nordvpn.com Open in urlscan Pro
104.17.49.74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://coolrom.com.au/
Effective URL:
https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822
Submission: On December 16 via manual (December 16th 2022, 9:35:46 am UTC) from US — Scanned from AU

Summary HTTP 140 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 30 IPs in 8 countries across 32 domains to perform 140 HTTP transactions. The main IP is 104.17.49.74, located in and belongs to CLOUDFLARENET, US. The main domain is nordvpn.com. The Cisco Umbrella rank of the primary domain is 18021.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 4th 2022. Valid for: a year.

This is the only time nordvpn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	172.66.43.149 172.66.43.149	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.194.95 172.217.194.95	15169 (GOOGLE) (GOOGLE)
5	142.250.4.97 142.250.4.97	15169 (GOOGLE) (GOOGLE)
7	142.250.4.155 142.250.4.155	15169 (GOOGLE) (GOOGLE)
3	151.101.1.91 151.101.1.91	54113 (FASTLY) (FASTLY)
1 1	99.81.126.252 99.81.126.252	16509 (AMAZON-02) (AMAZON-02)
1 18	104.17.49.74 104.17.49.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.33.90.60 13.33.90.60	16509 (AMAZON-02) (AMAZON-02)
7	104.22.55.232 104.22.55.232	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	216.239.34.178 216.239.34.178	15169 (GOOGLE) (GOOGLE)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1	103.231.98.193 103.231.98.193	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	104.84.162.5 104.84.162.5	16625 (AKAMAI-AS) (AKAMAI-AS)
1	216.130.169.24 216.130.169.24	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	23.44.27.86 23.44.27.86	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.75.85.227 23.75.85.227	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.195.152.23 23.195.152.23	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	104.254.151.60 104.254.151.60	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	52.220.48.165 52.220.48.165	16509 (AMAZON-02) (AMAZON-02)
1 1	8.2.108.175 8.2.108.175	46636 (NATCOWEB) (NATCOWEB)
1	104.84.173.189 104.84.173.189	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	182.161.73.146 182.161.73.146	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	74.125.24.154 74.125.24.154	15169 (GOOGLE) (GOOGLE)
2	74.125.24.155 74.125.24.155	15169 (GOOGLE) (GOOGLE)
1	142.251.12.155 142.251.12.155	15169 (GOOGLE) (GOOGLE)
3	142.251.10.132 142.251.10.132	15169 (GOOGLE) (GOOGLE)
28	104.17.167.30 104.17.167.30	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.194.157 172.217.194.157	15169 (GOOGLE) (GOOGLE)
4	172.217.194.94 172.217.194.94	15169 (GOOGLE) (GOOGLE)
1	172.217.194.156 172.217.194.156	15169 (GOOGLE) (GOOGLE)
3	142.250.4.103 142.250.4.103	15169 (GOOGLE) (GOOGLE)
1 2	142.251.12.149 142.251.12.149	15169 (GOOGLE) (GOOGLE)
1	23.12.23.226 23.12.23.226	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.33.90.128 13.33.90.128	16509 (AMAZON-02) (AMAZON-02)
5 7	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	142.251.10.155 142.251.10.155	15169 (GOOGLE) (GOOGLE)
2 2	52.74.13.196 52.74.13.196	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	103.231.98.194 103.231.98.194	() ()
1 1	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
140	30

10 172.66.43.149 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

coolrom.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.194.95 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f95.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.4.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.91 (United States)

ASN54113 (FASTLY, US)

spn-v1.revampcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.126.252 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-126-252.eu-west-1.compute.amazonaws.com

go.nordvpn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.17.49.74 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

visit.nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.90.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-90-60.sin2.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.22.55.232 (None, )

ASN13335 (CLOUDFLARENET, US)

c.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 216.239.34.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.231.98.193 (Japan)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.84.162.5 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-162-5.deploy.static.akamaitechnologies.com

www.aaxdetect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.130.169.24 (United States)

ASN27257 (WEBAIR-INTERNET, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.44.27.86 (Jakarta, Indonesia) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-27-86.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.75.85.227 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-85-227.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.195.152.23 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-152-23.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.254.151.60 (Los Angeles, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.220.48.165 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-48-165.ap-southeast-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.108.175 (United States) 1 redirects

ASN46636 (NATCOWEB, US)

us.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.84.173.189 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-173-189.deploy.static.akamaitechnologies.com

l3.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.146 (Singapore) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net

adservice.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net

227baa4aa4670b146b4c4468967cc729.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 104.17.167.30 (None, )

ASN13335 (CLOUDFLARENET, US)

s1.nordcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.4.103 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.12.149 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: se-in-f149.1e100.net

12123059.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.12.23.226 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-12-23-226.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.90.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-90-128.sin2.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 15.197.193.217 (United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.155 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sd-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.74.13.196 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.231.98.194 (None, ) 1 redirects

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.213.12.39 (Tokyo, Japan) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	nordcdn.com s1.nordcdn.com — Cisco Umbrella Rank: 205496	342 KB
18	nordvpn.com 1 redirects visit.nordvpn.com — Cisco Umbrella Rank: 656820 nordvpn.com — Cisco Umbrella Rank: 18021 cm.nordvpn.com — Cisco Umbrella Rank: 334168	67 KB
14	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	41 KB
14	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 12123059.fls.doubleclick.net — Cisco Umbrella Rank: 478721 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	196 KB
10	coolrom.com.au 1 redirects coolrom.com.au — Cisco Umbrella Rank: 206882	71 KB
9	adsrvr.org 5 redirects js.adsrvr.org — Cisco Umbrella Rank: 1410 insight.adsrvr.org — Cisco Umbrella Rank: 596 match.adsrvr.org — Cisco Umbrella Rank: 315	8 KB
8	aaxads.com c.aaxads.com — Cisco Umbrella Rank: 2941 l3.aaxads.com — Cisco Umbrella Rank: 4424	148 KB
7	rubiconproject.com 3 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 835 eus.rubiconproject.com — Cisco Umbrella Rank: 529 token.rubiconproject.com Failed pixel.rubiconproject.com — Cisco Umbrella Rank: 309	23 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	google.com.au adservice.google.com.au — Cisco Umbrella Rank: 67184 www.google.com.au — Cisco Umbrella Rank: 25340	2 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	295 KB
4	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 227baa4aa4670b146b4c4468967cc729.safeframe.googlesyndication.com tpc.googlesyndication.com Failed	20 KB
3	revampcdn.com spn-v1.revampcdn.com — Cisco Umbrella Rank: 93072	116 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 279	625 B
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	2 KB
2	media.net hbx.media.net — Cisco Umbrella Rank: 1208 contextual.media.net — Cisco Umbrella Rank: 540	11 KB
2	pubmatic.com 1 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 449 simage2.pubmatic.com	598 B
1	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 282	253 B
1	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 801	342 B
1	criteo.com 1 redirects dis.criteo.com — Cisco Umbrella Rank: 658	530 B
1	ck-ie.com 1 redirects us.ck-ie.com — Cisco Umbrella Rank: 4358	485 B
1	yieldmo.com 1 redirects ads.yieldmo.com — Cisco Umbrella Rank: 629	439 B
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1460	738 B
1	aaxdetect.com www.aaxdetect.com — Cisco Umbrella Rank: 6135	323 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 413	1 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1822	40 KB
1	nordvpn.net 1 redirects go.nordvpn.net — Cisco Umbrella Rank: 311304	2 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 304 fonts.googleapis.com Failed	31 KB
0	casalemedia.com Failed dsum-sec.casalemedia.com Failed
0	googletagservices.com Failed www.googletagservices.com Failed
0	clientgear.com Failed event.clientgear.com Failed
0	servenobid.com Failed ads.servenobid.com Failed
140	32

