nordvpn.com Open in urlscan Pro
104.19.159.190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.nordrvpn.com/
Effective URL:
https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017
Submission: On November 26 via automatic, source certstream-suspicious (November 26th 2024, 10:55:02 pm UTC) — Scanned from DE

Summary HTTP 72 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 72 HTTP transactions. The main IP is 104.19.159.190, located in and belongs to CLOUDFLARENET, US. The main domain is nordvpn.com. The Cisco Umbrella rank of the primary domain is 15830.
TLS certificate: Issued by GlobalSign GCC R6 AlphaSSL CA 2023 on September 25th 2024. Valid for: a year.

This is the only time nordvpn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	136.243.255.71 136.243.255.71	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1 1	148.251.194.160 148.251.194.160	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1 2	2606:4700:303... 2606:4700:3037::6815:3deb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.16.200.194 52.16.200.194	16509 (AMAZON-02) (AMAZON-02)
2 48	104.19.159.190 104.19.159.190	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:9c6f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700::68... 2606:4700::6810:9b6f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
3	2600:9000:264... 2600:9000:2644:ce00:6:e337:e340:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
72	9

2 136.243.255.71 (Eitensheim, Germany) 2 redirects

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.71.255.243.136.clients.your-server.de

www.nordrvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.194.160 (Germany) 1 redirects

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.160.194.251.148.clients.your-server.de

148.251.194.160	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:3deb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.adfactors.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.200.194 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-200-194.eu-west-1.compute.amazonaws.com

go.nordvpn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 104.19.159.190 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

visit.nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
web-api.nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:9c6f (United States)

ASN13335 (CLOUDFLARENET, US)

s1.nordcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6810:9b6f (United States)

ASN13335 (CLOUDFLARENET, US)

ic.nordcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2644:ce00:6:e337:e340:93a1 (United States)

ASN16509 (AMAZON-02, US)

sb.nordcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	nordvpn.com 2 redirects visit.nordvpn.com — Cisco Umbrella Rank: 841927 nordvpn.com — Cisco Umbrella Rank: 15830 d.nordvpn.com — Cisco Umbrella Rank: 315069 cm.nordvpn.com — Cisco Umbrella Rank: 342824 web-api.nordvpn.com — Cisco Umbrella Rank: 544137	103 KB
16	nordcdn.com s1.nordcdn.com — Cisco Umbrella Rank: 138268 ic.nordcdn.com — Cisco Umbrella Rank: 417369 sb.nordcdn.com — Cisco Umbrella Rank: 213182	243 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	509 KB
3	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 ade.googlesyndication.com — Cisco Umbrella Rank: 341	881 B
2	adfactors.pro 1 redirects www.adfactors.pro	1 KB
2	nordrvpn.com 2 redirects www.nordrvpn.com	868 B
1	nordvpn.net go.nordvpn.net — Cisco Umbrella Rank: 457400 Failed	2 KB
72	7

	Domain	Requested by
28	nordvpn.com	1 redirects www.adfactors.pro nordvpn.com
12	d.nordvpn.com	s1.nordcdn.com
9	ic.nordcdn.com	nordvpn.com
6	www.googletagmanager.com	nordvpn.com www.googletagmanager.com
5	cm.nordvpn.com	www.googletagmanager.com
4	s1.nordcdn.com	nordvpn.com
3	sb.nordcdn.com	nordvpn.com
2	ade.googlesyndication.com	1 redirects
2	web-api.nordvpn.com	nordvpn.com
2	www.adfactors.pro	1 redirects
2	www.nordrvpn.com	2 redirects
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	visit.nordvpn.com	1 redirects
1	go.nordvpn.net	www.adfactors.pro
72	14

This site contains links to these domains. Also see Links.

Domain
www.av-test.org
twitter.com
www.youtube.com
www.independent.co.uk
support.nordvpn.com
my.nordaccount.com

Subject Issuer	Validity	Valid
adfactors.pro WE1	`2024-11-20` - `2025-02-18`	3 months	crt.sh
*.nordvpn.com GlobalSign GCC R6 AlphaSSL CA 2023	`2024-09-25` - `2025-10-27`	a year	crt.sh
*.nordcdn.com GlobalSign GCC R6 AlphaSSL CA 2023	`2024-03-13` - `2025-04-14`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
nordsecurity.bynder.com Amazon RSA 2048 M02	`2024-02-06` - `2025-03-06`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017
Frame ID: 5EFF008A0D91F6D4CBB7A083CA7E6496
Requests: 69 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fnordvpn.com
Frame ID: EE1D80A87E19A14ABB10EDF6B380202F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NordVPNs Black-Friday-Deal | NordVPN

Page URL History Show full URLs

https://www.nordrvpn.com/ HTTP 302
https://www.nordrvpn.com/?h=e2784092b2172bd02f1 HTTP 302
http://148.251.194.160/t9602031f HTTP 307
https://148.251.194.160/t9602031f HTTP 302
http://www.adfactors.pro/events-r-nordvpn.html HTTP 307
https://www.adfactors.pro/events-r-nordvpn.html HTTP 302
https://www.adfactors.pro/blog/it-doesnt-always-pay-to-follow-the-money Page URL
http://go.nordvpn.net/aff_c?offer_id=15&aff_id=68017&url_id=902 HTTP 307
https://go.nordvpn.net/aff_c?offer_id=15&aff_id=68017&url_id=902 HTTP 302
https://visit.nordvpn.com/?offer_id=15&aff_id=68017&aff_transaction_id=1023071103b8f8f3ae4e1b8434959e&... HTTP 302
https://nordvpn.com/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_s... HTTP 302
https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&ut... Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

72
Requests

97 %
HTTPS

55 %
IPv6

7
Domains

14
Subdomains

9
IPs

4
Countries

958 kB
Transfer

2367 kB
Size

24
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.av-test.org/fileadmin/pdf/reports/AV-TEST_NordVPN_Comparative_Test_Report_September_2020.pdf
Title: den vollständigen Bericht

Search URL Search Domain Scan URL

URL: https://twitter.com/Alch3m1s7/status/1639579744550133760/?s=20
Title: A|ch3m1st @Alch3m1s7 @NordVPN the new meshnet is mind-blowingly amazing piece of tech 🚀, with unlimited bottomless use cases. God bless ya all! 🙌 12:47 PM · Mar 25, 2023

Search URL Search Domain Scan URL

URL: https://twitter.com/MrNathanCorliss/status/1636840377494933504/
Title: Nathan Corliss @MrNathanCorliss This is completely unsolicited praise, @NordVPN, is very helpful as an advertiser testing search ads, and as a work-anywhere person who needs to ensure I have a safe internet connection. Great value. So easy to use, I actually use it. Keep up the good work. 11:22 PM · Mar 17, 2023

Search URL Search Domain Scan URL

URL: https://twitter.com/PedroTheKiwi/status/1633502224721793024/
Title: Pedro @PedroTheKiwi I’ve been using NordVPN and their other products for the last 4 years. Absolutely outstanding product and service 10:25 AM · Mar 8, 2023

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch/?v=tKSgSHbiwTY
Title: Auf YouTube ansehen

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch/?v=5U_6Pu_M0eY&t=55s&ab_channel=Varion
Title: Auf YouTube ansehen

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch/?v=TCAkKHzraTA&t=132s
Title: Auf YouTube ansehen

Search URL Search Domain Scan URL

URL: https://www.independent.co.uk/advisor/vpn/nordvpn-review/
Title: Independent Advisor

Search URL Search Domain Scan URL

URL: https://support.nordvpn.com/hc/de
Title: Hilfe-Center

Search URL Search Domain Scan URL

URL: https://my.nordaccount.com/de/legal/terms-of-service/
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://my.nordaccount.com/legal/cookie-policy/
Title: Cookie-Richtlinien

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.nordrvpn.com/ HTTP 302
https://www.nordrvpn.com/?h=e2784092b2172bd02f1 HTTP 302
http://148.251.194.160/t9602031f HTTP 307
https://148.251.194.160/t9602031f HTTP 302
http://www.adfactors.pro/events-r-nordvpn.html HTTP 307
https://www.adfactors.pro/events-r-nordvpn.html HTTP 302
https://www.adfactors.pro/blog/it-doesnt-always-pay-to-follow-the-money Page URL
http://go.nordvpn.net/aff_c?offer_id=15&aff_id=68017&url_id=902 HTTP 307
https://go.nordvpn.net/aff_c?offer_id=15&aff_id=68017&url_id=902 HTTP 302
https://visit.nordvpn.com/?offer_id=15&aff_id=68017&aff_transaction_id=1023071103b8f8f3ae4e1b8434959e&source=&params[ho_asub1]=&url_id=533 HTTP 302
https://nordvpn.com/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017 HTTP 302
https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.nordrvpn.com/ HTTP 302
https://www.nordrvpn.com/?h=e2784092b2172bd02f1 HTTP 302
http://148.251.194.160/t9602031f HTTP 307
https://148.251.194.160/t9602031f HTTP 302
http://www.adfactors.pro/events-r-nordvpn.html HTTP 307
https://www.adfactors.pro/events-r-nordvpn.html HTTP 302
https://www.adfactors.pro/blog/it-doesnt-always-pay-to-follow-the-money

