
age: 261586
etag: W/"66b9c5ed-5cd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 8b380b79bfa00e0f-MXP
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Feb 2025 09:09:16 GMT

GET
H3 200 Tooltip.BHm6a_0b.js Show response
nordvpn.com/static/ 2 KB
1 KB 76ms
75ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/Tooltip.BHm6a_0b.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a092e189478e9a85b1cd677fb41af7812dcb9d47d2c3208cc9eb631a9140498

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/static/StatusBar.DXNtca6o.js
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Aug 2024 08:21:01 GMT
server: cloudflare
age: 261586
etag: W/"66b9c5ed-934"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 8b380b79bfa30e0f-MXP
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Feb 2025 09:09:16 GMT

GET
H3 200 buildGAExtraAttributes.DhAXmThd.js Show response
nordvpn.com/static/ 1 KB
1 KB 58ms
58ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/buildGAExtraAttributes.DhAXmThd.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c84ce135930aec7b1d50202eb8551190e738dc7a26538a52d4bbf928eec1be7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/static/StatusBar.DXNtca6o.js
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Aug 2024 08:21:01 GMT
server: cloudflare
age: 261586
etag: W/"66b9c5ed-5bb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 8b380b79bfa60e0f-MXP
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Feb 2025 09:09:16 GMT

GET
H3 200 admin-ajax.php Show response
nordvpn.com/wp-admin/ 292 B
558 B 171ms
171ms Fetch
application/json 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/wp-admin/admin-ajax.php?action=get_user_info_data

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/static/StatusBox.BOENDLx8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02af023a057ebdafd29e0370fab411f08f4c871e6b7dbc56db1239540284b86b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Referer: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/json; charset=UTF-8
x-generator: front-eu-web-6
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
cf-ray: 8b380b79bfb00e0f-MXP
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 202 cc
d.nordvpn.com/1/ 0
338 B 176ms
175ms Ping
text/plain 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/d/nordvpn/prod/index.js?cu=https://d.nordvpn.com/1/cc&p=nordvpn

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 600
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://nordvpn.com
access-control-allow-credentials: true
cf-ray: 8b380b7a79f10e8d-MXP
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 0
x-request-id: ad0489a30aa49a0d8087849711a13626

POST
H3 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
64 B 161ms
72ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G101&gcd=13p3t3p2p5&tag_exp=0&rnd=191906579.1723712957&url=https%3A%2F%2Fnordvpn.com%2Fit%2Fspecial%2F&dma_cps=-&dma=1&npa=1&gtm=45He48c0n71WX5CH8v6894354za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 09:09:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 229 KB
82 KB 54ms
54ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-950534254&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ea0230e49f71f1d6701309cd7dda300dc34fbeac59b6e539bb9c46a059db8947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 15 Aug 2024 09:09:16 GMT

GET
DATA 200
OK truncated
/ 36 KB
36 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d23cbff70dd4a68416bff0bb406a57ddfb40dbce28e2eb9baa9957d2a841c1a6

Request headers

Referer
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 33 KB
33 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cd46bd882ff69696adb5cf7d4efba4fde6068e5265a58c019c1574751087a62

Request headers

Referer
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 36 KB
36 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 428cf1a8dc0d1063a7576688d547bf7ebc70aee941fc033c659173da0d4293e4

Request headers

Referer
Origin: https://nordvpn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 237 KB
84 KB 44ms
44ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-386034582&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c0e4ec24675cea2a3d4e8e611d5dfbbdf8a8cbb192f5f9a8fb382dde367500fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86315
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 15 Aug 2024 09:09:16 GMT

GET
H3 200 collect
cm.nordvpn.com/ 0
136 B 376ms
376ms Image
text/plain 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?ev=pv&pu=https%3A%2F%2Fnordvpn.com%2Fit%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%3D%26utm_campaign%3Doff612%26utm_source%3Daff53868&pp=%2Fit%2Fspecial%2F&pr=&pt=Risparmia%20e%20ricevi%203%20mesi%20extra%20%7C%20NordVPN&dc=desktop&gtmcb=346831662