	Domain	Requested by
28	s1.nordcdn.com	nordvpn.com s1.nordcdn.com
14	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com nordvpn.com
12	cm.nordvpn.com	nordvpn.com www.googletagmanager.com www.google-analytics.com
10	coolrom.com.au	1 redirects coolrom.com.au
7	c.aaxads.com	spn-v1.revampcdn.com c.aaxads.com sync.adkernel.com
7	securepubads.g.doubleclick.net	coolrom.com.au securepubads.g.doubleclick.net www.datadoghq-browser-agent.com
5	match.adsrvr.org	4 redirects 12123059.fls.doubleclick.net
5	nordvpn.com	coolrom.com.au nordvpn.com s1.nordcdn.com
5	www.googletagmanager.com	coolrom.com.au nordvpn.com www.googletagmanager.com
4	www.google.com.au	nordvpn.com
4	eus.rubiconproject.com	c.aaxads.com hbx.media.net eus.rubiconproject.com
3	www.google.com	nordvpn.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	227baa4aa4670b146b4c4468967cc729.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	spn-v1.revampcdn.com	coolrom.com.au spn-v1.revampcdn.com
2	ups.analytics.yahoo.com	2 redirects
2	insight.adsrvr.org	1 redirects js.adsrvr.org
2	js.adsrvr.org	12123059.fls.doubleclick.net insight.adsrvr.org
2	12123059.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	adservice.google.com	securepubads.g.doubleclick.net 12123059.fls.doubleclick.net
2	ib.adnxs.com	2 redirects
2	secure-assets.rubiconproject.com	2 redirects
1	x.bidswitch.net	1 redirects
1	simage2.pubmatic.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	servedby.flashtalking.com	12123059.fls.doubleclick.net
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.datadoghq-browser-agent.com
1	adservice.google.com.au	securepubads.g.doubleclick.net
1	contextual.media.net	hbx.media.net
1	dis.criteo.com	1 redirects
1	l3.aaxads.com
1	us.ck-ie.com	1 redirects
1	ads.yieldmo.com	1 redirects
1	hbx.media.net	c.aaxads.com
1	sync.adkernel.com	c.aaxads.com
1	www.aaxdetect.com
1	hbopenbid.pubmatic.com	spn-v1.revampcdn.com
1	id5-sync.com	spn-v1.revampcdn.com
1	www.datadoghq-browser-agent.com	spn-v1.revampcdn.com
1	visit.nordvpn.com	1 redirects
1	go.nordvpn.net	1 redirects
1	ajax.googleapis.com	coolrom.com.au
0	dsum-sec.casalemedia.com Failed	js.adsrvr.org
0	fonts.googleapis.com Failed	227baa4aa4670b146b4c4468967cc729.safeframe.googlesyndication.com
0	www.googletagservices.com Failed	227baa4aa4670b146b4c4468967cc729.safeframe.googlesyndication.com
0	tpc.googlesyndication.com Failed	227baa4aa4670b146b4c4468967cc729.safeframe.googlesyndication.com securepubads.g.doubleclick.net
0	token.rubiconproject.com Failed	eus.rubiconproject.com
0	event.clientgear.com Failed	hbx.media.net
0	ads.servenobid.com Failed	spn-v1.revampcdn.com
140	51

This site contains links to these domains. Also see Links.

Domain
my.nordaccount.com
nordlayer.com
support.nordvpn.com
account.nordvpn.com
nordpass.com
nordlocker.com
youtu.be
twitter.com
go.onelink.me
nordsecurity.com
nordvpn.org
www.facebook.com
www.linkedin.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.revampcdn.com R3	`2022-12-04` - `2023-03-04`	3 months	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2023-02-18`	a year	crt.sh
aaxads.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-12`	a year	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.aaxdetect.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G2	`2021-12-30` - `2023-01-31`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.aaxads.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.google.com.au GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.nordcdn.com AlphaSSL CA - SHA256 - G2	`2022-02-21` - `2023-03-25`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-11` - `2023-11-12`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822
Frame ID: A392FDBE69401875EAB8BDFC34DAB539
Requests: 112 HTTP requests in this frame

Frame: https://c.aaxads.com/aacxs.php?flg=AAXXX4L07&fv=1&fy=37&ke=1&suylg=367%2C369%2C348%2C29%2C292%2C250%2C265%2C368%2C249%2C310%2C219%2C380%2C241%2C195%2C267%2C229%2C251%2C371%2C264%2C89%2C291%2C282%2C209%2C159%2C97%2C263%2C23%2C271%2C213%2C356%2C203%2C167%2C3004%2C206%2C272%2C231%2C353%2C361&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Frame ID: 7919FDA6190796ADEB2BDF803A625398
Requests: 4 HTTP requests in this frame

Frame: https://c.aaxads.com/aacxc.php?fv=1&yvlg=3141849361535525000V10&wbsh=nat&uhiXuo=&ylg=11833366993141849361535525000V10&ryvlg=A7889496589820330964
Frame ID: 627FA50F4090FC4F71F02D4826FE5A27
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aax
Frame ID: 269C6CC1A9FF64AF581177EC2DF9B30A
Requests: 3 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?&vsSync=1&cs=1&cid=AAXXX4L07&cmode=1&cv=35&prvid=29,97,109,251&gdpr=0&gdprconsent=0&usp_status=0&usp_consent=1&https=1
Frame ID: D5E7DA3C20672096BCFA220BADB7A036
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 4BE30F0865B3E64712B3CF9F7C280A4E
Requests: 3 HTTP requests in this frame

Frame: https://227baa4aa4670b146b4c4468967cc729.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1A673629DD9CA3397A53D31896306FE0
Requests: 1 HTTP requests in this frame

Frame: https://227baa4aa4670b146b4c4468967cc729.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 130B657C31A2E4633D2E7CB6FB714BC6
Requests: 4 HTTP requests in this frame

Frame: https://227baa4aa4670b146b4c4468967cc729.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 16A7C22324226337E7312BA04D64CA2D
Requests: 5 HTTP requests in this frame

Frame: https://12123059.fls.doubleclick.net/activityi;dc_pre=CNe6qovr_fsCFTgytwAd_-EG7A;src=12123059;type=retar0;cat=purea0;ord=3750041503936;gtm=2wgbu0;auiddc=1338258813.1671183339;~oref=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822
Frame ID: 055CF06EA1742427DE202DD460B7EEF5
Requests: 5 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=cyfpmts&ref=https%3A%2F%2Fnordvpn.com%2F&upid=d0g72j6&upv=1.1.0
Frame ID: 27D4E1ADE49E2CB3A47C81265C2B601C
Requests: 2 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=436d7212-36f6-4247-9692-cc9df2d97571&expiration=1673775346&gdpr=0&gdpr_consent=
Frame ID: 042E1B8E170156C8B3D8B12E99A6AEDE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The best online VPN service for speed and security | NordVPNNordVPN logo-68%-68%

Page URL History Show full URLs

https://coolrom.com.au/ Page URL
https://coolrom.com.au/offers/nordvpn.php?sid=CoolROM_Alert HTTP 302
https://go.nordvpn.net/aff_c?offer_id=30&aff_id=29822&aff_sub=CoolROM_Alert HTTP 302
https://visit.nordvpn.com/?offer_id=30&aff_id=29822&aff_transaction_id=102f97a4091c0ca0f13fcfde43bdf4&... HTTP 302
https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

140
Requests

87 %
HTTPS

0 %
IPv6

32
Domains

51
Subdomains

30
IPs

8
Countries

1525 kB
Transfer

4116 kB
Size

59
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://my.nordaccount.com/legal/cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://nordlayer.com/business-vpn/
Title: Business VPN

Search URL Search Domain Scan URL

URL: https://support.nordvpn.com/
Title: Help

Search URL Search Domain Scan URL

URL: https://account.nordvpn.com/oauth2/login
Title: Log in

Search URL Search Domain Scan URL

URL: https://nordpass.com/
Title: Password management

Search URL Search Domain Scan URL

URL: https://nordpass.com/business-password-manager/
Title: BusinessBusiness password solutions

Search URL Search Domain Scan URL

URL: https://nordlocker.com/
Title: Encryption with cloud storage

Search URL Search Domain Scan URL

URL: https://youtu.be/nVyuyXXwEws?t=114
Title: Watch on YouTube

Search URL Search Domain Scan URL

URL: https://youtu.be/TXLUafBNjnc?t=215
Title: Watch on YouTube

Search URL Search Domain Scan URL

URL: https://youtu.be/ev3GMJXKHSI?t=330
Title: Watch on YouTube

Search URL Search Domain Scan URL

URL: https://twitter.com/fsoonekindt/status/1478414021065859075
Title: Fabrice Soonekindt@fsoonekindtI never could've securely searched nor browsed the internet as an internaut nowadays on any of my devices the way it was meant to be: Browsing freely/ without data collection- and tracking from the start, without the help of my favourite virtual network @NordVPN Grateful for it!7:12 PM – 4 Jan 2022

Search URL Search Domain Scan URL

URL: https://twitter.com/CmDHoVeR/status/1485615200459968518
Title: Harsh@CmDHoVeR@NordVPN clearly has the BEST customer service Worldwide. You get conected to a support assistant faster than electricity. The team members are so qualified that a solution to the problem is reached even before it gets to your brains.4:07 PM – 24 Jan 2022

