urlscan.io logo urlscan.io
SecurityTrails logo

cp.nordvpnteams.com Open in urlscan Pro
2606:4700:10::6816:e49  Public Scan

Go To Rescan Add Verdict Report
URL: https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
Submission: On May 07 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 6 countries across 17 domains to perform 43 HTTP transactions. The main IP is 2606:4700:10::6816:e49, located in United States and belongs to CLOUDFLARENET, US. The main domain is cp.nordvpnteams.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on July 12th 2019. Valid for: 2 years.
This is the only time cp.nordvpnteams.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

15    2606:4700:10::6816:e49 (United States)

ASN13335 (CLOUDFLARENET, US)
cp.nordvpnteams.com
cp-api.nordvpnteams.com
3    2606:4700::6811:a81e (United States)

ASN13335 (CLOUDFLARENET, US)
s1.nordcdn.com
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a02:26f0:eb:3b4::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
snap.licdn.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
8    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    147.75.33.131 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress7
static.hotjar.com
vars.hotjar.com
2    2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a05:f500:11:101::b93f:9005 (Ireland)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2a05:f500:10:101::b93f:9101 (Ireland)

ASN14413 (LINKEDIN, US)
www.linkedin.com
1    147.75.84.39 (Parsippany, United States)

ASN54825 (PACKET, US)
script.hotjar.com
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    34.254.3.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-3-164.eu-west-1.compute.amazonaws.com
in.hotjar.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    2a03:2880:f02d:5:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)
cx.atdmt.com
Domain Requested by
13 cp.nordvpnteams.com cp.nordvpnteams.com
8 www.google-analytics.com 1 redirects www.googletagmanager.com
cp.nordvpnteams.com
3 s1.nordcdn.com cp.nordvpnteams.com
2 www.facebook.com 1 redirects cp.nordvpnteams.com
2 px.ads.linkedin.com 1 redirects cp.nordvpnteams.com
2 www.google.de cp.nordvpnteams.com
2 www.google.com 2 redirects
2 stats.g.doubleclick.net 2 redirects
2 connect.facebook.net cp.nordvpnteams.com
connect.facebook.net
2 bat.bing.com www.googletagmanager.com
cp.nordvpnteams.com
2 cp-api.nordvpnteams.com cp.nordvpnteams.com
1 cx.atdmt.com
1 analytics.twitter.com static.ads-twitter.com
1 in.hotjar.com cp.nordvpnteams.com
1 vars.hotjar.com static.hotjar.com
1 t.co cp.nordvpnteams.com
1 script.hotjar.com static.hotjar.com
1 www.linkedin.com 1 redirects
1 static.hotjar.com cp.nordvpnteams.com
1 static.ads-twitter.com cp.nordvpnteams.com
1 snap.licdn.com www.googletagmanager.com
1 www.googletagmanager.com cp.nordvpnteams.com
43 22

This site contains no links.

Subject Issuer Validity Valid
*.nordvpnteams.com
AlphaSSL CA - SHA256 - G2		 2019-07-12 -
2021-07-12		 2 years crt.sh
*.nordcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-03-14 -
2021-03-13		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
www.bing.com
Microsoft IT TLS CA 2		 2019-04-30 -
2021-04-30		 2 years crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-08-14 -
2020-08-18		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-04-15 -
2020-07-14		 3 months crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2020-04-04 -
2020-07-03		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-04-15 -
2020-07-08		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-03-04 -
2020-09-04		 6 months crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2020-04-04 -
2020-07-03		 3 months crt.sh
t.co
DigiCert SHA2 High Assurance Server CA		 2020-03-05 -
2021-03-02		 a year crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2020-04-04 -
2020-07-03		 3 months crt.sh
*.hotjar.com
Amazon		 2019-09-27 -
2020-10-27		 a year crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA		 2020-03-05 -
2021-03-02		 a year crt.sh
*.atlassolutions.com
DigiCert SHA2 High Assurance Server CA		 2020-04-19 -
2020-07-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
Frame ID: DEFBA8F0C3F846D1A029F7DC058B6C6D
Requests: 46 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 161183147273CD491C62538604132759
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