Request Chain 1

http://go.nordvpn.net/aff_c?offer_id=15&aff_id=68017&url_id=902 HTTP 307
https://go.nordvpn.net/aff_c?offer_id=15&aff_id=68017&url_id=902

Request Chain 68

https://ade.googlesyndication.com/ddm/activity/src=12123059;type=retar0;cat=purea0;ord=2759581512782;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4bk0v9181811535z86894354za201zb6894354;gcs=G101;gcd=13p3tPp2p7l1;dma_cps=-;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fnordvpn.com%2Fde%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%26utm_campaign%3Doff15%26utm_source%3Daff68017 HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=12123059;dc_pre=CPqp5ueL-4kDFU3SOwIdiLwoCA;type=retar0;cat=purea0;ord=2759581512782;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4bk0v9181811535z86894354za201zb6894354;gcs=G101;gcd=13p3tPp2p7l1;dma_cps=-;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fnordvpn.com%2Fde%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%26utm_campaign%3Doff15%26utm_source%3Daff68017

72 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

it-doesnt-always-pay-to-follow-the-money
www.adfactors.pro/blog/
Redirect Chain

https://www.nordrvpn.com/
https://www.nordrvpn.com/?h=e2784092b2172bd02f1
http://148.251.194.160/t9602031f
https://148.251.194.160/t9602031f
http://www.adfactors.pro/events-r-nordvpn.html
https://www.adfactors.pro/events-r-nordvpn.html
https://www.adfactors.pro/blog/it-doesnt-always-pay-to-follow-the-money

417 B
818 B

43ms
42ms

Document
text/html

2606:4700:3037::6815:3deb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.adfactors.pro/blog/it-doesnt-always-pay-to-follow-the-money
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3deb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.9-1ubuntu4.5
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e8d76877c3a1ad7-FRA
content-encoding: zstd
content-type: text/html
date: Tue, 26 Nov 2024 22:54:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3cxnlSj77bX4L%2BTCdwsUjv7cyETW38RNp3Ls3UYxpNDMrJtVjaUaC5Q%2Fg4hcOtkNuCFTObrNILPDs6scbsREIgXa2YhClj7r7qw0Lga2AIE7rWAoIn6eaJDKxj2mjGlPLQ2%2FWAlqvHT6H2cpHoz8ew%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=24407&min_rtt=22705&rtt_var=5860&sent=15&recv=11&lost=0&retrans=0&sent_bytes=4976&recv_bytes=4869&delivery_rate=43544&cwnd=12000&unsent_bytes=0&cid=975b7703cf0e1edb&ts=119&x=1" cfHdrFlush;dur=0
vary: accept-encoding
x-powered-by: PHP/5.5.9-1ubuntu4.5

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e8d76872c181ad7-FRA
content-type: text/html
date: Tue, 26 Nov 2024 22:54:54 GMT
location: /blog/it-doesnt-always-pay-to-follow-the-money
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rf5%2FfbgW3KRGOyexnPMJ2N9zjwh9XUTL7kRFINkus%2Fxuuc0UM73cZc10ejDLjq3Zw7sccsvaxKI3GaYID35Ve7oip%2B9I1ZuRzmpwpMvA2Yh5c8wECCbED4yGHAF3U5sU1%2Bg4Fr%2FKPwrHS%2Fws0%2FucWA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=22780&min_rtt=22705&rtt_var=8568&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4205&recv_bytes=4356&delivery_rate=126513&cwnd=12000&unsent_bytes=0&cid=975b7703cf0e1edb&ts=76&x=1" cfHdrFlush;dur=0
x-powered-by: PHP/5.5.9-1ubuntu4.5

GET

aff_c
go.nordvpn.net/
Redirect Chain

http://go.nordvpn.net/aff_c?offer_id=15&aff_id=68017&url_id=902
https://go.nordvpn.net/aff_c?offer_id=15&aff_id=68017&url_id=902

0
0

GET
H3

200

Primary Request / Show response
nordvpn.com/de/special/
Redirect Chain

http://go.nordvpn.net/aff_c?offer_id=15&aff_id=68017&url_id=902
https://go.nordvpn.net/aff_c?offer_id=15&aff_id=68017&url_id=902
https://visit.nordvpn.com/?offer_id=15&aff_id=68017&aff_transaction_id=1023071103b8f8f3ae4e1b8434959e&source=&params[ho_asub1]=&url_id=533
https://nordvpn.com/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017
https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

159 KB
32 KB

509ms
508ms

Document
text/html

104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Requested by

Host: www.adfactors.pro
URL: https://www.adfactors.pro/blog/it-doesnt-always-pay-to-follow-the-money

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9eb0c97b23bfa7da6372f990dd9819e659ae96e23d9ed3c73cd5f0ff8702c80a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
cf-ray: 8e8d768c0d93d269-FRA
content-encoding: br
content-type: text/html
date: Tue, 26 Nov 2024 22:54:55 GMT
last-modified: Tue, 19 Nov 2024 08:27:21 GMT
priority: u=0,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8e8d768b7cb4d269-FRA
content-length: 0
date: Tue, 26 Nov 2024 22:54:55 GMT
expires: 0
location: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017
pragma: no-cache
priority: u=0,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding

GET
H2 200 index.js Show response
s1.nordcdn.com/d/nordvpn/prod/ 17 KB
7 KB 180ms
36ms Script
application/javascript 2606:4700::6810:9c6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/d/nordvpn/prod/index.js?cu=https://d.nordvpn.com/1/cc&p=nordvpn&cv=nordvpn-main@0.156.0

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d73b9480d8d2debceaf26b4a3bff2b66f05b2f42075b84dda559de751d3fc16d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=604800
content-encoding: gzip
cf-cache-status: HIT
age: 32940
cf-ray: 8e8d76905940d2eb-FRA
access-control-allow-origin: *
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript
last-modified: Wed, 13 Nov 2024 10:30:30 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 init.js Show response
s1.nordcdn.com/d/consent/prod/ 4 KB
2 KB 180ms
35ms Script
application/javascript 2606:4700::6810:9c6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/d/consent/prod/init.js?isGdpr=true

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cac3b60c321f2493e73a2573f9fd876b71a9ecc7569732086e55ab501771762c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=604800
content-encoding: gzip
cf-cache-status: HIT
age: 46681
cf-ray: 8e8d7690493ed2eb-FRA
access-control-allow-origin: *
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript
last-modified: Fri, 18 Oct 2024 07:47:26 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 main.js Show response
s1.nordcdn.com/d/consent/prod/ 128 KB
32 KB 33ms
33ms Script
application/javascript 2606:4700::6810:9c6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/d/consent/prod/main.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81422deb219a4101ce11762613ab0effb148923e37fdef95ef355f7c296e8aef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=604800
content-encoding: gzip
cf-cache-status: HIT
age: 46679
cf-ray: 8e8d769099afd2eb-FRA
access-control-allow-origin: *
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript
last-modified: Fri, 18 Oct 2024 07:47:26 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 main.css
s1.nordcdn.com/d/consent/prod/ 8 KB
2 KB 179ms
35ms Stylesheet
text/css 2606:4700::6810:9c6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/d/consent/prod/main.css

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f615e21972aa9a35750b2fe6c754682924ed4d489b9a559740a651921a206ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=604800
content-encoding: gzip
cf-cache-status: HIT
age: 46679
cf-ray: 8e8d7690493dd2eb-FRA
access-control-allow-origin: *
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: text/css
last-modified: Fri, 18 Oct 2024 07:47:26 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 200 index.BRdyxMvs.css
nordvpn.com/static/ 115 KB
20 KB 54ms
53ms Stylesheet
text/css 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/index.BRdyxMvs.css

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74e68069e40cf54f07267b040a95db50a85af6c16174650904c7a500a4864af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6745d10e-1caf8"
age: 32503
expires: Sat, 31 May 2025 22:54:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:55 GMT
content-type: text/css
last-modified: Tue, 26 Nov 2024 13:45:50 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
cf-ray: 8e8d768f7af5d269-FRA
server: cloudflare

GET
H3 200 index.BQuOpFc3.css
nordvpn.com/static/ 6 KB
2 KB 53ms
51ms Stylesheet
text/css 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/index.BQuOpFc3.css

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

340e4c036426f81fc0c02d82d346c8fe6273fc29e7f824e22a409132d77e1987

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6745d10e-197c"
age: 32503
expires: Sat, 31 May 2025 22:54:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:55 GMT
content-type: text/css
last-modified: Tue, 26 Nov 2024 13:45:50 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
cf-ray: 8e8d768f7af6d269-FRA
server: cloudflare

GET
H3 200 hoisted.BFPwmArR.js Show response
nordvpn.com/static/ 7 KB
3 KB 79ms
77ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/hoisted.BFPwmArR.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9afc260a919d8d1bb216a9b7df2703ae514a31ffb6e6da50b1b0c0779a0230a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6745d10e-1d0b"
age: 32503
expires: Sat, 31 May 2025 22:54:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:55 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 13:45:50 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
cf-ray: 8e8d768f7afcd269-FRA
server: cloudflare