Search URL Search Domain Scan URL

URL: https://twitter.com/kanthalaraghu/status/1490442154334130177
Title: Kanthala Raghu@kanthalaraghuI recently started using Nord VPN was so impressed that i even bought 2 years subscription for it. Loving the service, thanks @NordVPN for helping keep internet safe and protecting privacy.11:47 PM – 6 Feb 2022

Search URL Search Domain Scan URL

URL: https://go.onelink.me/42qk/9g9tok8i

Search URL Search Domain Scan URL

URL: https://go.onelink.me/42qk/jobanbwl

Search URL Search Domain Scan URL

URL: https://nordsecurity.com/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://nordvpn.org/
Title: Social Responsibility

Search URL Search Domain Scan URL

URL: https://support.nordvpn.com/FAQ/NordVPN-setup-tutorials/
Title: Tutorials

Search URL Search Domain Scan URL

URL: https://support.nordvpn.com/FAQ/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://account.nordvpn.com/legal/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://account.nordvpn.com/legal/terms-of-service/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nordvpn/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/NordVPN/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/nord-vpn/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCSZhRxyloC-qzURiOa3vbFQ/
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nordvpn/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://nordsecurity.com/
Title: Nord Security

Search URL Search Domain Scan URL

URL: https://nordlayer.com/
Title: NordLayer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://coolrom.com.au/ Page URL
https://coolrom.com.au/offers/nordvpn.php?sid=CoolROM_Alert HTTP 302
https://go.nordvpn.net/aff_c?offer_id=30&aff_id=29822&aff_sub=CoolROM_Alert HTTP 302
https://visit.nordvpn.com/?offer_id=30&aff_id=29822&aff_transaction_id=102f97a4091c0ca0f13fcfde43bdf4&source=&aff_sub=CoolROM_Alert&url={url} HTTP 302
https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aax HTTP 301
https://eus.rubiconproject.com/usync.html?p=aax

Request Chain 30

https://ib.adnxs.com/getuid?https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3141849361535525000V10%26wbsh%3Dapx%26uhiXuo%3D%26ylg%3D11833366993141849361535525000V10%26ryvlg%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fc.aaxads.com%252Faacxc.php%253Ffv%253D1%2526yvlg%253D3141849361535525000V10%2526wbsh%253Dapx%2526uhiXuo%253D%2526ylg%253D11833366993141849361535525000V10%2526ryvlg%253D%2524UID HTTP 302
https://c.aaxads.com/aacxc.php?fv=1&yvlg=3141849361535525000V10&wbsh=apx&uhiXuo=&ylg=11833366993141849361535525000V10&ryvlg=5573947107601337309

Request Chain 31

https://ads.yieldmo.com/pbsync?is=aax&gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3141849361535525000V10%26wbsh%3Dyld%26uhiXuo%3D%26ylg%3D11833366993141849361535525000V10%26ryvlg%3D%24UID HTTP 302
https://c.aaxads.com/aacxc.php?fv=1&yvlg=3141849361535525000V10&wbsh=yld&uhiXuo=&ylg=11833366993141849361535525000V10&ryvlg=g74b08fe511eed7d1ff0&gdpr=&gdpr_consent=&us_privacy=

Request Chain 32

https://us.ck-ie.com/aax936.gif?gdpr={$GDPR}&gdpr_consent={$GDPRConsent}&us_privacy={$USPrivacy}&coppa={$COPPA}&redir={$REDIR} HTTP 302
https://c.aaxads.com/aacxc.php?fv=1&wbsh=smax&ryvlg=c4d75523f4043c5d429448afe2b1c942cfaa60d065820be0dcde39dcb477f77d

Request Chain 34

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
https://eus.rubiconproject.com/usync.html?p=medianet

Request Chain 35

https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=medianet&bsw_custom_parameter=cfdb8db9-703e-4fe2-b2e5-93d25aa8037d

Request Chain 36

https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=4689a0c6-9890-4e3f-a84f-3a7e5dde331a

Request Chain 119

https://12123059.fls.doubleclick.net/activityi;src=12123059;type=retar0;cat=purea0;ord=3750041503936;gtm=2wgbu0;auiddc=1338258813.1671183339;~oref=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822 HTTP 302
https://12123059.fls.doubleclick.net/activityi;dc_pre=CNe6qovr_fsCFTgytwAd_-EG7A;src=12123059;type=retar0;cat=purea0;ord=3750041503936;gtm=2wgbu0;auiddc=1338258813.1671183339;~oref=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822

Request Chain 138

https://insight.adsrvr.org/track/pxl/?adv=cyfpmts&ct=0:jf8p7o8&fmt=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NDM2ZDcyMTItMzZmNi00MjQ3LTk2OTItY2M5ZGYyZDk3NTcx&gdpr=0&gdpr_consent=&ttd_tdid=436d7212-36f6-4247-9692-cc9df2d97571 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=436d7212-36f6-4247-9692-cc9df2d97571&google_gid=CAESEBqMAFwRg46P7fupXopZc3E&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=436d7212-36f6-4247-9692-cc9df2d97571&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=436d7212-36f6-4247-9692-cc9df2d97571&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-HyXtN1tE2uLuAKYe6k2ABOjAM0S1UQ0-~A&gdpr=0&gdpr_consent= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=436d7212-36f6-4247-9692-cc9df2d97571&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=436d7212-36f6-4247-9692-cc9df2d97571&r=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dpubmatic HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic HTTP 302
https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=436d7212-36f6-4247-9692-cc9df2d97571&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch

140 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
coolrom.com.au/ 33 KB
11 KB 531ms
342ms Document
text/html 172.66.43.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coolrom.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.45
Resource Hash: dbb7d3cfa34ad462fa1f62e7b1c5717106b0e0ddc8205a836b935137597b1863

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
access-control-allow-methods: GET, POST, UPDATE, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77a66dffc8275ab0-MEL
content-encoding: br
content-type: text/html
date: Fri, 16 Dec 2022 09:35:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lfjw75yOJjjFzkPd7gKBZ7ieh281xa5pTgtUGEP1I%2BZERYCphbquvzWmqz8rzRe9PhREl4Uqia5Tu1nxnxjWLiuGRSrHkkpO%2BpF4Q971%2BSoSl6uM%2BiM3vy9c4p1fPFMEwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.4.45

GET
H2 200 style.css
coolrom.com.au/css/ 5 KB
2 KB 100ms
97ms Stylesheet
text/css 172.66.43.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coolrom.com.au/css/style.css
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9c88d196e9ff61e257364d7fe0bcb83f22efe74b2259758d333d22358cb2264

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 24 Jul 2022 01:16:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 92468
etag: W/"62dc9d50-140a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=roSa%2BStp%2F8Lwg%2Fiw85OcLrFIbVstu2VdjR6Sd3qD2Lj0j2PxbCzmjfEiffQv1NtJCwg3xpMdfqv88S3wnkBwIOBJ%2F0UkzihYuMzg7cNLJ%2BQMrVfn%2F0CkLGjrWQ2rMEhsDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=172800, no-transform
cf-ray: 77a66e021ccd5ab0-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 17 Dec 2022 01:32:02 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 657ms
218ms Script
text/javascript 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: coolrom.com.au
URL: https://coolrom.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f95.1e100.net

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 03:24:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 03:24:15 GMT

GET
H3 200 jquery-scrolltofixed-min.js Show response
coolrom.com.au/js/ 4 KB
2 KB 124ms
123ms Script
application/javascript 172.66.43.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coolrom.com.au/js/jquery-scrolltofixed-min.js
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d8116044518d0810f5ba5e77f6aa06b8805b2caf2d83bcb053455800ec7c12d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 13 Dec 2013 03:03:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 122969
etag: W/"52aa78e5-f65"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wo9EGyKHRcSfyaebR%2FbkSnowEqf4tWcP9kuuhQa7jKtRY9B1tNcsHY5385KRWFz6oWgfImZS0NHudVVW3IadVybUjl8HNsi%2BNBMWiRMjppURNwCFUSwKrlJ1FnPoOQA%2FqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=172800, no-transform
cf-ray: 77a66e036f7117ca-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 16 Dec 2022 16:59:22 GMT

GET
H2 200 dropmenu.min.js Show response
coolrom.com.au/js/ 5 KB
2 KB 102ms
101ms Script
application/javascript 172.66.43.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coolrom.com.au/js/dropmenu.min.js
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96043f2902775b9903b1880464403573442b2abcfae52de51771388149f84147