43
Requests

100 %
HTTPS

70 %
IPv6

17
Domains

22
Subdomains

18
IPs

6
Countries

1181 kB
Transfer

3331 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-42858496-30&cid=1058028122.1588849455&jid=672785705&gjid=359313773&_gid=969382119.1588849455&_u=YGBAgEAB~&z=1247329006 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42858496-30&cid=1058028122.1588849455&jid=672785705&_v=j81&z=1247329006 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42858496-30&cid=1058028122.1588849455&jid=672785705&_v=j81&z=1247329006&slf_rd=1&random=3944660890
Request Chain 21
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1311548&url=https%3A%2F%2Fcp.nordvpnteams.com%2Fmember-invite%2FzJLJATzdPrudRbQ&time=1588849455109 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1311548%26url%3Dhttps%253A%252F%252Fcp.nordvpnteams.com%252Fmember-invite%252FzJLJATzdPrudRbQ%26time%3D1588849455109%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1311548&url=https%3A%2F%2Fcp.nordvpnteams.com%2Fmember-invite%2FzJLJATzdPrudRbQ&time=1588849455109&liSync=true
Request Chain 30
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=185100572&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcp.nordvpnteams.com%2Fmember-invite%2FzJLJATzdPrudRbQ&ul=en-us&de=UTF-8&dt=NordVPN%20Teams&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=Scroll&el=10&_u=aGDAAEAB~&jid=36956507&gjid=1089817311&cid=1058028122.1588849455&tid=UA-42858496-30&_gid=969382119.1588849455&_r=1&gtm=2wg4t0MKL9JN4&cd1=2020-05-07T13%3A04%3A15.744%2B02%3A00&cd2=c5dacf92-e46f-4c3f-acc4-8cab7ac5e405&cd5=&cd3=1058028122.1588849455&z=446230882 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-42858496-30&cid=1058028122.1588849455&jid=36956507&_gid=969382119.1588849455&gjid=1089817311&_v=j81&z=446230882 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42858496-30&cid=1058028122.1588849455&jid=36956507&_v=j81&z=446230882 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42858496-30&cid=1058028122.1588849455&jid=36956507&_v=j81&z=446230882&slf_rd=1&random=3929848241
Request Chain 38
  • https://www.facebook.com/tr/?id=831674323960846&ev=Microdata&dl=https%3A%2F%2Fcp.nordvpnteams.com%2Fmember-invite%2FzJLJATzdPrudRbQ&rl=&if=false&ts=1588849456771&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22NordVPN%20Teams%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.18&r=stable&ec=1&o=30&fbp=fb.1.1588849455248.1722330495&it=1588849455107&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
  • https://cx.atdmt.com/?c=5793006985615643662&f=AYyJFwcv3U9cY5bN6ysiABpoQRGG9t84wIJItJDbp3v7fb1H65juHJrRnZfO8oXahAx3p-T3-kU2ufc9WnYCmMkV&id=831674323960846&l=3&v=0

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request zJLJATzdPrudRbQ
cp.nordvpnteams.com/member-invite/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
872298f170cfcd8a12c6688030a16398683a46e7698a3826454a03bb8c776e5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
cp.nordvpnteams.com
:scheme
https
:path
/member-invite/zJLJATzdPrudRbQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 07 May 2020 11:04:14 GMT
content-type
text/html
set-cookie
__cfduid=d4f2690c161ee032aa198f04e17bdfb411588849454; expires=Sat, 06-Jun-20 11:04:14 GMT; path=/; domain=.nordvpnteams.com; HttpOnly; SameSite=Lax FirstSession=source%3Ddirect%26medium%3Dnone%26campaign%3Ddirect%26term%3D%26content%3D%26date%3D20200507; expires=Thu, 05 Nov 2020 11:04:14 GMT; path=/; domain=.nordvpnteams.com CurrentSession=source%3Ddirect%26medium%3Dnone%26campaign%3Ddirect%26term%3D%26content%3D%26date%3D20200507; expires=Thu, 05 Nov 2020 11:04:14 GMT; path=/; domain=.nordvpnteams.com
cf-ray
58fa75814f84977e-FRA
cache-control
no-store, no-cache, must-revalidate
last-modified
Tue, 28 Apr 2020 10:49:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
content-encoding
gzip
cf-request-id
029067c4ca0000977ec5a70200000001
vendors.6c1e01e3c0b1a229ea2d.css
cp.nordvpnteams.com/assets/2.15.2/ 		110 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cp.nordvpnteams.com/assets/2.15.2/vendors.6c1e01e3c0b1a229ea2d.css
Requested by
Host: cp.nordvpnteams.com
URL: https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ae1e8f4af00fbed39439c9c4e30b5d0c24b41653b54d53b5ab4a3bf630b333e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 11:04:14 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
67166
status
200
cf-request-id
029067c6e00000977ec5ab2200000001
last-modified
Tue, 28 Apr 2020 10:49:11 GMT
server
cloudflare
etag
W/"5ea80a27-1b99b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
cache-control
public, max-age=86400
cf-ray
58fa75849c06977e-FRA
cf-bgj
h2pri
main.1cfc3550995522965626.css
cp.nordvpnteams.com/assets/2.15.2/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cp.nordvpnteams.com/assets/2.15.2/main.1cfc3550995522965626.css
Requested by
Host: cp.nordvpnteams.com
URL: https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c2c1224472685e776f92c11d5a66119ca6050630a25b36e1951ef8a0bbfd61c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 11:04:14 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
67166
status
200
cf-request-id
029067c6e00000977ec5ab3200000001
last-modified
Tue, 28 Apr 2020 10:49:11 GMT
server
cloudflare
etag
W/"5ea80a27-d11"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
cache-control
public, max-age=86400
cf-ray
58fa75849c09977e-FRA
cf-bgj
h2pri
vendors.bundle.b71fcd3e516348adc639.js
cp.nordvpnteams.com/assets/2.15.2/ 		1 MB
401 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cp.nordvpnteams.com/assets/2.15.2/vendors.bundle.b71fcd3e516348adc639.js
Requested by
Host: cp.nordvpnteams.com
URL: https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65b3712e8e0bb31c82e1e867fb481def6597a8434fc9a84dd5f1e30c95bdf389
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 11:04:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Apr 2020 10:49:11 GMT
server
cloudflare
age
67166
etag
W/"5ea80a27-1480da"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86400
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
58fa75849c0a977e-FRA
cf-request-id
029067c6e00000977ec5ab4200000001
main.bundle.8a2f5b31bd5e4c48fb98.js
cp.nordvpnteams.com/assets/2.15.2/ 		151 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cp.nordvpnteams.com/assets/2.15.2/main.bundle.8a2f5b31bd5e4c48fb98.js
Requested by
Host: cp.nordvpnteams.com
URL: https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f66391f73a8a4d9dc45dce977daae8e630c80db02c0beecd4090efcb5ace4179
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 11:04:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Apr 2020 10:49:11 GMT
server
cloudflare
age
39171
etag
W/"5ea80a27-25acc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86400
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
58fa75849c0b977e-FRA
cf-request-id
029067c6e00000977ec5ab5200000001
runtime.bundle.ab49fe31edf092c09d07.js
cp.nordvpnteams.com/assets/2.15.2/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cp.nordvpnteams.com/assets/2.15.2/runtime.bundle.ab49fe31edf092c09d07.js
Requested by
Host: cp.nordvpnteams.com
URL: https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
272b44c707c3ed98ab29f6bccddafb1362f6af718b17aee261a2e0f4fa836adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 11:04:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Apr 2020 10:49:11 GMT
server
cloudflare
age
40211
etag
W/"5ea80a27-22d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86400
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
58fa75849c0d977e-FRA
cf-request-id
029067c6e00000977ec5ab6200000001
truncated
/ 		240 B
240 B 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1f389a4a583504e955a630f2dc66ba3ef895fed89b6c6477f30fef9e09fd631