GET
H2 200 tech-of-tomorrow.png
ic.nordcdn.com/v1/fr_auto,q_70/https://sb.nordcdn.com/m/718ca5b47ccc123a/original/ 5 KB
6 KB 171ms
41ms Image
image/avif 2606:4700::6810:9b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/fr_auto,q_70/https://sb.nordcdn.com/m/718ca5b47ccc123a/original/tech-of-tomorrow.png?X-Nord-Credential=T4PcHqfACi8Naxvulzf4IE8XT4oypRTi0blOOGwbK2A8L4fcPw52k3qkvbkYH&X-Nord-Signature=bswZZah%2F3Jo2v9OaS3tjuTa84K1sVekq1BUOMr6Rz6A%3D

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9b6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4e4b4b4e76670caf3e6a1ee668452a49c89c078283b628ff39c4d387ddee125

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

cf-cache-status: HIT
etag: "cfxsrN7gLul5cekYJVgJgIKuo1CvHN2RGDlYXWZjJbDQ"
cf-bgj: imgq:70,h2pri
cf-resized: internal=ram/- q=0 n=0+0 c=0+0 v=2024.10.6 l=5297
x-content-type-options: nosniff
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: image/avif
last-modified: Tue, 26 Nov 2024 14:03:25 GMT
vary: Accept, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=172800
via: 1.1 18fab39b23fb6b3013058d6df5faf0bc.cloudfront.net (CloudFront)
cf-ray: 8e8d76903bebdba1-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5297
server: cloudflare

GET
H2 200 threat-protection-secure-access-bubble-female-md.svg
ic.nordcdn.com/v1/https://sb.nordcdn.com/m/d642e7338b6a459/original/ 14 KB
6 KB 180ms
49ms Image
image/svg+xml 2606:4700::6810:9b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/https://sb.nordcdn.com/m/d642e7338b6a459/original/threat-protection-secure-access-bubble-female-md.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9b6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

133d9660262505884ba3e7beb7b22543fdb3887633f59225c15ecb262f665e70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 31891
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 22:54:56 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: vs_kBArN9k4PEeXFM5I_huXBOGH113TxZ8PUylWmgQJYWFdxGoPQng==
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: image/svg+xml
content-disposition: inline
vary: Accept-Encoding
last-modified: Tue, 26 Nov 2024 14:03:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-api-correlation-id: ff6b4c72-0e32-8826-c29a-48f53dacb939
cache-control: public, max-age=172800
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 debf5a1694fcb96cc13d895660321eda.cloudfront.net (CloudFront)
cf-ray: 8e8d76903be9dba1-FRA
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P6
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 390 KB
127 KB 142ms
36ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b3873580431747aacdacc43d1b0862a510b57654bbed1324659e6e54b2c2dd2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 26 Nov 2024 22:54:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 129695
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 Countdown.BTDmMIgM.js Show response
nordvpn.com/static/ 2 KB
1 KB 50ms
49ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/Countdown.BTDmMIgM.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60ad364ac02304e79f4a7ade0817f6468b9088c55e2ab4260a5675c44387d1d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6745d10e-921"
age: 32504
expires: Sat, 31 May 2025 22:54:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 13:45:50 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
cf-ray: 8e8d7690bd22d269-FRA
server: cloudflare

GET
H3 200 client.BWq99JoD.js Show response
nordvpn.com/static/ 1 KB
1000 B 48ms
47ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/client.BWq99JoD.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcfee41c54f433763c25b476128fe2596defd170ec0dd4e125d7cd4ccd547541

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6745d10e-4c7"
age: 32505
expires: Sat, 31 May 2025 22:54:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 13:45:50 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
cf-ray: 8e8d7690bd25d269-FRA
server: cloudflare

GET
H3 200 StatusBox.BBMg4o7_.js Show response
nordvpn.com/static/ 7 KB
3 KB 92ms
92ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/StatusBox.BBMg4o7_.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7888ef1643c5844e46c6860b4f15e17b0c1c370d8442d6b4e22f506f1a4c512b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6745d10e-1a44"
age: 32495
expires: Sat, 31 May 2025 22:54:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 13:45:50 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
cf-ray: 8e8d7690bd26d269-FRA
server: cloudflare

GET
H3 200 TabsProvider.C1BmY2Cj.js Show response
nordvpn.com/static/ 2 KB
1 KB 91ms
91ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/TabsProvider.C1BmY2Cj.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a401bfd5f68e114c14d189aa89a07c965b1f1a95d9fbf1be26bb1c0c61f3c671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6745d10e-80e"
age: 32504
expires: Sat, 31 May 2025 22:54:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 13:45:50 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
cf-ray: 8e8d7690bd2ad269-FRA
server: cloudflare

GET
H2 200 sale-discount-center-2xl-cd.png
ic.nordcdn.com/v1/fr_auto,q_70/https://sb.nordcdn.com/m/784fa78a3b9216cf/original/ 63 KB
63 KB 53ms
45ms Image
image/webp 2606:4700::6810:9b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/fr_auto,q_70/https://sb.nordcdn.com/m/784fa78a3b9216cf/original/sale-discount-center-2xl-cd.png?X-Nord-Credential=T4PcHqfACi8Naxvulzf4IE8XT4oypRTi0blOOGwbK2A8L4fcPw52k3qkvbkYH&X-Nord-Signature=rNqJ1mRPhXlFDcTCI6i9WCC7lV4tnDJl8F87Ci3LOeU%3D

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9b6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7c0b48a5a0f3fbf188fb1f003a10a87e9c2582ce384bb049c95ec02a1bf0cb9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

cf-cache-status: HIT
etag: "cfdfQd6wcOxspNissWvmEbVRKbCvHN2RGDlYXWZjJbDQ"
cf-bgj: imgq:71,h2pri
cf-resized: internal=ram/- q=0 n=0+0 c=0+0 v=2024.10.6 l=64424
warning: cf-images 299 "image too large for AVIF"
x-content-type-options: nosniff
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: image/webp
last-modified: Tue, 26 Nov 2024 14:03:37 GMT
vary: Accept, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=172800
via: 1.1 65f647a85e0d39dc9a468588d0d66886.cloudfront.net (CloudFront)
cf-ray: 8e8d7690fd07dba1-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 64424
server: cloudflare

GET
H2 200 black-friday-center-placeholder.png
ic.nordcdn.com/v1/fr_auto,q_70/https://sb.nordcdn.com/m/4811bd72976490f6/original/ 694 B
887 B 74ms
67ms Image
image/avif 2606:4700::6810:9b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/fr_auto,q_70/https://sb.nordcdn.com/m/4811bd72976490f6/original/black-friday-center-placeholder.png?X-Nord-Credential=T4PcHqfACi8Naxvulzf4IE8XT4oypRTi0blOOGwbK2A8L4fcPw52k3qkvbkYH&X-Nord-Signature=eTngl%2F54QTX5P3CI7bXo7PS9T%2BgHyjTrMIe91oWekNs%3D

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9b6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e62604c350cd9d4a810c70c4ec22e51fbd3fb3d0cca33290f111d99ab7204d63

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

cf-cache-status: HIT
etag: "cf-Byt5HJvEXzicRnGnXxWRBiHCvHN2RGDlYXWZjJbDQ"
cf-bgj: imgq:70,h2pri
cf-resized: internal=ram/- q=0 n=0+0 c=0+0 v=2024.10.6 l=694
x-content-type-options: nosniff
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: image/avif
last-modified: Tue, 26 Nov 2024 14:03:37 GMT
vary: Accept, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=172800
via: 1.1 bc3ecf5f025b0be9b8c39c5dd2dace2e.cloudfront.net (CloudFront)
cf-ray: 8e8d7690fd09dba1-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 694
server: cloudflare

GET
H2 200 nordvpn-default.svg
ic.nordcdn.com/v1/https://sb.nordcdn.com/m/1431cb1f1a5ca2c9/original/ 2 KB
1 KB 75ms
67ms Image
image/svg+xml 2606:4700::6810:9b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/https://sb.nordcdn.com/m/1431cb1f1a5ca2c9/original/nordvpn-default.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9b6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75f28438681332b67561059131289f90d029016eec52cb8fc0f2a5b37ab7d08c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 31891
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 22:54:56 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: CAZCdGPk6pXHUbTAvwd3DohaPNuJFYwraPsnmKNpjyhm4z2v4m9Zdg==
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: image/svg+xml
content-disposition: inline
vary: Accept-Encoding
last-modified: Tue, 26 Nov 2024 14:03:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-api-correlation-id: e50be1a8-4371-2828-6872-04a77dd413b5
cache-control: public, max-age=172800
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
cf-ray: 8e8d7690fd0adba1-FRA
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P6
server: cloudflare