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 27 Jan 2019 19:51:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 157239
etag: W/"5c4e0ba7-15b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0m%2Bzl4SHPHwfU65NmiarLkNXhyDGI0RWntcE1Mno8UtmOyZuRDmgkes%2FHOBNen8bcWIbx9fDgLk%2B4lAlpk2SozuX%2BOvDAzWMzRLCc000qPlqE9ekSHi%2F2StPk9%2FONnEMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=172800, no-transform
cf-ray: 77a66e021cd15ab0-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 14 Dec 2022 17:22:29 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ 109 KB
43 KB 664ms
226ms Script
application/javascript 142.250.4.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-3213938-1

Requested by

Host: coolrom.com.au
URL: https://coolrom.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43588
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Dec 2022 09:35:35 GMT

GET
H2 200 gpt.js
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 662ms
218ms Script
text/javascript 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: coolrom.com.au
URL: https://coolrom.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27665
x-xss-protection: 0
server: sffe
etag: "1422 / 672 of 1000 / last-modified: 1670587582"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 16 Dec 2022 09:35:36 GMT

GET
H2 200 prebid-client.js
spn-v1.revampcdn.com/prebid/coolrom/ 230 KB
67 KB 278ms
91ms Script
application/javascript 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://spn-v1.revampcdn.com/prebid/coolrom/prebid-client.js
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-version: 1.920.0
date: Fri, 16 Dec 2022 09:35:35 GMT
content-encoding: br
x-envoy-decorator-operation: svc-revamp-api-cms.revamp-api-v2.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 149030
x-cache: HIT, HIT
x-envoy-upstream-service-time: 37
x-region: VIC
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 68261
x-request-id: cfa482bc-d7f7-4af2-be10-ebabc5cd2bce
x-served-by: cache-ams12767-AMS, cache-mel11247-MEL
server: istio-envoy
x-publisher-id: coolrom
x-timer: S1671183336.833766,VS0,VE0
etag: W/"a73e66c998711b7728ebe4b09241e40c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-country-code, x-region
cache-control: max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
accept-ranges: bytes
x-country-code: AU
x-cache-hits: 983, 2753

GET
H2 200 coolrom.js
spn-v1.revampcdn.com/publishers/ 213 KB
49 KB 276ms
89ms Script
application/javascript 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://spn-v1.revampcdn.com/publishers/coolrom.js?modern=1
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://coolrom.com.au/
Origin: https://coolrom.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-version: 1.930.0
date: Fri, 16 Dec 2022 09:35:35 GMT
content-encoding: br
x-envoy-decorator-operation: svc-revamp-api-cms.revamp-api-v2.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 90691
x-cache: HIT, HIT
x-envoy-upstream-service-time: 805
x-region: VIC
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 49533
x-request-id: 9cb1b6e5-722d-4a8d-95ab-b530dbf42ac7
x-served-by: cache-ams21023-AMS, cache-mel11232-MEL
server: istio-envoy
x-publisher-id: coolrom
x-timer: S1671183336.831803,VS0,VE0
etag: W/"6915958921702022db761f2cd2ada8b4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-country-code, x-region
cache-control: max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
accept-ranges: bytes
x-country-code: AU
x-cache-hits: 59, 2

GET
H3 200 logo_christmas.gif
coolrom.com.au/images/ 8 KB
8 KB 205ms
204ms Image
image/gif 172.66.43.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coolrom.com.au/images/logo_christmas.gif
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97271
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8087
last-modified: Wed, 22 Nov 2006 08:07:59 GMT
server: cloudflare
etag: "4564055f-1f97"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nlS3AQn1y6kfFgLuJaIujZZPpIleY7qwJKh6mNxpB0NZpHOOUvCBy4MssZGoVP4no22eBcext%2F2ZhB%2Fopg41mu01z1qyzSxG1%2FNRDEeOLUwH94KZt9raEuxwE7TNEmtBqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=172800, no-transform
accept-ranges: bytes
cf-ray: 77a66e07ce2b17ca-MEL
expires: Sat, 17 Dec 2022 06:02:14 GMT

GET
H3 200 Tekken%203.jpg
coolrom.com.au/screenshots/psx/ 13 KB
14 KB 205ms
204ms Image
image/jpeg 172.66.43.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coolrom.com.au/screenshots/psx/Tekken%203.jpg
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 110511
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13425
last-modified: Wed, 30 Jan 2019 19:45:01 GMT
server: cloudflare
etag: "5c51febd-3471"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRaExdV4FYPvKjKbqn8q7CvitfVrCn9u8SyQF5%2FAhvAU3quEXK1vVA%2BxgK24Yfswn30k8YkHlzkfYO7yJpdcBlUVwxV%2BdbYtAbYVzBwUlEJQg3EFTjAMeHpDp4gEOJLOaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=172800, no-transform
accept-ranges: bytes
cf-ray: 77a66e07ce2d17ca-MEL
expires: Fri, 16 Dec 2022 17:43:24 GMT

GET
H3 200 Crash%20Bandicoot.jpg
coolrom.com.au/screenshots/psx/ 16 KB
17 KB 113ms
112ms Image
image/jpeg 172.66.43.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coolrom.com.au/screenshots/psx/Crash%20Bandicoot.jpg
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 110511
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16609
last-modified: Wed, 30 Jan 2019 19:45:00 GMT
server: cloudflare
etag: "5c51febc-40e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojgkEP7c12xLt3vC8lFVjhQybWCiKdGqy5EaX%2F%2BIQREhMpbwKhYjweL2E5A7pJn18gAfVMN3gtT3gqjLllfco0zCbDK7xO%2B2W2aokllEd80EJh4HTaDoHSQNNG%2F27D3Z5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=172800, no-transform
accept-ranges: bytes
cf-ray: 77a66e07ce2f17ca-MEL
expires: Fri, 16 Dec 2022 17:43:24 GMT

GET
H3 200 Jackie%20Chan%20Stuntmaster.jpg
coolrom.com.au/screenshots/psx/ 12 KB
13 KB 293ms
292ms Image
image/jpeg 172.66.43.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coolrom.com.au/screenshots/psx/Jackie%20Chan%20Stuntmaster.jpg
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 110511
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12392
last-modified: Wed, 30 Jan 2019 19:44:57 GMT
server: cloudflare
etag: "5c51feb9-3068"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVdqSH8Fq2yyDBjze%2FMkWfrjOAV0k%2F3RNWvY4gqBsv5NY2jRmQdWszO8qBG3UnY2ImfIg6qKcYSlfZV78sZoCjI0EghMNHWK8X%2FopEvzZGyiecV%2BuNR8wsRioh4I4MkxXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=172800, no-transform
accept-ranges: bytes
cf-ray: 77a66e07ce3017ca-MEL
expires: Thu, 15 Dec 2022 15:49:28 GMT

GET
H3 200 yall.min.js Show response
coolrom.com.au/js/ 3 KB
2 KB 108ms
108ms Script
application/javascript 172.66.43.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coolrom.com.au/js/yall.min.js
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f55f07029a3fb464d3ef67a0e9cbfa5bba081d4e79506e2cd620e71fbc69faa6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 05 Jan 2019 00:35:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 157239
etag: W/"5c2ffbc4-cea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlwHQFllBS32OrHqekaDBc5CQXc%2FeW7nkT7KlQInvZg2NwRXWFBtsNYIZ3QlgjlYqFNMy04fN2%2BOFpjm%2B44H3ac%2Becjn5VJmPoQy%2BaPxpV8jy%2Bed64nB99n4%2ByhI9c9R1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=172800, no-transform
cf-ray: 77a66e02be6117ca-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 14 Dec 2022 16:57:53 GMT

GET
H2

200

Primary Request / Show response
nordvpn.com/
Redirect Chain

https://coolrom.com.au/offers/nordvpn.php?sid=CoolROM_Alert
https://go.nordvpn.net/aff_c?offer_id=30&aff_id=29822&aff_sub=CoolROM_Alert
https://visit.nordvpn.com/?offer_id=30&aff_id=29822&aff_transaction_id=102f97a4091c0ca0f13fcfde43bdf4&source=&aff_sub=CoolROM_Alert&url={url}
https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