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8b380b7a99660e0f-MXP
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 collect
cm.nordvpn.com/g/ 0
0 360ms
359ms Fetch 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.nordvpn.com/g/collect?v=2&tid=G-LEXMJ1N516&gtm=45je48c0v874252800za200&_p=1723712956352&gcs=G101&gcd=13p3tPp2p7&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=1196262547.1723712956&ul=it-it&sr=1600x1200&_fplc=0&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&sid=1723712956&sct=1&seg=0&dl=https%3A%2F%2Fnordvpn.com%2Fit%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%3D%26utm_campaign%3Doff612%26utm_source%3Daff53868&dt=Risparmia%20e%20ricevi%203%20mesi%20extra%20%7C%20NordVPN&_s=2&tfd=3239

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8b380b7ab9890e0f-MXP
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 57ms
57ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-12123059&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6d8fc6e7622d7b4fe86b3ff7c9f95020a3cb3c710fbcdcf466a3991cd9d951c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79075
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 15 Aug 2024 09:09:16 GMT

GET
H3 200 admin-ajax.php Show response
nordvpn.com/wp-admin/ 292 B
558 B 146ms
145ms Fetch
application/json 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/wp-admin/admin-ajax.php?action=get_user_info_data

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/static/StatusBar.DXNtca6o.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02af023a057ebdafd29e0370fab411f08f4c871e6b7dbc56db1239540284b86b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Referer: https://nordvpn.com/it/special/?utm_medium=affiliate&utm_term=&utm_content=&utm_campaign=off612&utm_source=aff53868
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/json; charset=UTF-8
x-generator: front-eu-web-5
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
cf-ray: 8b380b7ad9ca0e0f-MXP
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 favicon-32x32.svg
s1.nordcdn.com/nordvpn/media/1.2234.0/images/global/favicon/ 391 B
413 B 40ms
39ms Other
image/svg+xml 2606:4700::6810:9b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2234.0/images/global/favicon/favicon-32x32.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9b6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f07ae41649f6aee6b4bfe6828ec64649140ac86dfa6c489df17444c0b8d8459

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 27 Mar 2024 14:28:11 GMT
server: cloudflare
age: 20593
etag: W/"66042cfb-187"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8b380b7add654c39-MXP

GET
H2 200 favicon-32x32.ico
s1.nordcdn.com/nordvpn/media/1.2234.0/images/global/favicon/ 41 KB
2 KB 38ms
38ms Other
image/x-icon 2606:4700::6810:9b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2234.0/images/global/favicon/favicon-32x32.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9b6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76fb3f4294c214670a9e8b8c98ebd45052a3943464856b63814c8010f609b77e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 27 Mar 2024 14:28:11 GMT
server: cloudflare
age: 21873
etag: W/"66042cfb-a2be"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8b380b7b2dd64c39-MXP

GET
H2

200

src=12123059;dc_pre=CIjF85PT9ocDFXUfogMda34hFg;type=retar0;cat=purea0;ord=5665012974244;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe48c0v9181811535z86894354za201z...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=12123059;type=retar0;cat=purea0;ord=5665012974244;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe48c0v9181811535z8...
https://ade.googlesyndication.com/ddm/activity/src=12123059;dc_pre=CIjF85PT9ocDFXUfogMda34hFg;type=retar0;cat=purea0;ord=5665012974244;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=deni...

42 B
118 B

70ms
69ms

Image
image/gif

216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=12123059;dc_pre=CIjF85PT9ocDFXUfogMda34hFg;type=retar0;cat=purea0;ord=5665012974244;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe48c0v9181811535z86894354za201zb6894354;gcs=G101;gcd=13p3tPp2p7;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fnordvpn.com%2Fit%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%3D%26utm_campaign%3Doff612%26utm_source%3Daff53868?