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin
https://cp.nordvpnteams.com

Response headers

Content-Type
font/woff2
woff2.css
s1.nordcdn.com/nord/misc/0.4.0/common/fonts/gordita/ 		158 KB
119 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s1.nordcdn.com/nord/misc/0.4.0/common/fonts/gordita/woff2.css
Requested by
Host: cp.nordvpnteams.com
URL: https://cp.nordvpnteams.com/assets/2.15.2/vendors.bundle.b71fcd3e516348adc639.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:a81e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8727c71f4728b6602235e5955f077d24dfcf02ec17f6d7ad7754dd7cd6c04ad3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 11:04:15 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
37
status
200
cf-request-id
029067c79e000005f9d08a8200000001
last-modified
Tue, 10 Dec 2019 16:42:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
58fa7585ceca05f9-FRA
expires
Mon, 09 Nov 2020 11:04:15 GMT
gtm.js
www.googletagmanager.com/ 		110 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKL9JN4&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: cp.nordvpnteams.com
URL: https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ca58ea0959e2cc80252b5a30a8f88e19e03b6ef7dd1d487f4b5b5f02b8051fd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 11:04:15 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33004
x-xss-protection
0
last-modified
Thu, 07 May 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 07 May 2020 11:04:15 GMT
73.bundle.ea03af71708969b969f0.js
cp.nordvpnteams.com/assets/2.15.2/ 		1 KB
826 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cp.nordvpnteams.com/assets/2.15.2/73.bundle.ea03af71708969b969f0.js
Requested by
Host: cp.nordvpnteams.com
URL: https://cp.nordvpnteams.com/assets/2.15.2/runtime.bundle.ab49fe31edf092c09d07.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e28b6b8215e5ce8f476b3ddf9afba4805fdc83f5d8b9e917fc3e60aef3545816
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 11:04:15 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Apr 2020 10:49:11 GMT
server
cloudflare
age
14603
etag
W/"5ea80a27-565"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86400
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
58fa7585cd71977e-FRA
cf-request-id
029067c79f0000977ec5acb200000001
logo.57bf905f.svg
cp.nordvpnteams.com/assets/2.15.2/static/media/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cp.nordvpnteams.com/assets/2.15.2/static/media/logo.57bf905f.svg
Requested by
Host: cp.nordvpnteams.com
URL: https://cp.nordvpnteams.com/assets/2.15.2/vendors.bundle.b71fcd3e516348adc639.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f8349f6e59167692ca6aad6d8d1ea6e77b26c5ae7e1968162c5b16ad444200e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 11:04:15 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
67166
status
200
cf-request-id
029067c7a20000977ec5acc200000001
last-modified
Tue, 28 Apr 2020 10:49:11 GMT
server
cloudflare
etag
W/"5ea80a27-1427"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
58fa7585dd7b977e-FRA
cf-bgj
h2pri
zJLJATzdPrudRbQ
cp-api.nordvpnteams.com/v1/members/invitations/ 		266 B
694 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cp-api.nordvpnteams.com/v1/members/invitations/zJLJATzdPrudRbQ
Requested by
Host: cp.nordvpnteams.com
URL: https://cp.nordvpnteams.com/assets/2.15.2/vendors.bundle.b71fcd3e516348adc639.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2637811b87eef83bad24be3aa0f8769290822b1e7f7e85d7116c6fe1497c9265
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 07 May 2020 11:04:16 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
DYNAMIC
status
200
cf-request-id
029067ca210000977ec5b06200000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type
application/json
access-control-allow-origin
https://cp.nordvpnteams.com
access-control-expose-headers
Content-Disposition,X-Total-Count,RateLimit-Limit,RateLimit-Remaining,RateLimit-Reset
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
58fa7589c9e2977e-FRA
access-control-allow-headers
Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Content-Disposition,X-Order-Identifier,Cookie
expires
-1
truncated
/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
37003cb20372958078633e3eec7b1b0be522f2a1462842d8f36abb71151ebddc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin
https://cp.nordvpnteams.com

Response headers

Content-Type
font/woff2;charset=utf-8
insight.min.js
snap.licdn.com/li.lms-analytics/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKL9JN4&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb:3b4::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 07 May 2020 11:04:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 16:41:31 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=30753
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
bat.js
bat.bing.com/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKL9JN4&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
079e218ad07f42523479d475b4973a6e386ba95209ee964c04c1a6eb6186bda3