329 KB
54 KB

541ms
535ms

Document
text/html

104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Requested by

Host: coolrom.com.au
URL: https://coolrom.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea9cfa9d38927268f81f16bd8ef3595707f5c6da9230e12ca5d91872d10c752f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://coolrom.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: public, max-age=1800
cf-cache-status: EXPIRED
cf-ray: 77a66e160dab5a9c-MEL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 16 Dec 2022 09:35:38 GMT
expires: Fri, 16 Dec 2022 10:05:38 GMT
last-modified: Fri, 16 Dec 2022 07:50:39 GMT
link: <https://nordvpn.com/>; rel=shortlink
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: MISS
x-frame-options: SAMEORIGIN
x-generator: front-au-web-2

Redirect headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 77a66e13c9585a9c-MEL
date: Fri, 16 Dec 2022 09:35:37 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
location: https://nordvpn.com?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET
H2 200 datadog-rum-v4.js
www.datadoghq-browser-agent.com/ 127 KB
40 KB 565ms
204ms Script
application/javascript 13.33.90.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by: Host: spn-v1.revampcdn.com
URL: https://spn-v1.revampcdn.com/publishers/coolrom.js?modern=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.90.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-90-60.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:35 GMT
content-encoding: br
via: 1.1 25ccb72e6feb2f32f12173080f83f590.cloudfront.net (CloudFront)
last-modified: Thu, 15 Dec 2022 09:55:03 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2
age: 2
etag: W/"ffc4627ad2b2865dc2d4d24f7ebad9f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: NEcVVl82-KOBheZJC9cVe2nVeiILLgSPR0U0CNdyZVtyICNVLTumig==

HEAD
H3 200 coolrom.js
spn-v1.revampcdn.com/publishers/ 0
0 176ms
87ms Fetch
application/javascript 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://spn-v1.revampcdn.com/publishers/coolrom.js?modern=1
Requested by: Host: spn-v1.revampcdn.com
URL: https://spn-v1.revampcdn.com/publishers/coolrom.js?modern=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-version: 1.930.0
date: Fri, 16 Dec 2022 09:35:36 GMT
content-encoding: br
x-envoy-decorator-operation: svc-revamp-api-cms.revamp-api-v2.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 90692
x-cache: HIT, HIT
x-envoy-upstream-service-time: 805
x-region: VIC
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 49533
x-request-id: 9cb1b6e5-722d-4a8d-95ab-b530dbf42ac7
x-served-by: cache-ams21023-AMS, cache-mel11264-MEL
server: istio-envoy
x-publisher-id: coolrom
x-timer: S1671183336.118046,VS0,VE0
etag: W/"6915958921702022db761f2cd2ada8b4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-country-code, x-region
cache-control: max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
accept-ranges: bytes
x-country-code: AU
x-cache-hits: 59, 2

GET
H2 200 aax.js
c.aaxads.com/ 485 KB
136 KB 287ms
104ms Script
text/javascript 104.22.55.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aax.js?pub=AAXXX4L07&hst=coolrom.com.au&ver=1.2

Requested by

Host: spn-v1.revampcdn.com
URL: https://spn-v1.revampcdn.com/publishers/coolrom.js?modern=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.55.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:36 GMT
strict-transport-security: max-age=604800
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 09:06:08 GMT
server: cloudflare
age: 1768
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 77a66e0b6f8617c7-MEL
expires: Fri, 16 Dec 2022 09:36:08 GMT

GET
H2 200 analytics.js
www.google-analytics.com/ 49 KB
20 KB 348ms
87ms Script
text/javascript 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3213938-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Dec 2022 08:16:00 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4776
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 16 Dec 2022 10:16:00 GMT

POST
H/1.1 200 691.json
id5-sync.com/g/v2/ 495 B
1 KB 1006ms
333ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/691.json

Requested by

Host: spn-v1.revampcdn.com
URL: https://spn-v1.revampcdn.com/prebid/coolrom/prebid-client.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://coolrom.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Dec 2022 09:35:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://coolrom.com.au
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

POST adreq
ads.servenobid.com/ 0
0

POST
H2 204 translator
hbopenbid.pubmatic.com/ 0
115 B 526ms
172ms XHR
text/plain 103.231.98.193
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: spn-v1.revampcdn.com
URL: https://spn-v1.revampcdn.com/prebid/coolrom/prebid-client.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://coolrom.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://coolrom.com.au
date: Fri, 16 Dec 2022 09:35:36 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H3 200 collect
www.google-analytics.com/j/ 1 B
21 B 349ms
171ms XHR
text/plain 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1094477948&t=pageview&_s=1&dl=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=CoolROM.com%20-%20Play%20Retro%20Games%20on%20Your%20Computer%20or%20Mobile%20Device&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1987115250&gjid=723883320&cid=1071673608.1671183336&tid=UA-3213938-1&_gid=1088864240.1671183336&_r=1&gtm=2oubu0&z=1356285895

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://coolrom.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:35:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://coolrom.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022120601.js
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 519ms
218ms Script
text/javascript 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82376
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132161
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 09:39:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Dec 2023 10:42:40 GMT

GET
H3 200 ppub_config
securepubads.g.doubleclick.net/pagead/ 386 B
179 B 667ms
223ms XHR
application/json 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=coolrom.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 154
x-xss-protection: 0
expires: Fri, 16 Dec 2022 09:35:37 GMT

GET
H2 200 aacxs.php
c.aaxads.com/ Frame 7919 26 KB
10 KB 125ms
123ms Document
text/html 104.22.55.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aacxs.php?flg=AAXXX4L07&fv=1&fy=37&ke=1&suylg=367%2C369%2C348%2C29%2C292%2C250%2C265%2C368%2C249%2C310%2C219%2C380%2C241%2C195%2C267%2C229%2C251%2C371%2C264%2C89%2C291%2C282%2C209%2C159%2C97%2C263%2C23%2C271%2C213%2C356%2C203%2C167%2C3004%2C206%2C272%2C231%2C353%2C361&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0

Requested by

Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAXXX4L07&hst=coolrom.com.au&ver=1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.55.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://coolrom.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=172800
cf-cache-status: DYNAMIC
cf-ray: 77a66e0dbb1917c7-MEL
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 16 Dec 2022 09:35:36 GMT
expires: Sun, 18 Dec 2022 09:35:36 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: cloudflare
strict-transport-security: max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 pxusr.gif
c.aaxads.com/ 43 B
195 B 96ms
94ms Image
image/gif 104.22.55.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/pxusr.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.55.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 16 Dec 2022 09:35:36 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
last-modified: Mon, 26 Feb 2018 13:29:58 GMT
server: cloudflare
age: 234530
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=1093640
accept-ranges: bytes
cf-ray: 77a66e0dbb1a17c7-MEL
content-length: 43
expires: Mon, 26 Dec 2022 08:14:06 GMT

GET
H/1.1 200
OK pxext.gif
www.aaxdetect.com/ 43 B
323 B 645ms
210ms Image
image/gif 104.84.162.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aaxdetect.com/pxext.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.162.5 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-162-5.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 09:35:37 GMT
Last-Modified: Mon, 26 Feb 2018 13:29:58 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=743161
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 25 Dec 2022 00:01:38 GMT

GET
H/1.1 200
OK user-sync
sync.adkernel.com/ Frame 627F 411 B
738 B 1200ms
365ms Document
text/html 216.130.169.24
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=64583&r=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3141849361535525000V10%26wbsh%3Dnat%26uhiXuo%3D%26ylg%3D11833366993141849361535525000V10%26ryvlg%3D%7BUID%7D
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXXX4L07&fv=1&fy=37&ke=1&suylg=367%2C369%2C348%2C29%2C292%2C250%2C265%2C368%2C249%2C310%2C219%2C380%2C241%2C195%2C267%2C229%2C251%2C371%2C264%2C89%2C291%2C282%2C209%2C159%2C97%2C263%2C23%2C271%2C213%2C356%2C203%2C167%2C3004%2C206%2C272%2C231%2C353%2C361&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.130.169.24 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://c.aaxads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: close
Content-Length: 411
Content-Type: text/html; charset=utf-8
Date: Fri, 16 Dec 2022 09:35:37 GMT
Pragma: no-cache
Server: nginx

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 269C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aax
https://eus.rubiconproject.com/usync.html?p=aax

281 B
554 B

630ms
201ms

Document
text/html

23.75.85.227
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=aax
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXXX4L07&fv=1&fy=37&ke=1&suylg=367%2C369%2C348%2C29%2C292%2C250%2C265%2C368%2C249%2C310%2C219%2C380%2C241%2C195%2C267%2C229%2C251%2C371%2C264%2C89%2C291%2C282%2C209%2C159%2C97%2C263%2C23%2C271%2C213%2C356%2C203%2C167%2C3004%2C206%2C272%2C231%2C353%2C361&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-85-227.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://c.aaxads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 16 Dec 2022 09:35:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 16 Dec 2022 09:35:37 GMT
location: https://eus.rubiconproject.com/usync.html?p=aax
server: AkamaiGHost