GET
H2 200 table-expressvpn-logo.svg
ic.nordcdn.com/v1/https://sb.nordcdn.com/m/6a6a63c28e036c45/original/ 5 KB
3 KB 75ms
68ms Image
image/svg+xml 2606:4700::6810:9b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/https://sb.nordcdn.com/m/6a6a63c28e036c45/original/table-expressvpn-logo.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9b6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71867ba089cf906c39bb6a75c67ee28a3f833ec3d4bb70d8e7208a47269286e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 31891
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 22:54:56 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: w0iuo9UCrg28Vlbi8Cj_mqfZhQvjtLlT_nbaKPolELMEb66KxpZf5w==
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: image/svg+xml
content-disposition: inline
vary: Accept-Encoding
last-modified: Tue, 26 Nov 2024 14:03:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-api-correlation-id: 43882584-5ac5-0383-9f66-3e29b7686295
cache-control: public, max-age=172800
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 218c6128df18321f9758e53ccc351448.cloudfront.net (CloudFront)
cf-ray: 8e8d7690fd0ddba1-FRA
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P6
server: cloudflare

GET
H2 200 table-privatevpn-logo.svg
ic.nordcdn.com/v1/https://sb.nordcdn.com/m/5581e5a9bfc2b47a/original/ 12 KB
5 KB 74ms
66ms Image
image/svg+xml 2606:4700::6810:9b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/https://sb.nordcdn.com/m/5581e5a9bfc2b47a/original/table-privatevpn-logo.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9b6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38ab263da7c8192b85ca90d0985f8845920ab04668a88fdcdc31d5a42176c3da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 31891
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 22:54:56 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: DijHBRr6AaB2Q3UASybDVNaF24678Q9R1SXeI_8k5D8UIHczSQyiGg==
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: image/svg+xml
content-disposition: inline
vary: Accept-Encoding
last-modified: Tue, 26 Nov 2024 14:03:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-api-correlation-id: d0f10de6-4ba1-aa35-06c1-fa26a7580743
cache-control: public, max-age=172800
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 d2d6641f7f4e620ab86172e07bc2a884.cloudfront.net (CloudFront)
cf-ray: 8e8d7690fd0edba1-FRA
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P6
server: cloudflare

GET
H2 200 table-protonvpn-logo.svg
ic.nordcdn.com/v1/https://sb.nordcdn.com/m/181e90885a5e30d7/original/ 6 KB
3 KB 75ms
68ms Image
image/svg+xml 2606:4700::6810:9b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/https://sb.nordcdn.com/m/181e90885a5e30d7/original/table-protonvpn-logo.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9b6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d392f9691ae4316fa5b8f7fbe9fa46f46d5854472cfc87ec4c265d348f47b78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 31891
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 22:54:56 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: LxgKEw8ygTu-tOxoV6amIeXku5IDF9iq_tpigqt-8aMzUbkqgaiUMQ==
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: image/svg+xml
content-disposition: inline
vary: Accept-Encoding
last-modified: Tue, 26 Nov 2024 14:03:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-api-correlation-id: 24659748-541e-8227-9351-f9145bebd12d
cache-control: public, max-age=172800
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 d60e84ebd0183f97f50eb1677fb4b7be.cloudfront.net (CloudFront)
cf-ray: 8e8d7690fd0fdba1-FRA
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P8
server: cloudflare

GET
H2 200 table-purevpn-logo.svg
ic.nordcdn.com/v1/https://sb.nordcdn.com/m/30228f737077932d/original/ 9 KB
4 KB 74ms
67ms Image
image/svg+xml 2606:4700::6810:9b6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/https://sb.nordcdn.com/m/30228f737077932d/original/table-purevpn-logo.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9b6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8e24310b0e306003276b69c77726f8c30d61ab75bc1cac841e36e999c43bb0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 31891
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 22:54:56 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: FtBhjinTm4tuEyuEvQ2LOMXqKmlVlW29a69-6giHy7m1J16k-wXEyA==
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: image/svg+xml
content-disposition: inline
vary: Accept-Encoding
last-modified: Tue, 26 Nov 2024 14:03:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-api-correlation-id: acaef6f5-a6b2-16c4-1071-dfa20626976a
cache-control: public, max-age=172800
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 34f8e9435dea359238debf97e45feb10.cloudfront.net (CloudFront)
cf-ray: 8e8d7690fd10dba1-FRA
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P6
server: cloudflare

GET
H3 200 hoisted.Dr1sxZPI.js Show response
nordvpn.com/static/ 16 KB
6 KB 70ms
66ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/hoisted.Dr1sxZPI.js

Requested by

Host: www.adfactors.pro
URL: https://www.adfactors.pro/blog/it-doesnt-always-pay-to-follow-the-money

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

157c4dcc9c09d777c316636c8e13846f282d416d1b81c14caac4830202fdffd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/hoisted.BFPwmArR.js

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6745d10e-4153"
age: 32504
expires: Sat, 31 May 2025 22:54:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 13:45:50 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
cf-ray: 8e8d76911db6d269-FRA
server: cloudflare

GET
H3 200 sendEvent.CI4xipXL.js Show response
nordvpn.com/static/ 2 KB
1 KB 61ms
58ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/sendEvent.CI4xipXL.js

Requested by

Host: www.adfactors.pro
URL: https://www.adfactors.pro/blog/it-doesnt-always-pay-to-follow-the-money

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6435ad8995a613898a0389620396c87652b8e3e4954658134ef3abb71e4a4d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/hoisted.BFPwmArR.js

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6745d10e-799"
age: 32504
expires: Sat, 31 May 2025 22:54:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 13:45:50 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
cf-ray: 8e8d76911db9d269-FRA
server: cloudflare

GET
H3 200 _sentry-release-injection-file.D8m4OJcX.js Show response
nordvpn.com/static/ 492 B
562 B 74ms
70ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/_sentry-release-injection-file.D8m4OJcX.js

Requested by

Host: www.adfactors.pro
URL: https://www.adfactors.pro/blog/it-doesnt-always-pay-to-follow-the-money

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d5d7e302140596c640b90d7aa99eca4d55f838f9db6bd243b651451afc3f97d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/hoisted.BFPwmArR.js

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6745d10e-1ec"
age: 32504
expires: Sat, 31 May 2025 22:54:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 13:45:50 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
cf-ray: 8e8d76911dbfd269-FRA
server: cloudflare

GET
H3 200 sendTracyEvent.CaMjwOTS.js Show response
nordvpn.com/static/ 3 KB
2 KB 68ms
64ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/sendTracyEvent.CaMjwOTS.js

Requested by

Host: www.adfactors.pro
URL: https://www.adfactors.pro/blog/it-doesnt-always-pay-to-follow-the-money

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42eccc78615360d82869e1818f131afb7fc79b0e55a935d31153ef8963eae249

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/hoisted.BFPwmArR.js

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6745d10e-a24"
age: 32504
expires: Sat, 31 May 2025 22:54:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 13:45:50 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
cf-ray: 8e8d76912dcbd269-FRA
server: cloudflare

GET
H3 200 throttle.DIFjaQBm.js Show response
nordvpn.com/static/ 523 B
625 B 60ms
57ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/throttle.DIFjaQBm.js

Requested by

Host: www.adfactors.pro
URL: https://www.adfactors.pro/blog/it-doesnt-always-pay-to-follow-the-money

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1682d58334ca25a50881401471ffa7902026f9b17d19bff01b0b5b0fd99113e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/hoisted.BFPwmArR.js

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6745d10e-20b"
age: 32505
expires: Sat, 31 May 2025 22:54:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 13:45:50 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
cf-ray: 8e8d76912dd1d269-FRA
server: cloudflare

GET
H3 200 constants.B7CPxB35.js Show response
nordvpn.com/static/ 535 B
633 B 85ms
66ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/constants.B7CPxB35.js

Requested by

Host: www.adfactors.pro
URL: https://www.adfactors.pro/blog/it-doesnt-always-pay-to-follow-the-money

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec10afae1ac9fdaecdf59e56b77e2c8fcc06832cc80610694ab0a7a17d1166f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/hoisted.BFPwmArR.js

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6745d10e-217"
age: 32505
expires: Sat, 31 May 2025 22:54:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 13:45:50 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
cf-ray: 8e8d76914df9d269-FRA
server: cloudflare

GET
H3 200 countdown.BIaJ47Kz.js Show response
nordvpn.com/static/ 602 B
668 B 77ms
52ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/countdown.BIaJ47Kz.js

Requested by

Host: www.adfactors.pro
URL: https://www.adfactors.pro/blog/it-doesnt-always-pay-to-follow-the-money

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6aa86eba73af9f8e98be05ae70f377ec444d2275c797543416a93c0650dbeea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/hoisted.BFPwmArR.js

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6745d10e-25a"
age: 32504
expires: Sat, 31 May 2025 22:54:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 13:45:50 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
cf-ray: 8e8d76914e0ad269-FRA
server: cloudflare

GET
H3 200 getCookieValue.BG6JOr0J.js Show response
nordvpn.com/static/ 569 B
664 B 83ms
58ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/getCookieValue.BG6JOr0J.js

Requested by

Host: www.adfactors.pro
URL: https://www.adfactors.pro/blog/it-doesnt-always-pay-to-follow-the-money

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de0325a13ab6a280224d773212ff7d7e49cc8c7bb3a2adc54482dc27618516f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/hoisted.BFPwmArR.js

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6745d10e-239"
age: 32504
expires: Sat, 31 May 2025 22:54:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 13:45:50 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
cf-ray: 8e8d76914e0bd269-FRA
server: cloudflare