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 11:04:14 GMT
content-encoding
gzip
last-modified
Mon, 13 Apr 2020 22:01:50 GMT
x-msedge-ref
Ref A: 6E9290DCC9E04B6A935ACCE51E8B9117 Ref B: FRA31EDGE0117 Ref C: 2020-05-07T11:04:15Z
status
200
etag
"0db222df11d61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7610
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKL9JN4&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
476
date
Thu, 07 May 2020 10:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18174
expires
Thu, 07 May 2020 12:56:19 GMT
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: cp.nordvpnteams.com
URL: https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 11:04:15 GMT
content-encoding
gzip
age
39666
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-fra19174-FRA
last-modified
Tue, 23 Jan 2018 20:09:00 GMT
x-timer
S1588849455.087705,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
fbevents.js
connect.facebook.net/en_US/ 		131 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cp.nordvpnteams.com
URL: https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
31766
x-xss-protection
0
pragma
public
x-fb-debug
qIfpDG/gMdEvcwwVbAp9/siiQvKRvfzLY7MXEQl8EXg2Od4/hxkhCR5g0gg4v4sY0FBqFpuqJORefVjZFnkO4A==
x-fb-trip-id
1460883810
x-frame-options
DENY
date
Thu, 07 May 2020 11:04:15 GMT, Thu, 07 May 2020 11:04:15 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
hotjar-1735340.js
static.hotjar.com/c/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1735340.js?sv=6
Requested by
Host: cp.nordvpnteams.com
URL: https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.33.131 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress7
Software
/
Resource Hash
66abfafc6bbb9563b4c0a731e65c965b532054e3b4a3563e56de818679db8f08
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 11:04:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
application/javascript
section-io-tag
hotjar
age
50
status
200
section-io-cache
Hit
vary
Accept-Encoding
content-length
2408
cache-control
max-age=60
etag
W/c6c72c579a14c063e0b054c596e36573
access-control-max-age
600
section-io-origin-status
304
access-control-allow-origin
*
x-cache-hit
1
section-io-origin-time-seconds
0.021
accept-ranges
bytes
section-io-id
f5db154b3e2a57df8774a6cafa8cf4dd
section-origin-responded
true
collect
www.google-analytics.com/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=185100572&t=pageview&_s=1&dl=https%3A%2F%2Fcp.nordvpnteams.com%2Fmember-invite%2FzJLJATzdPrudRbQ&ul=en-us&de=UTF-8&dt=NordVPN%20Teams&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=672785705&gjid=359313773&cid=1058028122.1588849455&tid=UA-42858496-30&_gid=969382119.1588849455&gtm=2wg4t0MKL9JN4&cd1=2020-05-07T13%3A04%3A15.72%2B02%3A00&cd2=f47414f7-b399-4442-ac1a-f559caf4f1dd&cd5=&cd3=1058028122.1588849455&z=1057801781
Requested by
Host: cp.nordvpnteams.com
URL: https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Apr 2020 14:28:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3098119
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-42858496-30&cid=1058028122.1588849455&jid=672785705&gjid=359313773&_gid=969382119.1588849455&_u=YGBAgEAB~&z=1247329006
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42858496-30&cid=1058028122.1588849455&jid=672785705&_v=j81&z=1247329006
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42858496-30&cid=1058028122.1588849455&jid=672785705&_v=j81&z=1247329006&slf_rd=1&random=3944660890
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42858496-30&cid=1058028122.1588849455&jid=672785705&_v=j81&z=1247329006&slf_rd=1&random=3944660890
Requested by
Host: cp.nordvpnteams.com
URL: https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 May 2020 11:04:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 May 2020 11:04:15 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42858496-30&cid=1058028122.1588849455&jid=672785705&_v=j81&z=1247329006&slf_rd=1&random=3944660890
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
831674323960846
connect.facebook.net/signals/config/ 		475 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/831674323960846?v=2.9.18&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d545d0ebaccf47f7fb60610e6f7a89f93958c5c91672c7c3bcb2e2f283938802
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
122179
x-xss-protection
0
pragma
public
x-fb-debug
zYFNykHHBYZcLEpL0FuOGLT962pIwQy2Fz7R2XIrqt5KkJAVd4SZBPH9kywUMJTiks2H/yC7oWkOlwRC++4Adw==
x-fb-trip-id
1460883810
x-frame-options
DENY
date
Thu, 07 May 2020 11:04:15 GMT, Thu, 07 May 2020 11:04:15 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1311548&url=https%3A%2F%2Fcp.nordvpnteams.com%2Fmember-invite%2FzJLJATzdPrudRbQ&time=1588849455109
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1311548%26url%3Dhttps%253A%252F%252Fcp.nordvpnteams.com%252Fmember-invite%252FzJL...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1311548&url=https%3A%2F%2Fcp.nordvpnteams.com%2Fmember-invite%2FzJLJATzdPrudRbQ&time=1588849455109&liSync=true
0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1311548&url=https%3A%2F%2Fcp.nordvpnteams.com%2Fmember-invite%2FzJLJATzdPrudRbQ&time=1588849455109&liSync=true
Requested by
Host: cp.nordvpnteams.com
URL: https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 11:04:15 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
status
200
x-li-proto
http/2
x-li-pop
prod-tln1
content-type
application/javascript
content-length
0
x-li-uuid
IS2KaSm6DBaQcs8nuyoAAA==

Redirect headers

date
Thu, 07 May 2020 11:04:15 GMT
x-content-type-options
nosniff
linkedin-action
1
status
302
x-li-pop
prod-efr5
content-length
0
x-li-uuid
BpYSXSm6DBaAdd/ZPSsAAA==
pragma
no-cache
server
Play
cache-control
no-cache, no-store
x-frame-options
sameorigin
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=2592000
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1311548&url=https%3A%2F%2Fcp.nordvpnteams.com%2Fmember-invite%2FzJLJATzdPrudRbQ&time=1588849455109&liSync=true
x-xss-protection
1; mode=block
x-li-proto
http/2
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
expires
Thu, 01 Jan 1970 00:00:00 GMT
modules.4ee85a622c5c34f74bab.js
script.hotjar.com/ 		368 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.4ee85a622c5c34f74bab.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1735340.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.84.39 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
/
Resource Hash
8bcf44aa65306ffb30ce83c435ff865a1dc884fa68df52df11a2eb6935f5cb46