GET
H2 200 checksync.php
hbx.media.net/ Frame D5E7 27 KB
10 KB 581ms
229ms Document
text/html 23.195.152.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/checksync.php?&vsSync=1&cs=1&cid=AAXXX4L07&cmode=1&cv=35&prvid=29,97,109,251&gdpr=0&gdprconsent=0&usp_status=0&usp_consent=1&https=1

Requested by

Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXXX4L07&fv=1&fy=37&ke=1&suylg=367%2C369%2C348%2C29%2C292%2C250%2C265%2C368%2C249%2C310%2C219%2C380%2C241%2C195%2C267%2C229%2C251%2C371%2C264%2C89%2C291%2C282%2C209%2C159%2C97%2C263%2C23%2C271%2C213%2C356%2C203%2C167%2C3004%2C206%2C272%2C231%2C353%2C361&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.152.23 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-152-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer: https://c.aaxads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9717
content-type: text/html; charset=UTF-8
date: Fri, 16 Dec 2022 09:35:37 GMT
expires: Sun, 18 Dec 2022 09:35:37 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=86400 ; includeSubDomains max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2

200

aacxc.php
c.aaxads.com/ Frame 7919
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3141849361535525000V10%26wbsh%3Dapx%26uhiXuo%3D%26ylg%3D11833366993141849361535525000V10%26ryvlg%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fc.aaxads.com%252Faacxc.php%253Ffv%253D1%2526yvlg%253D3141849361535525000V10%2526wbsh%253Dapx%2526uhiXuo%253D%2526ylg%253D1183336699314184...
https://c.aaxads.com/aacxc.php?fv=1&yvlg=3141849361535525000V10&wbsh=apx&uhiXuo=&ylg=11833366993141849361535525000V10&ryvlg=5573947107601337309

69 B
220 B

105ms
105ms

Image
image/gif

104.22.55.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/aacxc.php?fv=1&yvlg=3141849361535525000V10&wbsh=apx&uhiXuo=&ylg=11833366993141849361535525000V10&ryvlg=5573947107601337309

Requested by

Protocol

Server

104.22.55.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://c.aaxads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:35:37 GMT
strict-transport-security: max-age=604800
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
cf-ray: 77a66e148e9b17c7-MEL
content-length: 69
x-mnet-hl2: E
expires: Fri, 16 Dec 2022 09:35:37 GMT

Redirect headers

Date: Fri, 16 Dec 2022 09:35:37 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 103.209.254.59; 103.209.254.59; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 34cf8309-303c-473a-a132-9bf15c183f11
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://c.aaxads.com/aacxc.php?fv=1&yvlg=3141849361535525000V10&wbsh=apx&uhiXuo=&ylg=11833366993141849361535525000V10&ryvlg=5573947107601337309
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

aacxc.php
c.aaxads.com/ Frame 7919
Redirect Chain

https://ads.yieldmo.com/pbsync?is=aax&gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3141849361535525000V10%26wbsh%3Dyld%26uhiXuo%3D%26ylg%3D11...
https://c.aaxads.com/aacxc.php?fv=1&yvlg=3141849361535525000V10&wbsh=yld&uhiXuo=&ylg=11833366993141849361535525000V10&ryvlg=g74b08fe511eed7d1ff0&gdpr=&gdpr_consent=&us_privacy=

69 B
369 B

123ms
123ms

Image
image/gif

104.22.55.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/aacxc.php?fv=1&yvlg=3141849361535525000V10&wbsh=yld&uhiXuo=&ylg=11833366993141849361535525000V10&ryvlg=g74b08fe511eed7d1ff0&gdpr=&gdpr_consent=&us_privacy=

Requested by

Protocol

Server

104.22.55.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://c.aaxads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:35:37 GMT
strict-transport-security: max-age=604800
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
cf-ray: 77a66e125ac617c7-MEL
content-length: 69
x-mnet-hl2: E
expires: Fri, 16 Dec 2022 09:35:37 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:35:37 GMT
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://c.aaxads.com/aacxc.php?fv=1&yvlg=3141849361535525000V10&wbsh=yld&uhiXuo=&ylg=11833366993141849361535525000V10&ryvlg=g74b08fe511eed7d1ff0&gdpr=&gdpr_consent=&us_privacy=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H2

200

aacxc.php
c.aaxads.com/ Frame 7919
Redirect Chain

https://us.ck-ie.com/aax936.gif?gdpr={$GDPR}&gdpr_consent={$GDPRConsent}&us_privacy={$USPrivacy}&coppa={$COPPA}&redir={$REDIR}
https://c.aaxads.com/aacxc.php?fv=1&wbsh=smax&ryvlg=c4d75523f4043c5d429448afe2b1c942cfaa60d065820be0dcde39dcb477f77d

69 B
251 B

104ms
104ms

Image
image/gif

104.22.55.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/aacxc.php?fv=1&wbsh=smax&ryvlg=c4d75523f4043c5d429448afe2b1c942cfaa60d065820be0dcde39dcb477f77d

Requested by

Protocol

Server

104.22.55.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://c.aaxads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:35:37 GMT
strict-transport-security: max-age=604800
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
cf-ray: 77a66e145e5c17c7-MEL
content-length: 69
x-mnet-hl2: E
expires: Fri, 16 Dec 2022 09:35:37 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Dec 2022 09:35:37 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://c.aaxads.com/aacxc.php?fv=1&wbsh=smax&ryvlg=c4d75523f4043c5d429448afe2b1c942cfaa60d065820be0dcde39dcb477f77d
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1 200
OK log
l3.aaxads.com/ 35 B
296 B 635ms
201ms Image
image/gif 104.84.173.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&wHos=693&dgw=desktop&flg=AAXXX4L07&fw=MELBOURNE&ff=AU&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=coolrom.com.au&vhuyqdph=ssp-serving-54794f6b58-bvt7k&vyu=121511_501_121410_471_ssp&vf=VIC&yhuvlrq=4&yk=1200&yz=1600&yvlg=3092549800428125000V10&ylg=00001671183336632020914407137053&vvsDeExfnhw=CONTROL&oz=1&gdss=green&lwbshlg=6&vg=5&dgeg=0&qsd=0&jgsu_hqi=1&fvha=0&jgivwu=NNN&jgsu=0&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&wfi_dsl=0&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=false&xvs_vwulqj=1YN-&xifd=12&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_gcp_w&deg=2&fdeg=0&gdeg=2&ghqg=692&fhqg=25&hqg=46&gvwduw=26&fvwduw=25&vwduw=26&uhtxuo=https%3A%2F%2Fcoolrom.com.au%2F&nzui=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.173.189 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-173-189.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Dec 2022 09:35:37 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Fri, 16 Dec 2022 09:35:37 GMT

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 4BE3
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
https://eus.rubiconproject.com/usync.html?p=medianet

281 B
554 B

613ms
209ms

Document
text/html

23.75.85.227
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=medianet
Requested by: Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?&vsSync=1&cs=1&cid=AAXXX4L07&cmode=1&cv=35&prvid=29,97,109,251&gdpr=0&gdprconsent=0&usp_status=0&usp_consent=1&https=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-85-227.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://hbx.media.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 16 Dec 2022 09:35:38 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 16 Dec 2022 09:35:37 GMT
location: https://eus.rubiconproject.com/usync.html?p=medianet
server: AkamaiGHost

GET

bidswitch
event.clientgear.com/cookie/ Frame D5E7
Redirect Chain

https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=medianet&bsw_custom_parameter=cfdb8db9-703e-4fe2-b2e5-93d25aa8037d

0
0

GET
H2

200

cksync.php
contextual.media.net/ Frame D5E7
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=4689a0c6-9890-4e3f-a84f-3a7e5dde331a

45 B
617 B

211ms
206ms

Image
image/gif

23.195.152.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=4689a0c6-9890-4e3f-a84f-3a7e5dde331a

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?&vsSync=1&cs=1&cid=AAXXX4L07&cmode=1&cv=35&prvid=29,97,109,251&gdpr=0&gdprconsent=0&usp_status=0&usp_consent=1&https=1