GET
H3 200 getExperiments.BUjpJT0a.js Show response
nordvpn.com/static/ 559 B
643 B 82ms
57ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/getExperiments.BUjpJT0a.js

Requested by

Host: www.adfactors.pro
URL: https://www.adfactors.pro/blog/it-doesnt-always-pay-to-follow-the-money

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acb3e0c7f2d097b40042fd230dc679889cf52ef6b489ef63265bc200fa77c485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/hoisted.BFPwmArR.js

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6745d10e-22f"
age: 32505
expires: Sat, 31 May 2025 22:54:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 13:45:50 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
cf-ray: 8e8d76914e0cd269-FRA
server: cloudflare

GET
H3 200 web.XijDTL91.js Show response
nordvpn.com/static/ 22 KB
9 KB 53ms
52ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/web.XijDTL91.js

Requested by

Host: www.adfactors.pro
URL: https://www.adfactors.pro/blog/it-doesnt-always-pay-to-follow-the-money

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83b017bb584a673095864665dab48414845b493d2e6b8c5408146c24f5c4c2a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/client.BWq99JoD.js

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6745d10e-565c"
age: 32505
expires: Sat, 31 May 2025 22:54:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 13:45:50 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
cf-ray: 8e8d76918e6dd269-FRA
server: cloudflare

GET
H3 200 constants.CpzrrH2h.js Show response
nordvpn.com/static/ 824 B
694 B 55ms
54ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/constants.CpzrrH2h.js

Requested by

Host: www.adfactors.pro
URL: https://www.adfactors.pro/blog/it-doesnt-always-pay-to-follow-the-money

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da3e97fc8b90051eab8a7670eb9a98cdfbc8fb0fa4e5d48d617c2247af2276c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/TabsProvider.C1BmY2Cj.js

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6745d10e-338"
age: 32505
expires: Sat, 31 May 2025 22:54:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 13:45:50 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
cf-ray: 8e8d7691aea4d269-FRA
server: cloudflare

GET
H3 200 getUserConnectionData.T9flXNtN.js Show response
nordvpn.com/static/ 583 B
651 B 45ms
44ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/getUserConnectionData.T9flXNtN.js

Requested by

Host: www.adfactors.pro
URL: https://www.adfactors.pro/blog/it-doesnt-always-pay-to-follow-the-money

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb3f6afa144e39e11e94a9fa5453ce957e0973c12d217f961bdc503cddc8962c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/StatusBox.BBMg4o7_.js

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6745d10e-247"
age: 32505
expires: Sat, 31 May 2025 22:54:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 13:45:50 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
cf-ray: 8e8d7691aea6d269-FRA
server: cloudflare

GET
H3 200 BPP2V2OU.C1JAiN_F.js Show response
nordvpn.com/static/ 7 KB
3 KB 54ms
53ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/BPP2V2OU.C1JAiN_F.js

Requested by

Host: www.adfactors.pro
URL: https://www.adfactors.pro/blog/it-doesnt-always-pay-to-follow-the-money

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f740867eaa2dc873ffd28633c2c39d7173e00ffdd2a2b2125274794785aa2273

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/StatusBox.BBMg4o7_.js

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6745d10e-1b54"
age: 32504
expires: Sat, 31 May 2025 22:54:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 13:45:50 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
cf-ray: 8e8d7691aea7d269-FRA
server: cloudflare

GET
H2 200 en-woff2 Show response
sb.nordcdn.com/m/1f322001e9afbdc5/original/ 139 KB
106 KB 170ms
25ms XHR
text/css 2600:9000:2644:ce00:6:e337:e340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sb.nordcdn.com/m/1f322001e9afbdc5/original/en-woff2

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/static/hoisted.Dr1sxZPI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2644:ce00:6:e337:e340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1470fbce81226e1cf7776b3c45e31fb4cb8d7bf11a1e8c00881b1dcd3c151d37

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

content-encoding: gzip
age: 163583
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 0dlRd1VAWVTgMI7DHbpcZlDZQOvgu8puHv2u82TZDb46l1PzB9874Q==
date: Mon, 25 Nov 2024 01:28:33 GMT
content-type: text/css
content-disposition: attachment;filename="en-woff2.css"
strict-transport-security: max-age=63072000; includeSubdomains
x-api-correlation-id: 091f42c7-acba-b84b-167c-10fb0b6f0861
cache-control: public, max-age=172800
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 debf5a1694fcb96cc13d895660321eda.cloudfront.net (CloudFront)
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P6
server: nginx

POST
H3 202 cc
d.nordvpn.com/1/ 0
369 B 185ms
154ms Ping
text/plain 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/d/nordvpn/prod/index.js?cu=https://d.nordvpn.com/1/cc&p=nordvpn&cv=nordvpn-main@0.156.0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-id: 6aeea2962ec3b92587961655fb9846a9
access-control-max-age: 600
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-ray: 8e8d76937a18a040-FRA
access-control-allow-origin: https://nordvpn.com
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
server: cloudflare
priority: u=4,i
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

OPTIONS
H3 204 cc
d.nordvpn.com/1/ Frame 0
0 225ms
127ms Preflight 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nordvpn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://nordvpn.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e8d7692885bd370-FRA
content-length: 0
date: Tue, 26 Nov 2024 22:54:56 GMT
priority: u=4,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=31536000; includeSubDomains; preload

OPTIONS
H3 204 cc
d.nordvpn.com/1/ Frame 0
0 314ms
314ms Preflight 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nordvpn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://nordvpn.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e8d76928869d370-FRA
content-length: 0
date: Tue, 26 Nov 2024 22:54:56 GMT
priority: u=4,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=31536000; includeSubDomains; preload

OPTIONS
H3 204 cc
d.nordvpn.com/1/ Frame 0
0 126ms
125ms Preflight 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nordvpn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://nordvpn.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e8d76929887d370-FRA
content-length: 0
date: Tue, 26 Nov 2024 22:54:56 GMT
priority: u=4,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=31536000; includeSubDomains; preload

OPTIONS
H3 204 cc
d.nordvpn.com/1/ Frame 0
0 126ms
125ms Preflight 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nordvpn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://nordvpn.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e8d769298a6d370-FRA
content-length: 0
date: Tue, 26 Nov 2024 22:54:56 GMT
priority: u=4,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=31536000; includeSubDomains; preload

OPTIONS
H3 204 cc
d.nordvpn.com/1/ Frame 0
0 128ms
128ms Preflight 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nordvpn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://nordvpn.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e8d7692a8d2d370-FRA
content-length: 0
date: Tue, 26 Nov 2024 22:54:56 GMT
priority: u=4,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 355 KB
119 KB 48ms
46ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45487a96a35b5fcc477c8fa8e0542ab58116d1c53157cac1886773bd15c20b32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 26 Nov 2024 22:54:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 26 Nov 2024 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 121761
x-xss-protection: 0
server: Google Tag Manager

POST
H3 202 cc
d.nordvpn.com/1/ 0
369 B 159ms
158ms Ping
text/plain 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/d/nordvpn/prod/index.js?cu=https://d.nordvpn.com/1/cc&p=nordvpn&cv=nordvpn-main@0.156.0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-id: 6b159728c7a587c462c61c494a44ce00
access-control-max-age: 600
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-ray: 8e8d76948ab1a040-FRA
access-control-allow-origin: https://nordvpn.com
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
server: cloudflare
priority: u=4,i
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

POST
H3 202 cc
d.nordvpn.com/1/ 0
405 B 168ms
148ms Ping
text/plain 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/d/nordvpn/prod/index.js?cu=https://d.nordvpn.com/1/cc&p=nordvpn&cv=nordvpn-main@0.156.0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-id: 2e85b376a8c642c449d67ef8298d4adc
access-control-max-age: 600
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-ray: 8e8d76937a1aa040-FRA
access-control-allow-origin: https://nordvpn.com
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
server: cloudflare
priority: u=4,i
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

POST
H3 202 cc
d.nordvpn.com/1/ 0
369 B 170ms
156ms Ping
text/plain 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/d/nordvpn/prod/index.js?cu=https://d.nordvpn.com/1/cc&p=nordvpn&cv=nordvpn-main@0.156.0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-id: 88fd75648615a6b945e26a23e5123903
access-control-max-age: 600
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-ray: 8e8d76937a19a040-FRA
access-control-allow-origin: https://nordvpn.com
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
server: cloudflare
priority: u=4,i
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

POST
H3 202 cc
d.nordvpn.com/1/ 0
369 B 156ms
148ms Ping
text/plain 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/d/nordvpn/prod/index.js?cu=https://d.nordvpn.com/1/cc&p=nordvpn&cv=nordvpn-main@0.156.0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-id: abc95b6a0e99fa55762c537afd871b12
access-control-max-age: 600
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-ray: 8e8d76937a1da040-FRA
access-control-allow-origin: https://nordvpn.com
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
server: cloudflare
priority: u=4,i
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