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 11:04:14 GMT
content-encoding
br
age
12073
status
200
section-io-cache
Hit
content-length
71364
last-modified
Thu, 07 May 2020 07:40:06 GMT
etag
"145e03bc651e8744d66afc9924823508"
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.357
section-io-id
48e57d4a47ff009f6e408990c59aeb26
accept-ranges
bytes
content-type
application/javascript
section-origin-responded
true
0
bat.bing.com/action/ 		0
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=23002657&Ver=2&mid=c7499462-53d6-bbef-19e3-cde6961a12e8&sid=a1dc4656-8553-fbbc-cb95-a6612e39fded&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=NordVPN%20Teams&p=https%3A%2F%2Fcp.nordvpnteams.com%2Fmember-invite%2FzJLJATzdPrudRbQ&r=&lt=763&evt=pageLoad&msclkid=N&sv=1&rn=367148
Requested by
Host: cp.nordvpnteams.com
URL: https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Thu, 07 May 2020 11:04:14 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: B42DF266DDD040C394ADB4BDBF5DA93B Ref B: FRA31EDGE0117 Ref C: 2020-05-07T11:04:15Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
t.co/i/ 		43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o34ef&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Requested by
Host: cp.nordvpnteams.com
URL: https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 11:04:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
119
pragma
no-cache
last-modified
Thu, 07 May 2020 11:04:15 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
78c788a28ba594af71150609ba25c53b
x-transaction
0010319900faa79b
expires
Tue, 31 Mar 1981 05:00:00 GMT
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 1611 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1735340.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.33.131 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress7
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ

Response headers

status
200
date
Thu, 07 May 2020 11:04:15 GMT
content-type
text/html
content-length
851
last-modified
Wed, 06 May 2020 20:37:16 GMT
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control
max-age=31536000
content-encoding
br
section-io-origin-status
200
section-io-origin-time-seconds
0.043
section-origin-responded
true
age
14510
vary
Accept-Encoding
section-io-cache
Hit
accept-ranges
bytes
section-io-id
d8888d425233bf3eba5b08c80af9c424
visit-data
in.hotjar.com/api/v2/client/sites/1735340/ 		183 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1735340/visit-data?sv=6
Requested by
Host: cp.nordvpnteams.com
URL: https://cp.nordvpnteams.com/assets/2.15.2/vendors.bundle.b71fcd3e516348adc639.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.3.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-3-164.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9301109f8f744815770fe083e28ff3082eb701ca2fe6492a8885a20293522780