Protocol

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 09:09:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Aug 2024 09:09:16 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=12123059;dc_pre=CIjF85PT9ocDFXUfogMda34hFg;type=retar0;cat=purea0;ord=5665012974244;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe48c0v9181811535z86894354za201zb6894354;gcs=G101;gcd=13p3tPp2p7;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fnordvpn.com%2Fit%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%3D%26utm_campaign%3Doff612%26utm_source%3Daff53868?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
cm.nordvpn.com/g/ 0
0 387ms
385ms Fetch 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.nordvpn.com/g/collect?v=2&tid=G-LEXMJ1N516&gtm=45je48c0v874252800z86894354za200&_p=1723712956352&gcs=G101&gcd=13p3tPp2p7&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=1196262547.1723712956&ul=it-it&sr=1600x1200&_fplc=0&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&sid=1723712956&sct=1&seg=1&dl=https%3A%2F%2Fnordvpn.com%2Fit%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%3D%26utm_campaign%3Doff612%26utm_source%3Daff53868&dt=Risparmia%20e%20ricevi%203%20mesi%20extra%20%7C%20NordVPN&_s=3&tfd=3414

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 15 Aug 2024 09:09:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8b380b7bcbbc0e0f-MXP
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 202 cc
d.nordvpn.com/1/ 0
338 B 186ms
184ms Ping
text/plain 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/d/nordvpn/prod/index.js?cu=https://d.nordvpn.com/1/cc&p=nordvpn

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 15 Aug 2024 09:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 600
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://nordvpn.com
access-control-allow-credentials: true
cf-ray: 8b380b7bdc6c0e8d-MXP
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 0
x-request-id: 86fa99f7d3ce5e0b885135271347a8b8

POST
H3 200 collect
cm.nordvpn.com/g/ 0
0 204ms
204ms Fetch 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.nordvpn.com/g/collect?v=2&tid=G-LEXMJ1N516&gtm=45je48c0v874252800za200&_p=1723712956352&gcs=G101&gcd=13p3tPp2p7&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=1196262547.1723712956&ul=it-it&sr=1600x1200&_fplc=0&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&_s=4&sid=1723712956&sct=1&seg=1&dl=https%3A%2F%2Fnordvpn.com%2Fit%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%3D%26utm_campaign%3Doff612%26utm_source%3Daff53868&dt=Risparmia%20e%20ricevi%203%20mesi%20extra%20%7C%20NordVPN&en=status_bar_loaded&_ee=1&ep.consent_ver=v2gdpr&ep.cf_country=IT&ep.experiment=rOxpP.1&ep.product=nordvpn&ep.version=nordvpn-main%400.133.3&ep.page_lang=IT&ep.status=unprotected&_et=170&tfd=8414