POST
H3 200 collect
cm.nordvpn.com/g/ 0
0 201ms
190ms Fetch 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.nordvpn.com/g/collect?v=2&tid=G-LEXMJ1N516&gtm=45je4bk0v874252800za200&_p=1732661696351&gcs=G101&gcd=13p3tPp2p7l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=287145358.1732661696&ul=de-de&sr=1600x1200&_fplc=0&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&_s=1&sid=1732661696&sct=1&seg=0&dl=https%3A%2F%2Fnordvpn.com%2Fde%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%26utm_campaign%3Doff15%26utm_source%3Daff68017&dt=NordVPNs%20Black-Friday-Deal%20%7C%20NordVPN&en=scroll&_fv=1&_nsi=1&_ss=2&_ee=1&ep.consent_ver=v2gdpr&ep.cf_country=DE&ep.experiment=prxBJ.1&ep.product=nordvpn&ep.version=nordvpn-main%400.156.0&ep.page_lang=DE&ep.section_id=00&ep.section_name=Header&tfd=1642

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
cf-ray: 8e8d76931949d269-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Tue, 26 Nov 2024 22:54:56 GMT
server: cloudflare
priority: u=1,i

GET
H3 200 info Show response
web-api.nordvpn.com/v1/ips/ 246 B
875 B 148ms
135ms Fetch
application/json 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://web-api.nordvpn.com/v1/ips/info

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/static/getUserConnectionData.T9flXNtN.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f55044f769a92c89267506ed1d1d32468a65844658e15e9748f77f70e94651e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

access-control-max-age: 1728000
access-control-expose-headers: *
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-credentials: true
cf-ray: 8e8d76935b65d370-FRA
access-control-allow-origin: https://nordvpn.com
content-length: 182
server: cloudflare

GET
DATA 200
OK truncated
/ 36 KB
36 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d23cbff70dd4a68416bff0bb406a57ddfb40dbce28e2eb9baa9957d2a841c1a6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 33 KB
33 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cd46bd882ff69696adb5cf7d4efba4fde6068e5265a58c019c1574751087a62

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 36 KB
36 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 428cf1a8dc0d1063a7576688d547bf7ebc70aee941fc033c659173da0d4293e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer

Response headers

Content-Type: font/woff2

POST
H3 200 collect
pagead2.googlesyndication.com/ccm/ 0
0 309ms
59ms Ping
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fnordvpn.com%2Fde%2Fspecial%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=768315988.1732661697&npa=1&gtm=45He4bk0v6894354za200&gcs=G101&gcd=13p3t3p2p5l1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732661696627&tfd=1801&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 248 KB
89 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-950534254&l=dataLayer&cx=c&gtm=45He4bk0v6894354za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bdf29f5c13a9b600b3fba50595d629651486e80b0178d7ccbb6a74181068ecbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Tue, 26 Nov 2024 22:54:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 26 Nov 2024 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90896
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 255 KB
91 KB 40ms
38ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-386034582&l=dataLayer&cx=c&gtm=45He4bk0v6894354za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7eb93cb739188221ee216568e15240212eed67056b39197e03f59e221e54b1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Tue, 26 Nov 2024 22:54:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 26 Nov 2024 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 93045
x-xss-protection: 0
server: Google Tag Manager

POST
H3 202 cc
d.nordvpn.com/1/ 0
369 B 161ms
160ms Ping
text/plain 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/d/nordvpn/prod/index.js?cu=https://d.nordvpn.com/1/cc&p=nordvpn&cv=nordvpn-main@0.156.0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-id: c32cdcb1bd3e3ea1931edc6066b0d5a9
access-control-max-age: 600
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-ray: 8e8d76941a6ba040-FRA
access-control-allow-origin: https://nordvpn.com
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
server: cloudflare
priority: u=4,i
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H3 200 collect
cm.nordvpn.com/ 0
167 B 159ms
159ms Image
text/plain 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?ev=pv&pu=https%3A%2F%2Fnordvpn.com%2Fde%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%26utm_campaign%3Doff15%26utm_source%3Daff68017&pp=%2Fde%2Fspecial%2F&pr=&pt=NordVPNs%20Black-Friday-Deal%20%7C%20NordVPN&dc=desktop&gtmcb=1595566894

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
cf-ray: 8e8d76941adbd269-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Tue, 26 Nov 2024 22:54:56 GMT
server: cloudflare
priority: u=3,i

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame EE1D 0
0 100ms
19ms Document
text/html 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fnordvpn.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 8523
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 20:32:53 GMT
expires: Wed, 26 Nov 2025 20:32:53 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect
cm.nordvpn.com/g/ 0
0 314ms
313ms Fetch 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.nordvpn.com/g/collect?v=2&tid=G-LEXMJ1N516&gtm=45je4bk0v874252800za200&_p=1732661696351&gcs=G101&gcd=13p3tPp2p7l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=287145358.1732661696&ul=de-de&sr=1600x1200&_fplc=0&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&sid=1732661696&sct=1&seg=0&dl=https%3A%2F%2Fnordvpn.com%2Fde%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%26utm_campaign%3Doff15%26utm_source%3Daff68017&dt=NordVPNs%20Black-Friday-Deal%20%7C%20NordVPN&_s=2&tfd=1861

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
cf-ray: 8e8d76945b39d269-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Tue, 26 Nov 2024 22:54:56 GMT
server: cloudflare
priority: u=1,i

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 231 KB
82 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-12123059&l=dataLayer&cx=c&gtm=45He4bk0v6894354za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

918b496f2d7df4da683d93d003184d1ac777a4c326e76fc2c3a179faf371661d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Tue, 26 Nov 2024 22:54:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 26 Nov 2024 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 84376
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 StatusBar.DrZ4t8J5.js Show response
nordvpn.com/static/ 3 KB
2 KB 58ms
57ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/StatusBar.DrZ4t8J5.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13118ce86a9c763135c8316a93b6d9cb030b138b5d64c9d72523d6fe00600f65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/de/special/?utm_medium=affiliate&utm_term=&utm_content&utm_campaign=off15&utm_source=aff68017

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6745d10e-dcf"
age: 32503
expires: Sat, 31 May 2025 22:54:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 13:45:50 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
cf-ray: 8e8d76948b85d269-FRA
server: cloudflare

GET
H2 200 favicon-32x32.png
sb.nordcdn.com/m/263daefeb45d3880/original/ 601 B
1 KB 82ms
29ms Other
image/png 2600:9000:2644:ce00:6:e337:e340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sb.nordcdn.com/m/263daefeb45d3880/original/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2644:ce00:6:e337:e340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ed81053eb4b9f090fa93d5c381f581d684e4a539e9a7ee5680930883939bc1d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

age: 44722
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 4kx0AzW6J-gKaRyTC9lG4PGMla2bCajHJD7EYo3HNYWUMKhX9AWIBw==
date: Tue, 26 Nov 2024 10:29:34 GMT
content-type: image/png
content-disposition: inline;filename="favicon-32x32.png"
strict-transport-security: max-age=63072000; includeSubdomains
x-api-correlation-id: e59d63b1-c674-c4d9-71c4-75cefabb4aef
cache-control: public, max-age=172800
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 fc486e72455da7c1d3be4472dd5ba8b2.cloudfront.net (CloudFront)
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
access-control-allow-origin: *
content-length: 601
x-amz-cf-pop: FRA60-P6
server: nginx

GET
H3 200 Link.D1wkCkr9.js Show response
nordvpn.com/static/ 3 KB
2 KB 72ms
59ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/Link.D1wkCkr9.js

Requested by

Host: www.adfactors.pro
URL: https://www.adfactors.pro/blog/it-doesnt-always-pay-to-follow-the-money

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b655168e9989f485eb4530d31bd068df3b6670d5e8a4cd29997ca8d4288280f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/StatusBar.DrZ4t8J5.js

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6745d10e-d50"
age: 32505
expires: Sat, 31 May 2025 22:54:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 13:45:50 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
cf-ray: 8e8d7695ed78d269-FRA
server: cloudflare

GET
H3 200 Text.CHUutTwA.js Show response
nordvpn.com/static/ 1 KB
923 B 74ms
58ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/Text.CHUutTwA.js

Requested by

Host: www.adfactors.pro
URL: https://www.adfactors.pro/blog/it-doesnt-always-pay-to-follow-the-money

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb8c5444b8c06eb6279ff03817cc1393cba1c0f71c9d4adad1f99dff829e7259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/StatusBar.DrZ4t8J5.js

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6745d10e-5cd"
age: 32505
expires: Sat, 31 May 2025 22:54:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 13:45:50 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
cf-ray: 8e8d7695ed86d269-FRA
server: cloudflare

GET
H3 200 Tooltip.DvKs2xnM.js Show response
nordvpn.com/static/ 2 KB
1 KB 75ms
59ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/Tooltip.DvKs2xnM.js

Requested by

Host: www.adfactors.pro
URL: https://www.adfactors.pro/blog/it-doesnt-always-pay-to-follow-the-money

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca65cb60995cf3a000e62d4b22a7d29de6906a3f06104b16e14d6fb9c637b599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/StatusBar.DrZ4t8J5.js

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6745d10e-93d"
age: 32505
expires: Sat, 31 May 2025 22:54:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 13:45:50 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
cf-ray: 8e8d7695ed89d269-FRA
server: cloudflare