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Thu, 07 May 2020 11:04:15 GMT
content-encoding
br
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
x-cache-hit
0
access-control-allow-credentials
true
/
www.facebook.com/tr/ 		44 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=831674323960846&ev=PageView&dl=https%3A%2F%2Fcp.nordvpnteams.com%2Fmember-invite%2FzJLJATzdPrudRbQ&rl=&if=false&ts=1588849455250&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1588849455248.1722330495&it=1588849455107&coo=false&rqm=GET
Requested by
Host: cp.nordvpnteams.com
URL: https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 11:04:15 GMT, Thu, 07 May 2020 11:04:15 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Thu, 07 May 2020 11:04:15 GMT
loader.svg
s1.nordcdn.com/nordvpn/media/1.285.0/images/global/icons/16/ 		311 B
358 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.nordcdn.com/nordvpn/media/1.285.0/images/global/icons/16/loader.svg
Requested by
Host: cp.nordvpnteams.com
URL: https://cp.nordvpnteams.com/assets/2.15.2/vendors.bundle.b71fcd3e516348adc639.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:a81e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daa41aed60b7669ad6f66ff1ad016302dfe4a990b121c062550cfcb97295db9c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 11:04:15 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
3078
status
200
cf-request-id
029067c898000005f9d08be200000001
last-modified
Wed, 22 Jan 2020 14:53:27 GMT
server
cloudflare
etag
W/"5e2861e7-137"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=16070400, immutable
cf-ray
58fa75875d5005f9-FRA
adsct
analytics.twitter.com/i/ 		31 B
283 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o34ef&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fcp.nordvpnteams.com%2Fmember-invite%2FzJLJATzdPrudRbQ
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 11:04:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
57
x-xss-protection
0
x-response-time
119
pragma
no-cache
last-modified
Thu, 07 May 2020 11:04:15 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
2ddb832f40b0fc42bdbf8147dc152d69
x-transaction
00b575b500f5a6aa
expires
Tue, 31 Mar 1981 05:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=185100572&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcp.nordvpnteams.com%2Fmember-invite%2FzJLJATzdPrudRbQ&ul=en-us&de=UTF-8&dt=NordVPN%20Teams&sd=24...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-42858496-30&cid=1058028122.1588849455&jid=36956507&_gid=969382119.1588849455&gjid=1089817311&_v=j81&z=446230882
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42858496-30&cid=1058028122.1588849455&jid=36956507&_v=j81&z=446230882
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42858496-30&cid=1058028122.1588849455&jid=36956507&_v=j81&z=446230882&slf_rd=1&random=3929848241
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42858496-30&cid=1058028122.1588849455&jid=36956507&_v=j81&z=446230882&slf_rd=1&random=3929848241
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 May 2020 11:04:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 May 2020 11:04:15 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42858496-30&cid=1058028122.1588849455&jid=36956507&_v=j81&z=446230882&slf_rd=1&random=3929848241
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=185100572&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcp.nordvpnteams.com%2Fmember-invite%2FzJLJATzdPrudRbQ&ul=en-us&de=UTF-8&dt=NordVPN%20Teams&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=Scroll&el=25&_u=aGDAAEAB~&jid=&gjid=&cid=1058028122.1588849455&tid=UA-42858496-30&_gid=969382119.1588849455&gtm=2wg4t0MKL9JN4&cd1=2020-05-07T13%3A04%3A15.750%2B02%3A00&cd2=309258d8-76b6-44cc-9054-435120b2fc64&cd5=&cd3=1058028122.1588849455&z=592945453
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Apr 2020 14:28:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3098119
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=185100572&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcp.nordvpnteams.com%2Fmember-invite%2FzJLJATzdPrudRbQ&ul=en-us&de=UTF-8&dt=NordVPN%20Teams&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=Scroll&el=40&_u=aGDAAEAB~&jid=&gjid=&cid=1058028122.1588849455&tid=UA-42858496-30&_gid=969382119.1588849455&gtm=2wg4t0MKL9JN4&cd1=2020-05-07T13%3A04%3A15.753%2B02%3A00&cd2=10eb70fc-2b00-487e-9e80-385a82615879&cd5=&cd3=1058028122.1588849455&z=495599858
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Apr 2020 14:28:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3098119
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=185100572&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcp.nordvpnteams.com%2Fmember-invite%2FzJLJATzdPrudRbQ&ul=en-us&de=UTF-8&dt=NordVPN%20Teams&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=Scroll&el=55&_u=aGDAAEAB~&jid=&gjid=&cid=1058028122.1588849455&tid=UA-42858496-30&_gid=969382119.1588849455&gtm=2wg4t0MKL9JN4&cd1=2020-05-07T13%3A04%3A15.757%2B02%3A00&cd2=87907ecf-e34e-4402-a951-4c76a28f9f9c&cd5=&cd3=1058028122.1588849455&z=2025520648
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Apr 2020 14:28:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3098119
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=185100572&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcp.nordvpnteams.com%2Fmember-invite%2FzJLJATzdPrudRbQ&ul=en-us&de=UTF-8&dt=NordVPN%20Teams&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=Scroll&el=70&_u=aGDAAEAB~&jid=&gjid=&cid=1058028122.1588849455&tid=UA-42858496-30&_gid=969382119.1588849455&gtm=2wg4t0MKL9JN4&cd1=2020-05-07T13%3A04%3A15.761%2B02%3A00&cd2=76511aed-8a6b-4283-9634-9bc757112543&cd5=&cd3=1058028122.1588849455&z=1147625786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Apr 2020 14:28:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3098119
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=185100572&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcp.nordvpnteams.com%2Fmember-invite%2FzJLJATzdPrudRbQ&ul=en-us&de=UTF-8&dt=NordVPN%20Teams&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=Scroll&el=85&_u=aGDAAEAB~&jid=&gjid=&cid=1058028122.1588849455&tid=UA-42858496-30&_gid=969382119.1588849455&gtm=2wg4t0MKL9JN4&cd1=2020-05-07T13%3A04%3A15.764%2B02%3A00&cd2=6f5ecfa9-febe-43c0-8bb0-e52732502161&cd5=&cd3=1058028122.1588849455&z=892590641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Apr 2020 14:28:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3098119
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
70.bundle.3dd4d5db85d84b8f3590.js
cp.nordvpnteams.com/assets/2.15.2/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cp.nordvpnteams.com/assets/2.15.2/70.bundle.3dd4d5db85d84b8f3590.js
Requested by
Host: cp.nordvpnteams.com
URL: https://cp.nordvpnteams.com/assets/2.15.2/runtime.bundle.ab49fe31edf092c09d07.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6515f1c22686971ff89cd875c34775a81874a56a5f10f82be4129e05e857d6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 11:04:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Apr 2020 10:49:11 GMT
server
cloudflare
age
14602
etag
W/"5ea80a27-1015"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86400
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
58fa758d5dd3977e-FRA
cf-request-id
029067cc5a0000977ec5b69200000001
authentication-methods
cp-api.nordvpnteams.com/v1/ 		29 B
187 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cp-api.nordvpnteams.com/v1/authentication-methods?organization=cognizant
Requested by
Host: cp.nordvpnteams.com
URL: https://cp.nordvpnteams.com/assets/2.15.2/vendors.bundle.b71fcd3e516348adc639.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e7ed0c1e6c31a6303684841d87a47628437396fd58fc25ca74a9a8baa6ab346
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 07 May 2020 11:04:17 GMT
cf-cache-status
DYNAMIC
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
29
cf-request-id
029067cd260000977ec5b7e200000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type
application/json
access-control-allow-origin
https://cp.nordvpnteams.com
access-control-expose-headers
Content-Disposition,X-Total-Count,RateLimit-Limit,RateLimit-Remaining,RateLimit-Reset
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
58fa758eafcf977e-FRA
access-control-allow-headers
Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Content-Disposition,X-Order-Identifier,Cookie
expires
-1
/
cx.atdmt.com/
Redirect Chain
  • https://www.facebook.com/tr/?id=831674323960846&ev=Microdata&dl=https%3A%2F%2Fcp.nordvpnteams.com%2Fmember-invite%2FzJLJATzdPrudRbQ&rl=&if=false&ts=1588849456771&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%2...
  • https://cx.atdmt.com/?c=5793006985615643662&f=AYyJFwcv3U9cY5bN6ysiABpoQRGG9t84wIJItJDbp3v7fb1H65juHJrRnZfO8oXahAx3p-T3-kU2ufc9WnYCmMkV&id=831674323960846&l=3&v=0
42 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cx.atdmt.com/?c=5793006985615643662&f=AYyJFwcv3U9cY5bN6ysiABpoQRGG9t84wIJItJDbp3v7fb1H65juHJrRnZfO8oXahAx3p-T3-kU2ufc9WnYCmMkV&id=831674323960846&l=3&v=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 07 May 2020 11:04:16 GMT, Thu, 07 May 2020 11:04:16 GMT, Thu, 07 May 2020 11:04:16 GMT
content-type
image/gif
alt-svc
h3-27=":443"; ma=3600
content-length
42
p3p
CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"