Protocol

Server

23.195.152.23 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-152-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://hbx.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 16 Dec 2022 09:35:37 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Fri, 16 Dec 2022 09:35:37 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:35:37 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=4689a0c6-9890-4e3f-a84f-3a7e5dde331a
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1842671
content-length: 0
expires: Fri, 16 Dec 2022 00:00:00 GMT

GET
H2 200 integrator.js
adservice.google.com.au/adsid/ 107 B
792 B 658ms
220ms Script
application/javascript 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=coolrom.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js
adservice.google.com/adsid/ 107 B
549 B 671ms
227ms Script
application/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=coolrom.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ 78 KB
0 886ms
885ms XHR
text/plain 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1879445867901619&correlator=1264320693251954&eid=31071094%2C31071256%2C31068367&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fifs&iu_parts=5302%3A22658400375%2CTD-desktop%2Ccoolrom%2Ccoolrom-en-defaultpage%2CATF_OOP_Interstitial&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ifi=1&adks=3462582785&didk=1799906797&sfv=1-0-40&ists=1&fas=8&prev_scp=pos%3Dtop%26countryCluster%3DA2%26td-slot%3Dgpt-interstitial%26type%3DOOP_Display_Interstitial%26hvi%3Dfalse&eri=1&cust_params=personalized%3D1%26ab_upr%3D4%26segments%3D%26medium%3Dorganic%26campaign%3D%26source%3Dnone%26medium_campaign%3Dorganic%26medium_source%3Dorganic-none&sc=1&cookie_enabled=1&abxe=1&dt=1671183337469&lmt=1671183337&dlt=1671183334667&idt=2762&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcoolrom.com.au%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1071673608.1671183336&ga_sid=1671183337&ga_hid=1094477948&ga_fc=true

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30083
x-xss-protection: 0
google-lineitem-id: 6064577988
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138398505018
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://coolrom.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ 24 KB
10 KB 261ms
260ms XHR
text/plain 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1879445867901619&correlator=840847672392343&eid=31071094%2C31071256%2C31068367&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fifs&iu_parts=5302%3A22658400375%2CTD-desktop%2Ccoolrom%2Ccoolrom-en-defaultpage%2CATF_OOP_SlideIn&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50&fluid=height&ifi=2&adks=271163039&didk=3269354892&sfv=1-0-40&prev_scp=pos%3Dtop%26countryCluster%3DA2%26td-slot%3Datf-oop-slidein%26type%3Dnative_slidein%26hvi%3Dfalse%26slb_trigger_onscroll%3Dfalse&eri=1&cust_params=personalized%3D1%26ab_upr%3D4%26segments%3D%26medium%3Dorganic%26campaign%3D%26source%3Dnone%26medium_campaign%3Dorganic%26medium_source%3Dorganic-none&sc=1&cookie_enabled=1&abxe=1&dt=1671183337474&lmt=1671183337&dlt=1671183334667&idt=2762&adxs=-460&adys=1120&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcoolrom.com.au%2F&frm=20&vis=1&psz=430x-1&msz=430x-1&fws=516&ohw=454&ga_vid=1071673608.1671183336&ga_sid=1671183337&ga_hid=1094477948&ga_fc=true

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10322
x-xss-protection: 0
google-lineitem-id: 5686429621
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138363502967
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://coolrom.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ 25 KB
10 KB 625ms
624ms XHR
text/plain 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1879445867901619&correlator=4050193113019301&eid=31071094%2C31071256%2C31068367&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fifs&iu_parts=5302%3A22658400375%2CTD-desktop%2Ccoolrom%2Ccoolrom-en-defaultpage%2CATF_Leaderboard_Sticky&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x100%7C500x90%7C468x60%7C468x90%7C728x90%7C750x100%7C970x90&ifi=3&adks=2245413831&didk=2753141582&sfv=1-0-40&prev_scp=pos%3Dtop%26countryCluster%3DA2%26td-slot%3Dcustom-stickylb%26type%3Dbottom_sticky_leaderboard%26hvi%3Dfalse&eri=1&cust_params=personalized%3D1%26ab_upr%3D4%26segments%3D%26medium%3Dorganic%26campaign%3D%26source%3Dnone%26medium_campaign%3Dorganic%26medium_source%3Dorganic-none&sc=1&cookie_enabled=1&abxe=1&dt=1671183337477&lmt=1671183337&dlt=1671183334667&idt=2762&adxs=316&adys=2430&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcoolrom.com.au%2F&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=512&ohw=0&ga_vid=1071673608.1671183336&ga_sid=1671183337&ga_hid=1094477948&ga_fc=true&cbidsp=ClQIARIMCgVub2JpZBDoByADEg8KCHB1Ym1hdGljEJIEIAIYASIkMTdiMmIzMTktYzg3Mi00Y2ZjLTk1ZTItNWQzMzQ2MjQzODU3KgQIAyAASgBA6Ac.

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10605
x-xss-protection: 0
google-lineitem-id: 5832280966
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138370796144
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://coolrom.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 662ms
225ms XHR
application/json 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120601&st=env

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11178
x-xss-protection: 0

GET
H2 200 container.html
227baa4aa4670b146b4c4468967cc729.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1A67 6 KB
3 KB 660ms
219ms Document
text/html 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://227baa4aa4670b146b4c4468967cc729.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coolrom.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 09:35:38 GMT
expires: Sat, 16 Dec 2023 09:35:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022120601.js
securepubads.g.doubleclick.net/gpt/ 37 KB
14 KB 216ms
215ms Script
text/javascript 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022120601.js?cb=31071256

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82952
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14018
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 09:39:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Dec 2023 10:33:05 GMT

GET
H2 200 container.html
227baa4aa4670b146b4c4468967cc729.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 130B 6 KB
3 KB 343ms
220ms Document
text/html 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://227baa4aa4670b146b4c4468967cc729.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coolrom.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 09:35:38 GMT
expires: Sat, 16 Dec 2023 09:35:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK usync.js
eus.rubiconproject.com/ Frame 269C 34 KB
10 KB 203ms
202ms Script
text/html 23.75.85.227
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aax
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-85-227.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=aax
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 09:35:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Dec 2022 20:16:30 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=38452
Connection: keep-alive
Content-Length: 10066
Expires: Fri, 16 Dec 2022 20:16:30 GMT

GET
H2 200 aacxc.php
c.aaxads.com/ Frame 627F 69 B
244 B 113ms
113ms Document
image/gif 104.22.55.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aacxc.php?fv=1&yvlg=3141849361535525000V10&wbsh=nat&uhiXuo=&ylg=11833366993141849361535525000V10&ryvlg=A7889496589820330964

Requested by

Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=64583&r=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3141849361535525000V10%26wbsh%3Dnat%26uhiXuo%3D%26ylg%3D11833366993141849361535525000V10%26ryvlg%3D%7BUID%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.55.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://sync.adkernel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 77a66e16599017c7-MEL
content-length: 69
content-type: image/gif
date: Fri, 16 Dec 2022 09:35:38 GMT
expires: Fri, 16 Dec 2022 09:35:37 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=604800
x-mnet-hl2: E

GET
H2 200 container.html
227baa4aa4670b146b4c4468967cc729.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 16A7 6 KB
3 KB 218ms
217ms Document
text/html 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://227baa4aa4670b146b4c4468967cc729.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coolrom.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 09:35:38 GMT
expires: Sat, 16 Dec 2023 09:35:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK usync.js
eus.rubiconproject.com/ Frame 4BE3 34 KB
10 KB 211ms
211ms Script
text/html 23.75.85.227
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-85-227.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 09:35:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Dec 2022 20:16:30 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=38452
Connection: keep-alive
Content-Length: 10066
Expires: Fri, 16 Dec 2022 20:16:30 GMT

GET khaos.jpg
token.rubiconproject.com/ Frame 269C 0
0

GET ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 130B 0
0

GET 13269334533242779079
tpc.googlesyndication.com/simgad/ Frame 130B 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 130B 0
0

GET sodar2.js
tpc.googlesyndication.com/sodar/ 0
0

GET ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 16A7 0
0

GET css
fonts.googleapis.com/ Frame 16A7 0
0

GET 12444116532471404824
tpc.googlesyndication.com/simgad/ Frame 16A7 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 16A7 0
0

GET khaos.jpg
token.rubiconproject.com/ Frame 4BE3 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
69 KB 522ms
220ms Script
application/javascript 142.250.4.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

ff5c0f311fbb2d268ea31dd76ca96f877d52a2376c6232030d28b7118ed8427d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 70335
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Dec 2022 09:35:38 GMT