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 09:09:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8b380b9b08350e0f-MXP
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
go.nordvpn.net/	1970-01-21 08:24:32	Name: enc_aff_session_612 Value: ENC034e8d4e85601eca189658bad06614ade2be2878ce7f5299ea5527a604bf0a663df98880c20f5811e2549be9175e575f7ce21cb7bea9fb81996462b97ba9106f8936040fb23464babfcd31bb9478aabd82ba005ee63a64d06e5ab196bc913a46be8ba475e06b24733c1bb9c748019741a3e891947ea5ca5e69a22b95901e3e01501520b236
go.nordvpn.net/	1970-01-21 08:24:32	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjciLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggWDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTI3LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJpdC1JVCxpdDtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
.nordvpn.com/	1970-01-20 23:31:44	Name: aff_id Value: 53868
.nordvpn.com/	1970-01-20 23:31:44	Name: aff_transaction_id Value: 1021e48d221515c5fdc4cdb60eb9b6
.nordvpn.com/	1970-01-20 23:31:44	Name: nordvpn_aff_id Value: 53868
.nordvpn.com/	1970-01-20 23:31:44	Name: nordvpn_aff_transaction_id Value: 1021e48d221515c5fdc4cdb60eb9b6
.nordvpn.com/	1970-01-20 22:48:34	Name: __cf_bm Value: qQl7mkK1rsalXWKqvPlXwH3smp5BBivXtPzquw337Sg-1723712954-1.0.1.1-zM9kYzWfUiiwBcx2IbwIhmjzJp2wa0bp9o7SDYlixnLlNMqNuOUFsFTCMWrIzJCTMCdYnpodLDYSRZwFVMyPzz9cfDIMt.069oaBaLqpmuQ
.nordvpn.com/	1970-01-21 00:58:08	Name: experiment_local Value: rOxpP.1
.nordvpn.com/	1970-01-21 07:34:08	Name: locale Value: it
.nordvpn.com/	1970-01-21 08:24:32	Name: nc Value: 1723747719920
.nordvpn.com/	1970-01-21 08:24:32	Name: nci Value: 26
.nordvpn.com/	1970-01-21 08:24:32	Name: nv_tri Value: TC_45318412263738517_1723712956127
.nordvpn.com/	1970-01-21 08:24:32	Name: consent Value: ignored%2CES
.nordcdn.com/	1970-01-20 22:48:34	Name: __cf_bm Value: 4gcCgxxw3gUqsMpUC7MN165a7PuBvxb4UlvFwukpgVk-1723712956-1.0.1.1-jEFsWqRK022qY3HOfVp8lmShyU0ERULCowQRxgkrbKz4BqS22_tMBNRaXv2fCXLGfa2FJvXMvzRr4bNdcqRbeg
.nordvpn.com/	1970-01-21 08:24:32	Name: _ga Value: GA1.1.1196262547.1723712956
.nordvpn.com/	1970-01-20 22:58:37	Name: font-css-en Value: true
.nordvpn.com/	1970-01-20 23:31:44	Name: at Value: a
.nordvpn.com/	1970-01-21 03:10:37	Name: FirstSession Value: source%3Daff53868%26campaign%3Doff612%26medium%3Daffiliate%26term%3D%26content%3D%26hostname%3Dnordvpn.com%26date%3D20240815%26query%3Dnull
.nordvpn.com/	1970-01-21 03:10:37	Name: CurrentSession Value: source%3Daff53868%26campaign%3Doff612%26medium%3Daffiliate%26term%3D%26content%3D%26hostname%3Dnordvpn.com%26date%3D20240815%26query%3Dnull
.nordvpn.com/	1970-01-21 08:24:32	Name: _ga_LEXMJ1N516 Value: GS1.1.1723712956.1.1.1723712956.0.0.0
.nordvpn.com/	1970-01-21 08:24:32	Name: nv_trs Value: 1723712956128_1723712956761_1_5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
cm.nordvpn.com
d.nordvpn.com
go.nordvpn.net
gonordvpn.xyz
ic.nordcdn.com
nordvpn.com
pagead2.googlesyndication.com
s1.nordcdn.com
sb.nordcdn.com
visit.nordvpn.com
www.googletagmanager.com
104.19.159.190
142.250.186.104
172.217.23.98
216.58.206.66
2600:9000:2644:ce00:6:e337:e340:93a1
2606:4700::6810:9b6f
2606:4700::6810:9c6f
2a00:1450:4001:81d::2008
52.210.134.198
54.67.42.145
02af023a057ebdafd29e0370fab411f08f4c871e6b7dbc56db1239540284b86b
0f07ae41649f6aee6b4bfe6828ec64649140ac86dfa6c489df17444c0b8d8459
12cfa0eadf781e50f24dab93efc97bdbbd11984500209850461e010e558478e0