Redirect headers

pragma
no-cache
date
Thu, 07 May 2020 11:04:16 GMT, Thu, 07 May 2020 11:04:16 GMT
server
proxygen-bolt
status
302
content-type
text/plain
location
https://cx.atdmt.com/?c=5793006985615643662&f=AYyJFwcv3U9cY5bN6ysiABpoQRGG9t84wIJItJDbp3v7fb1H65juHJrRnZfO8oXahAx3p-T3-kU2ufc9WnYCmMkV&id=831674323960846&l=3&v=0
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=3600
content-length
0
expires
0
69.bundle.16448a4dedda2dd3cbdc.js
cp.nordvpnteams.com/assets/2.15.2/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cp.nordvpnteams.com/assets/2.15.2/69.bundle.16448a4dedda2dd3cbdc.js
Requested by
Host: cp.nordvpnteams.com
URL: https://cp.nordvpnteams.com/assets/2.15.2/runtime.bundle.ab49fe31edf092c09d07.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3da8cb7f7081f5e3e8b6907e12c81249dabdab6537d4188a83e8c2516038ac4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 11:04:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Apr 2020 10:49:11 GMT
server
cloudflare
age
14601
etag
W/"5ea80a27-97e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86400
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
58fa75927dd8977e-FRA
cf-request-id
029067cf8b0000977ec5bc4200000001
Create-acc_after-invitation.9b47a000.png
cp.nordvpnteams.com/assets/2.15.2/static/media/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cp.nordvpnteams.com/assets/2.15.2/static/media/Create-acc_after-invitation.9b47a000.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f887b5bd87baf7d3c03ca7cf93eec574361590dd0ac6c7e1ddfab6b117b3bfff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 11:04:17 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
14601
status
200
content-length
35049
cf-request-id
029067cfd20000977ec5bcc200000001
last-modified
Tue, 28 Apr 2020 10:49:11 GMT
server
cloudflare
etag
"5ea80a27-88e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
58fa7592ee87977e-FRA
eye.svg
s1.nordcdn.com/nordvpn/media/1.285.0/images/global/icons/16/ 		427 B
500 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.nordcdn.com/nordvpn/media/1.285.0/images/global/icons/16/eye.svg
Requested by
Host: cp.nordvpnteams.com
URL: https://cp.nordvpnteams.com/assets/2.15.2/vendors.bundle.b71fcd3e516348adc639.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:a81e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebfdb5e99c70f5b5f199d6b1ee2078364efba267943900bd2733a1f4d906dad5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 11:04:17 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
4584
status
200
cf-request-id
029067cfe2000005f9d099d200000001
last-modified
Wed, 22 Jan 2020 14:53:27 GMT
server
cloudflare
etag
W/"5e2861e7-1ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=16070400, immutable
cf-ray
58fa75930a6005f9-FRA
truncated
/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8dc56987c77cc3936d6c8bd1e30d5cb73a914f1bd54dbf1e364ba7e289b54a26

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin
https://cp.nordvpnteams.com

Response headers

Content-Type
font/woff2;charset=utf-8
truncated
/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16700299825af53dc7542965d18c168592f7fba26c499d27caad2ed18524977d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin
https://cp.nordvpnteams.com

Response headers

Content-Type
font/woff2;charset=utf-8
Create-acc_after-invitation.402e3433.svg
cp.nordvpnteams.com/assets/2.15.2/static/media/ 		126 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cp.nordvpnteams.com/assets/2.15.2/static/media/Create-acc_after-invitation.402e3433.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26f0159f022d351b4df361fd69981cac62753caafa7eb5c5599e296ea31b24e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 11:04:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Apr 2020 10:49:11 GMT
server
cloudflare
age
14601
etag
W/"5ea80a27-1f72c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=86400
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
58fa75934ed8977e-FRA
cf-request-id
029067d0110000977ec5bd0200000001
Create-acc_after-invitation.402e3433.svg
cp.nordvpnteams.com/assets/2.15.2/static/media/ 		126 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cp.nordvpnteams.com/assets/2.15.2/static/media/Create-acc_after-invitation.402e3433.svg
Requested by
Host: cp.nordvpnteams.com
URL: https://cp.nordvpnteams.com/assets/2.15.2/vendors.bundle.b71fcd3e516348adc639.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26f0159f022d351b4df361fd69981cac62753caafa7eb5c5599e296ea31b24e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cp.nordvpnteams.com/member-invite/zJLJATzdPrudRbQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 11:04:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Apr 2020 10:49:11 GMT
server
cloudflare
age
14601
etag
W/"5ea80a27-1f72c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=86400
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
58fa75939f2a977e-FRA
cf-request-id
029067d03a0000977ec5bd4200000001