GET
H3 200 buildGAExtraAttributes.D6FjaHoM.js Show response
nordvpn.com/static/ 1 KB
1 KB 70ms
54ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/buildGAExtraAttributes.D6FjaHoM.js

Requested by

Host: www.adfactors.pro
URL: https://www.adfactors.pro/blog/it-doesnt-always-pay-to-follow-the-money

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f147b5cf0f2cef04d78bea4e9f1def0825c5084e889343c5f31663869ceae0a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/StatusBar.DrZ4t8J5.js

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6745d10e-5fd"
age: 32505
expires: Sat, 31 May 2025 22:54:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 13:45:50 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
cf-ray: 8e8d7695ed8ad269-FRA
server: cloudflare

GET
H3 200 utils.SMv79TSG.js Show response
nordvpn.com/static/ 1 KB
877 B 70ms
54ms Script
application/javascript 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/static/utils.SMv79TSG.js

Requested by

Host: www.adfactors.pro
URL: https://www.adfactors.pro/blog/it-doesnt-always-pay-to-follow-the-money

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd71777d5a335bc49503f5846962efec1be1413bfc763502b5f1e688065dfc1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nordvpn.com
Referer: https://nordvpn.com/static/StatusBar.DrZ4t8J5.js

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6745d10e-462"
age: 32505
expires: Sat, 31 May 2025 22:54:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:56 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 13:45:50 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=16070400
cf-ray: 8e8d7695ed8dd269-FRA
server: cloudflare

GET
H2

200

src=12123059;dc_pre=CPqp5ueL-4kDFU3SOwIdiLwoCA;type=retar0;cat=purea0;ord=2759581512782;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4bk0v9181811535z86894354za201z...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=12123059;type=retar0;cat=purea0;ord=2759581512782;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4bk0v9181811535z8...
https://ade.googlesyndication.com/ddm/activity/src=12123059;dc_pre=CPqp5ueL-4kDFU3SOwIdiLwoCA;type=retar0;cat=purea0;ord=2759581512782;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=deni...

42 B
118 B

62ms
61ms

Image
image/gif

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=12123059;dc_pre=CPqp5ueL-4kDFU3SOwIdiLwoCA;type=retar0;cat=purea0;ord=2759581512782;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4bk0v9181811535z86894354za201zb6894354;gcs=G101;gcd=13p3tPp2p7l1;dma_cps=-;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fnordvpn.com%2Fde%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%26utm_campaign%3Doff15%26utm_source%3Daff68017?

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 26 Nov 2024 22:54:57 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://ade.googlesyndication.com/ddm/activity/src=12123059;dc_pre=CPqp5ueL-4kDFU3SOwIdiLwoCA;type=retar0;cat=purea0;ord=2759581512782;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4bk0v9181811535z86894354za201zb6894354;gcs=G101;gcd=13p3tPp2p7l1;dma_cps=-;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fnordvpn.com%2Fde%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%26utm_campaign%3Doff15%26utm_source%3Daff68017?
pragma: no-cache
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 26 Nov 2024 22:54:57 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
H3 200 info Show response
web-api.nordvpn.com/v1/ips/ 246 B
874 B 141ms
139ms Fetch
application/json 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://web-api.nordvpn.com/v1/ips/info

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/static/getUserConnectionData.T9flXNtN.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f55044f769a92c89267506ed1d1d32468a65844658e15e9748f77f70e94651e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

access-control-max-age: 1728000
access-control-expose-headers: *
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:57 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-credentials: true
cf-ray: 8e8d76969a66d370-FRA
access-control-allow-origin: https://nordvpn.com
content-length: 182
server: cloudflare

GET
H2 200 favicon-32x32.ico
sb.nordcdn.com/m/c2970e7f852deac/original/ 4 KB
1 KB 25ms
15ms Other
image/x-icon 2600:9000:2644:ce00:6:e337:e340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sb.nordcdn.com/m/c2970e7f852deac/original/favicon-32x32.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2644:ce00:6:e337:e340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

bf501d080fa31608ed7ae99d934acab7bc42082695711bd09032e3a1bd51aae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

content-encoding: gzip
age: 44721
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: zBnr2b3qb5WuT9zfiZFD3p-4rYxD2Rxq4Y7Glgld9OHy5jBxxVb5Bg==
date: Tue, 26 Nov 2024 10:29:36 GMT
content-type: image/x-icon
content-disposition: attachment;filename="favicon-32x32.ico"
strict-transport-security: max-age=63072000; includeSubdomains
x-api-correlation-id: 0c0428d7-056e-35c1-e99a-a05d58884da5
cache-control: public, max-age=172800
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 fc486e72455da7c1d3be4472dd5ba8b2.cloudfront.net (CloudFront)
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P6
server: nginx

POST
H3 200 collect
cm.nordvpn.com/g/ 0
0 262ms
261ms Fetch 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.nordvpn.com/g/collect?v=2&tid=G-LEXMJ1N516&gtm=45je4bk0v874252800z86894354za200&_p=1732661696351&gcs=G101&gcd=13p3tPp2p7l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=287145358.1732661696&ul=de-de&sr=1600x1200&_fplc=0&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&sid=1732661696&sct=1&seg=1&dl=https%3A%2F%2Fnordvpn.com%2Fde%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%26utm_campaign%3Doff15%26utm_source%3Daff68017&dt=NordVPNs%20Black-Friday-Deal%20%7C%20NordVPN&_s=3&tfd=2374

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
cf-ray: 8e8d76979ff3d269-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Tue, 26 Nov 2024 22:54:57 GMT
server: cloudflare
priority: u=1,i

POST
H3 202 cc
d.nordvpn.com/1/ 0
369 B 151ms
148ms Ping
text/plain 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/d/nordvpn/prod/index.js?cu=https://d.nordvpn.com/1/cc&p=nordvpn&cv=nordvpn-main@0.156.0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-id: 3746aa0e757a7ce31e05ec7d6c4f816c
access-control-max-age: 600
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-ray: 8e8d76979c84a040-FRA
access-control-allow-origin: https://nordvpn.com
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Tue, 26 Nov 2024 22:54:57 GMT
server: cloudflare
priority: u=4,i
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

POST
H3 200 collect
cm.nordvpn.com/g/ 0
0 209ms
208ms Fetch 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.nordvpn.com/g/collect?v=2&tid=G-LEXMJ1N516&gtm=45je4bk0v874252800za200&_p=1732661696351&gcs=G101&gcd=13p3tPp2p7l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=287145358.1732661696&ul=de-de&sr=1600x1200&_fplc=0&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&_s=4&sid=1732661696&sct=1&seg=1&dl=https%3A%2F%2Fnordvpn.com%2Fde%2Fspecial%2F%3Futm_medium%3Daffiliate%26utm_term%3D%26utm_content%26utm_campaign%3Doff15%26utm_source%3Daff68017&dt=NordVPNs%20Black-Friday-Deal%20%7C%20NordVPN&en=status_bar_loaded&_ee=1&ep.consent_ver=v2gdpr&ep.cf_country=DE&ep.experiment=prxBJ.1&ep.product=nordvpn&ep.version=nordvpn-main%400.156.0&ep.page_lang=DE&ep.status=unprotected&_et=503&tfd=7375

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nordvpn.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
cf-ray: 8e8d76b6dbf9d269-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Tue, 26 Nov 2024 22:55:02 GMT
server: cloudflare
priority: u=1,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: go.nordvpn.net
URL: https://go.nordvpn.net/aff_c?offer_id=15&aff_id=68017&url_id=902