133d9660262505884ba3e7beb7b22543fdb3887633f59225c15ecb262f665e70
1470fbce81226e1cf7776b3c45e31fb4cb8d7bf11a1e8c00881b1dcd3c151d37
193b3b98a733e26cc312454ef13198d3290ff1bd0ec6ff6ed05b34bc12d5b505
23e2db14828fd64463f106c92e4d440b7ac27710c0770c61a039cda2a0ddd25e
3c07d5fe2771f0ea4dabded5dc1494a8a55625ee5a8138a07d8bf9768394d373
3e454a702260ddc76c30af1f832c70fa99c80b9f3083d91136f7fa9aa27fc68b
3f4c31033aec673d00dfe179c2c8e07502284e040f676f1fb990ab034fe650ff
428cf1a8dc0d1063a7576688d547bf7ebc70aee941fc033c659173da0d4293e4
44d73d6b245a7f0b3f6c0c540b39d7cb75094e1b930984d23a1982709c5f5d57
4d392f9691ae4316fa5b8f7fbe9fa46f46d5854472cfc87ec4c265d348f47b78
4eca16bb1543f776b2cc6fba29c799e1dd13c00ecee7fd9c54b826f9882bf21c
541e012fd5bd1706a19cf1988ed8763000c3d193d950e083ce952c53e96f144c
58c7b720ff28d73f3a1ee33da3e724229cb583ac9f330b6378295818cd7c2062
5d39c913e6a0405271dda22b046bcbef7d694d55ddae32c87f489088d9d163b4
5e9b84f3831b3fbe2dc492f557d514b1caed8d575f0b484d26ae0f9543b2578e
6107d3e5cce54e587d1b4703edce637b3399dcee56abc12a773f16dfa4fed32e
6a092e189478e9a85b1cd677fb41af7812dcb9d47d2c3208cc9eb631a9140498
6d8fc6e7622d7b4fe86b3ff7c9f95020a3cb3c710fbcdcf466a3991cd9d951c8
71867ba089cf906c39bb6a75c67ee28a3f833ec3d4bb70d8e7208a47269286e7
75f28438681332b67561059131289f90d029016eec52cb8fc0f2a5b37ab7d08c
76fb3f4294c214670a9e8b8c98ebd45052a3943464856b63814c8010f609b77e
78d4c13fee02ebb243f449d1638b5a69322c67d9dc2aab97dbbacf6a90e3162a
7df74d0fa6808e5e75b5428347478c5d0286592a859b819dd204a12f73640f5d
8544b01dde7de0bfc1dfad5cb1a9f3a9d3c4b787c3c6d3f1c04aab125fec0f82
85af712ef86440eb273cf9d88b0a1e72c611736cab32be8981e82ba210eeaf5f
925224f0431cc7070f4cd7a33fcf3f804a7b757e5be54657ab00aac3ce382b78
9664e3f95b060b1669b0830ea4f5d29da993102ebb2ca362173841c4f4b1b997
9c84ce135930aec7b1d50202eb8551190e738dc7a26538a52d4bbf928eec1be7
9cd46bd882ff69696adb5cf7d4efba4fde6068e5265a58c019c1574751087a62
9ee22c4618b120f0c9e80835ca44efafdb23e54930dbf38f8af686c5b314314d
a5a0a21bd3911fb548f536e1e018755f7a895ee54d65f00ecabab4aa6a3a1227
a6d52563029ccf3444cb3025f8b03c78b161743a6118e9a2e6413707cf439fce
b82bea9165b1a22b8c7eed4bc037aa37cc580c933b3d823f91dae447037c6517
be71fba16305ef09fef342c1a16ede4e03b2e18baae1ea7d7108809fe67dc2bf
c0e4ec24675cea2a3d4e8e611d5dfbbdf8a8cbb192f5f9a8fb382dde367500fa
c88b485196040b854f9c9ec5f4cc3297a9bec7fb543eec541f3ec3e64086764f
c8e24310b0e306003276b69c77726f8c30d61ab75bc1cac841e36e999c43bb0f
d23cbff70dd4a68416bff0bb406a57ddfb40dbce28e2eb9baa9957d2a841c1a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cd5e9b5c4d3f95f215d799a05aea1f9ba3da9e0c5c002df89827c1316ef788
ea0230e49f71f1d6701309cd7dda300dc34fbeac59b6e539bb9c46a059db8947
ec81fa653a2d1042a6acbe27f2d8a508220492984ea60c3dce079066307661a5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f391eb9a6623820668427d28cb122f776344c35bd5400e9e49d5d13c7e6d6bb8
fa212310ada397a8a9857d60cd72c211ce86f0f59fd735abcbc29f6468483c04
ff3437d5b9e982315aedfaef069a6aed818fb21e3393c2e06dacc6c95a7be279

nordvpn.com Open in urlscan Pro 104.19.159.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

98 %HTTPS

40 %IPv6

6 Domains

12 Subdomains

9 IPs

4 Countries

1055 kBTransfer

2357 kBSize

21 Cookies

11 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nordvpn.com Open in urlscan Pro
104.19.159.190 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

98 %
HTTPS

40 %
IPv6

6
Domains

12
Subdomains

9
IPs

4
Countries

1055 kB
Transfer

2357 kB
Size

21
Cookies

60 HTTP transactions
3 data transactions