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| env object| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __$$GLOBAL_REWIRE_REGISTRY__ function| __rewire_reset_all__ number| __$$GLOBAL_REWIRE_NEXT_MODULE_ID__ object| __SENTRY__ object| dataLayer object| google_tag_manager string| _linkedin_data_partner_id object| uetq string| GoogleAnalyticsObject function| ga function| twq function| fbq function| _fbq function| hj object| _hjSettings object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| lintrk boolean| _already_called_lintrk object| twttr object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| UET

11 Cookies

Domain/Path Name / Value
.nordvpnteams.com/ Name: _fbp
Value: fb.1.1588849455248.1722330495
cp.nordvpnteams.com/ Name: _hjIncludedInSample
Value: 1
.nordvpnteams.com/ Name: _gid
Value: GA1.2.969382119.1588849455
.nordvpnteams.com/ Name: fontsCssCache
Value: true
.nordvpnteams.com/ Name: _uetsid
Value: _ueta1dc4656-8553-fbbc-cb95-a6612e39fded
.nordvpnteams.com/ Name: _dc_gtm_UA-42858496-30
Value: 1
.nordvpnteams.com/ Name: _ga
Value: GA1.2.1058028122.1588849455
.nordvpnteams.com/ Name: _hjid
Value: 53dc6fee-eaef-42df-b3ae-b61e8fc11195
.nordvpnteams.com/ Name: CurrentSession
Value: source%3Ddirect%26medium%3Dnone%26campaign%3Ddirect%26term%3D%26content%3D%26date%3D20200507
.nordvpnteams.com/ Name: FirstSession
Value: source%3Ddirect%26medium%3Dnone%26campaign%3Ddirect%26term%3D%26content%3D%26date%3D20200507
.nordvpnteams.com/ Name: __cfduid
Value: d4f2690c161ee032aa198f04e17bdfb411588849454

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
bat.bing.com
connect.facebook.net
cp-api.nordvpnteams.com
cp.nordvpnteams.com
cx.atdmt.com
in.hotjar.com
px.ads.linkedin.com
s1.nordcdn.com
script.hotjar.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
104.244.42.3
104.244.42.69
147.75.33.131
147.75.84.39
151.101.12.157
2606:4700:10::6816:e49
2606:4700::6811:a81e
2620:1ec:c11::200
2a00:1450:4001:809::2008
2a00:1450:4001:814::2003
2a00:1450:4001:819::2004
2a00:1450:4001:81b::200e
2a00:1450:400c:c08::9a
2a02:26f0:eb:3b4::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:5:face:b00c:0:8c
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:10:101::b93f:9101
2a05:f500:11:101::b93f:9005
34.254.3.164
079e218ad07f42523479d475b4973a6e386ba95209ee964c04c1a6eb6186bda3
0c2c1224472685e776f92c11d5a66119ca6050630a25b36e1951ef8a0bbfd61c
0f8349f6e59167692ca6aad6d8d1ea6e77b26c5ae7e1968162c5b16ad444200e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16700299825af53dc7542965d18c168592f7fba26c499d27caad2ed18524977d
1e7ed0c1e6c31a6303684841d87a47628437396fd58fc25ca74a9a8baa6ab346
2637811b87eef83bad24be3aa0f8769290822b1e7f7e85d7116c6fe1497c9265
26f0159f022d351b4df361fd69981cac62753caafa7eb5c5599e296ea31b24e6
272b44c707c3ed98ab29f6bccddafb1362f6af718b17aee261a2e0f4fa836adf
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
37003cb20372958078633e3eec7b1b0be522f2a1462842d8f36abb71151ebddc
3ae1e8f4af00fbed39439c9c4e30b5d0c24b41653b54d53b5ab4a3bf630b333e
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
65b3712e8e0bb31c82e1e867fb481def6597a8434fc9a84dd5f1e30c95bdf389
66abfafc6bbb9563b4c0a731e65c965b532054e3b4a3563e56de818679db8f08
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
872298f170cfcd8a12c6688030a16398683a46e7698a3826454a03bb8c776e5c
8727c71f4728b6602235e5955f077d24dfcf02ec17f6d7ad7754dd7cd6c04ad3
8bcf44aa65306ffb30ce83c435ff865a1dc884fa68df52df11a2eb6935f5cb46
8dc56987c77cc3936d6c8bd1e30d5cb73a914f1bd54dbf1e364ba7e289b54a26
9301109f8f744815770fe083e28ff3082eb701ca2fe6492a8885a20293522780
a1f389a4a583504e955a630f2dc66ba3ef895fed89b6c6477f30fef9e09fd631
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
c6515f1c22686971ff89cd875c34775a81874a56a5f10f82be4129e05e857d6f
ca58ea0959e2cc80252b5a30a8f88e19e03b6ef7dd1d487f4b5b5f02b8051fd9
d545d0ebaccf47f7fb60610e6f7a89f93958c5c91672c7c3bcb2e2f283938802
daa41aed60b7669ad6f66ff1ad016302dfe4a990b121c062550cfcb97295db9c
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e28b6b8215e5ce8f476b3ddf9afba4805fdc83f5d8b9e917fc3e60aef3545816
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3da8cb7f7081f5e3e8b6907e12c81249dabdab6537d4188a83e8c2516038ac4
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ebfdb5e99c70f5b5f199d6b1ee2078364efba267943900bd2733a1f4d906dad5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f66391f73a8a4d9dc45dce977daae8e630c80db02c0beecd4090efcb5ace4179
f887b5bd87baf7d3c03ca7cf93eec574361590dd0ac6c7e1ddfab6b117b3bfff