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.nordrvpn.com/	1970-01-21 10:53:41	Name: _ga Value: GA1.2.6741990.30584930414
.www.nordrvpn.com/	1970-01-21 10:53:41	Name: h Value: 6d3e0af1
go.nordvpn.net/	1970-01-21 01:19:08	Name: aff_ran_url_15 Value: 902
go.nordvpn.net/	1970-01-21 10:53:41	Name: enc_aff_session_15 Value: ENC03c183351d58b131e3fc7807d5e48feaf3054505a637853c63a1ff18bf7d49ffcf5cfa22bf80306dacaa46b9d5f3c6ab3fe9f253ff53a4d383c63a7d13eec493884227d596b4198d9d974f91618d8909611640483afe0158fe9457a901121b41a43c3d8d150f865fb0af804a136606df53a926df5ce757f1084befe88b72e0dd8816b36d4c
go.nordvpn.net/	1970-01-21 10:53:41	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMzEiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggWDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTMxLjAuMC4wIFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
.nordvpn.com/	1970-01-21 02:00:53	Name: aff_id Value: 68017
.nordvpn.com/	1970-01-21 02:00:53	Name: aff_transaction_id Value: 1023071103b8f8f3ae4e1b8434959e
.nordvpn.com/	1970-01-21 02:00:53	Name: nordvpn_aff_id Value: 68017
.nordvpn.com/	1970-01-21 02:00:53	Name: nordvpn_aff_transaction_id Value: 1023071103b8f8f3ae4e1b8434959e
.nordvpn.com/	1970-01-21 01:17:43	Name: __cf_bm Value: VoUevsgBiRVwHIpsNc_oOYjIv7JGHfec0UF_roQdyps-1732661695-1.0.1.1-pD1xBUdy4AdK1kLRj4lFMo1.lvgt89N2xmFroSfc01jnL.le5UPLoHTkehiKw7_l9uDuvVeeQMcdhevSpmtRJh1aveSQEdGLXAy2wdNBsqA
.nordvpn.com/	1970-01-21 03:27:17	Name: experiment_local Value: prxBJ.1
.nordvpn.com/	1970-01-21 10:03:17	Name: locale Value: de
.nordvpn.com/	1970-01-21 10:53:41	Name: nc Value: 1732696459834
.nordvpn.com/	1970-01-21 10:53:41	Name: nci Value: 27
.nordcdn.com/	1970-01-21 01:17:43	Name: __cf_bm Value: XVErltX4yteXg4tqK3xD.m0vP9l14xct3pehDPOmjX0-1732661696-1.0.1.1-G1U28DUFLT9HjQSp6LIc79ryuaJ7Y_KUgPvH5sqvWSN0Qig_jEM2YhKcO4.EN1gjdIv7g37M1uiz72usBSmAUw
.nordvpn.com/	1970-01-21 10:53:41	Name: consent Value: ignored%2CES
.nordvpn.com/	1970-01-21 02:00:53	Name: at Value: a
.nordvpn.com/	1970-01-21 10:53:41	Name: nv_tri Value: TC_6153961923254114_1732661696149
.nordvpn.com/	1970-01-21 10:53:41	Name: _ga Value: GA1.1.287145358.1732661696
.nordvpn.com/	1970-01-21 01:27:46	Name: font-css-en Value: true
.nordvpn.com/	1970-01-21 05:39:46	Name: FirstSession Value: source%3Daff68017%26campaign%3Doff15%26medium%3Daffiliate%26term%3D%26content%3D%26hostname%3Dnordvpn.com%26date%3D20241126%26query%3Dnull
.nordvpn.com/	1970-01-21 05:39:46	Name: CurrentSession Value: source%3Daff68017%26campaign%3Doff15%26medium%3Daffiliate%26term%3D%26content%3D%26hostname%3Dnordvpn.com%26date%3D20241126%26query%3Dnull
.nordvpn.com/	1970-01-21 10:53:41	Name: _ga_LEXMJ1N516 Value: GS1.1.1732661696.1.1.1732661697.0.0.0
.nordvpn.com/	1970-01-21 10:53:41	Name: nv_trs Value: 1732661696150_1732661697203_1_7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
cm.nordvpn.com
d.nordvpn.com
go.nordvpn.net
ic.nordcdn.com
nordvpn.com
pagead2.googlesyndication.com
s1.nordcdn.com
sb.nordcdn.com
visit.nordvpn.com
web-api.nordvpn.com
www.adfactors.pro
www.googletagmanager.com
www.nordrvpn.com
go.nordvpn.net
104.19.159.190
136.243.255.71
142.250.184.226
148.251.194.160
2600:9000:2644:ce00:6:e337:e340:93a1
2606:4700:3037::6815:3deb
2606:4700::6810:9b6f
2606:4700::6810:9c6f
2a00:1450:4001:806::2008
2a00:1450:4001:82f::2002
52.16.200.194
13118ce86a9c763135c8316a93b6d9cb030b138b5d64c9d72523d6fe00600f65
133d9660262505884ba3e7beb7b22543fdb3887633f59225c15ecb262f665e70
1470fbce81226e1cf7776b3c45e31fb4cb8d7bf11a1e8c00881b1dcd3c151d37
157c4dcc9c09d777c316636c8e13846f282d416d1b81c14caac4830202fdffd6
340e4c036426f81fc0c02d82d346c8fe6273fc29e7f824e22a409132d77e1987
38ab263da7c8192b85ca90d0985f8845920ab04668a88fdcdc31d5a42176c3da
428cf1a8dc0d1063a7576688d547bf7ebc70aee941fc033c659173da0d4293e4
42eccc78615360d82869e1818f131afb7fc79b0e55a935d31153ef8963eae249
45487a96a35b5fcc477c8fa8e0542ab58116d1c53157cac1886773bd15c20b32
4d392f9691ae4316fa5b8f7fbe9fa46f46d5854472cfc87ec4c265d348f47b78
4f615e21972aa9a35750b2fe6c754682924ed4d489b9a559740a651921a206ba
5d5d7e302140596c640b90d7aa99eca4d55f838f9db6bd243b651451afc3f97d
60ad364ac02304e79f4a7ade0817f6468b9088c55e2ab4260a5675c44387d1d7
6435ad8995a613898a0389620396c87652b8e3e4954658134ef3abb71e4a4d43
71867ba089cf906c39bb6a75c67ee28a3f833ec3d4bb70d8e7208a47269286e7
74e68069e40cf54f07267b040a95db50a85af6c16174650904c7a500a4864af9
75f28438681332b67561059131289f90d029016eec52cb8fc0f2a5b37ab7d08c
7888ef1643c5844e46c6860b4f15e17b0c1c370d8442d6b4e22f506f1a4c512b
7eb93cb739188221ee216568e15240212eed67056b39197e03f59e221e54b1fd
81422deb219a4101ce11762613ab0effb148923e37fdef95ef355f7c296e8aef
83b017bb584a673095864665dab48414845b493d2e6b8c5408146c24f5c4c2a6
918b496f2d7df4da683d93d003184d1ac777a4c326e76fc2c3a179faf371661d
9cd46bd882ff69696adb5cf7d4efba4fde6068e5265a58c019c1574751087a62
9eb0c97b23bfa7da6372f990dd9819e659ae96e23d9ed3c73cd5f0ff8702c80a
a401bfd5f68e114c14d189aa89a07c965b1f1a95d9fbf1be26bb1c0c61f3c671
a9afc260a919d8d1bb216a9b7df2703ae514a31ffb6e6da50b1b0c0779a0230a
acb3e0c7f2d097b40042fd230dc679889cf52ef6b489ef63265bc200fa77c485
b3873580431747aacdacc43d1b0862a510b57654bbed1324659e6e54b2c2dd2a
b4e4b4b4e76670caf3e6a1ee668452a49c89c078283b628ff39c4d387ddee125
b655168e9989f485eb4530d31bd068df3b6670d5e8a4cd29997ca8d4288280f4
bcfee41c54f433763c25b476128fe2596defd170ec0dd4e125d7cd4ccd547541
bd71777d5a335bc49503f5846962efec1be1413bfc763502b5f1e688065dfc1d
bdf29f5c13a9b600b3fba50595d629651486e80b0178d7ccbb6a74181068ecbb
bf501d080fa31608ed7ae99d934acab7bc42082695711bd09032e3a1bd51aae6
c7c0b48a5a0f3fbf188fb1f003a10a87e9c2582ce384bb049c95ec02a1bf0cb9
c8e24310b0e306003276b69c77726f8c30d61ab75bc1cac841e36e999c43bb0f
ca65cb60995cf3a000e62d4b22a7d29de6906a3f06104b16e14d6fb9c637b599
cac3b60c321f2493e73a2573f9fd876b71a9ecc7569732086e55ab501771762c
d23cbff70dd4a68416bff0bb406a57ddfb40dbce28e2eb9baa9957d2a841c1a6
d73b9480d8d2debceaf26b4a3bff2b66f05b2f42075b84dda559de751d3fc16d
da3e97fc8b90051eab8a7670eb9a98cdfbc8fb0fa4e5d48d617c2247af2276c5
de0325a13ab6a280224d773212ff7d7e49cc8c7bb3a2adc54482dc27618516f1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62604c350cd9d4a810c70c4ec22e51fbd3fb3d0cca33290f111d99ab7204d63
e6aa86eba73af9f8e98be05ae70f377ec444d2275c797543416a93c0650dbeea
eb3f6afa144e39e11e94a9fa5453ce957e0973c12d217f961bdc503cddc8962c
ec10afae1ac9fdaecdf59e56b77e2c8fcc06832cc80610694ab0a7a17d1166f5
ed81053eb4b9f090fa93d5c381f581d684e4a539e9a7ee5680930883939bc1d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f147b5cf0f2cef04d78bea4e9f1def0825c5084e889343c5f31663869ceae0a6
f1682d58334ca25a50881401471ffa7902026f9b17d19bff01b0b5b0fd99113e
f55044f769a92c89267506ed1d1d32468a65844658e15e9748f77f70e94651e3
f740867eaa2dc873ffd28633c2c39d7173e00ffdd2a2b2125274794785aa2273
fb8c5444b8c06eb6279ff03817cc1393cba1c0f71c9d4adad1f99dff829e7259

nordvpn.com Open in urlscan Pro 104.19.159.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

97 %HTTPS

55 %IPv6

7 Domains

14 Subdomains

9 IPs

4 Countries

958 kBTransfer

2367 kBSize

24 Cookies

11 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nordvpn.com Open in urlscan Pro
104.19.159.190 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

97 %
HTTPS

55 %
IPv6

7
Domains

14
Subdomains

9
IPs

4
Countries

958 kB
Transfer

2367 kB
Size

24
Cookies

72 HTTP transactions
3 data transactions