GET
H2 200 ga-set-dimensions.min.js Show response
s1.nordcdn.com/nordvpn/3.887.6/js/ 4 KB
2 KB 407ms
208ms Script
application/javascript 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.887.6/js/ga-set-dimensions.min.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ad20dd36cacac4881b1c436c1371889716db9d3f4aa68ad75ae271338cd4c5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jul 2022 13:51:46 GMT
server: cloudflare
age: 2112
etag: W/"62cc2af2-fa1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66e1b3a4cfe91-MEL

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 287 KB
98 KB 699ms
398ms Script
application/javascript 142.250.4.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

0e1a2e6ebcc8ac89f647d5efbad9af5fddcb222f374e13049b384f15290a6e99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99718
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Dec 2022 09:35:38 GMT

GET
DATA 200
OK truncated
/ 240 B
240 B Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1f389a4a583504e955a630f2dc66ba3ef895fed89b6c6477f30fef9e09fd631

Request headers

Referer
Origin: https://nordvpn.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H2 200 en-woff2.css Show response
s1.nordcdn.com/nord/misc/0.53.0/common/fonts/ 158 KB
119 KB 288ms
102ms XHR
text/css 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nord/misc/0.53.0/common/fonts/en-woff2.css

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8727c71f4728b6602235e5955f077d24dfcf02ec17f6d7ad7754dd7cd6c04ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Sep 2022 08:49:27 GMT
server: cloudflare
age: 2110
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=16070400
cf-ray: 77a66e1aae153772-MEL
expires: Tue, 20 Jun 2023 09:35:38 GMT

GET
H2 200 base.css
s1.nordcdn.com/nordvpn/3.942.0/css/ 98 KB
18 KB 374ms
192ms Stylesheet
text/css 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.942.0/css/base.css

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1c0dca5a0594f0358c4aacbd4e5d9ece3717414892fc9bd496c95dbb6d6ea68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Dec 2022 14:11:45 GMT
server: cloudflare
age: 2112
etag: W/"63909f21-1899a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66e1aa9a4fe91-MEL

GET
H2 200 /
cm.nordvpn.com/ 0
35 B 355ms
349ms Image
text/plain 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/?id=3c62341a-fe31-41ed-acff-94ac44fdd5e1

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77a66e199cbe5a9c-MEL
content-length: 0

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 chevrons-right.svg
s1.nordcdn.com/nordvpn/media/1.1779.0/images/global/icons/16/ 178 B
246 B 387ms
207ms Image
image/svg+xml 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1779.0/images/global/icons/16/chevrons-right.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d48e49fc0a609fd2b9fb99587b6bd75dd2656b7fe316e0f3631f89d48a9e52f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 11:20:16 GMT
server: cloudflare
age: 13856
etag: W/"639b02f0-b2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66e1b3a49fe91-MEL

GET
H2 200 chevrons-left.svg
s1.nordcdn.com/nordvpn/media/1.1779.0/images/global/icons/16/ 183 B
217 B 387ms
207ms Image
image/svg+xml 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1779.0/images/global/icons/16/chevrons-left.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af3be6627918c04cf3707b1a4f91dae67554c4a6a14be9888cc6b8a45595b321

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 11:20:16 GMT
server: cloudflare
age: 13856
etag: W/"639b02f0-b7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66e1b3a4bfe91-MEL

GET
H2 200 bg-christmas-campaign-chimney-lg.webp
s1.nordcdn.com/nordvpn/media/1.1758.0/images/campaigns/christmas-campaign/ 61 KB
62 KB 270ms
99ms Image
image/webp 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1758.0/images/campaigns/christmas-campaign/bg-christmas-campaign-chimney-lg.webp

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c653e441ae1cfe405cd2c68b389bf7d6927b55409dfa1264bf56154b20f8e637

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Sat, 26 Nov 2022 13:29:17 GMT
server: cloudflare
age: 1339
etag: "638214ad-f55c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
accept-ranges: bytes
cf-ray: 77a66e1aa9aafe91-MEL
content-length: 62812

GET
H2 200 checkbox-tick.svg
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/icons/16/ 176 B
214 B 316ms
207ms Image
image/svg+xml 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/icons/16/checkbox-tick.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2ce5e9649172a30b614b52ab60c01d7620cab645526a13b8e391c2713dc3313

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 1611
etag: W/"638f59ef-b0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66e1b3a46fe91-MEL

GET
H2 200 success.svg
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/icons/16/ 209 B
228 B 336ms
227ms Image
image/svg+xml 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/icons/16/success.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f27c105f1c08f497757a1daf912c840c0f562a9448c78ae1272c8860c6146653

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 2112
etag: W/"638f59ef-d1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66e1b3a45fe91-MEL

GET
H2 200 wired-white.svg
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/ 3 KB
1 KB 299ms
191ms Image
image/svg+xml 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/wired-white.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0acc7761130881ec8bc4031fa28505d071d1c6c6f65fe1ea2490b4e5139db63d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 1340
etag: W/"638f59ef-a48"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66e1aa9b3fe91-MEL

GET
H2 200 huffpost-white.svg
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/ 2 KB
1 KB 300ms
191ms Image
image/svg+xml 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/huffpost-white.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f87f46055339523542d49302a1f7665e2e217654516f0681f963c375249f3107

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 1340
etag: W/"638f59ef-77c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66e1aa9adfe91-MEL

GET
H2 200 buzzfeed-white.svg
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/ 3 KB
2 KB 301ms
192ms Image
image/svg+xml 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/buzzfeed-white.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edc12bc907c10f796a3d4a2cfcf5715ccd6498f80322d22e94c67ed2731b9988

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 1340
etag: W/"638f59ef-d11"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66e1aa9a7fe91-MEL

GET
H2 200 forbes-white.svg
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/ 5 KB
2 KB 300ms
191ms Image
image/svg+xml 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/forbes-white.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

867285c239048863ae0da1e8ad72376c7494cdad435b2ca3f37a5dd38fa4fdaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 1340
etag: W/"638f59ef-123b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66e1aa9b4fe91-MEL

GET
H2 200 tedx-white.svg
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/ 586 B
450 B 301ms
192ms Image
image/svg+xml 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/tedx-white.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac14e2aa10fadd38fa180ceac3e55e5f2c849035b1fa5c021f0b98d1c6856fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 1340
etag: W/"638f59ef-24a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66e1aa9a8fe91-MEL

GET
H2 200 bbc-white.svg
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/ 1 KB
587 B 301ms
193ms Image
image/svg+xml 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/bbc-white.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

488f6c8d07cf99844634c770d5ceb7306403f42fad6132e34388c71b1d795cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 1340
etag: W/"638f59ef-477"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66e1aa9b6fe91-MEL

GET
H2 200 hero-gift-moon-christmas_thumb_blur.webp
s1.nordcdn.com/nordvpn/media/1.1752.0/images/campaigns/christmas-campaign/ 858 B
958 B 183ms
182ms Image
image/webp 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1752.0/images/campaigns/christmas-campaign/hero-gift-moon-christmas_thumb_blur.webp

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f04ee7b0722e25032ba99c6394208520439cb04115a421b6294d6d27235cf92c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 17:01:55 GMT
server: cloudflare
age: 1339
etag: "637baf03-35a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
accept-ranges: bytes
cf-ray: 77a66e1b3a50fe91-MEL
content-length: 858

GET
H2 200 unsupported-fallback.min.js Show response
s1.nordcdn.com/nordvpn/3.816.0/js/ 1 KB
650 B 202ms
201ms Script
application/javascript 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.816.0/js/unsupported-fallback.min.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38d18d8c6ab204062eedcb2980b6bfe059578f042c81bd0a17599853a5dd9cc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jan 2022 12:16:13 GMT
server: cloudflare
age: 2112
etag: W/"61e8010d-465"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66e1b3a51fe91-MEL

GET
H2 200 lazyload.min.js Show response
s1.nordcdn.com/nordvpn/3.683.0/js/ 10 KB
5 KB 203ms
202ms Script
application/javascript 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.683.0/js/lazyload.min.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61d2bf3aa4b939301a3046a5ec9aca05533dd7091342a36afe2b321886cd0c8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Mar 2021 14:28:00 GMT
server: cloudflare
age: 2112
etag: W/"605b4c70-29e0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66e1b3a53fe91-MEL

GET
H2 200 countdown.min.js Show response
s1.nordcdn.com/nordvpn/3.863.0/js/ 12 KB
4 KB 183ms
182ms Script
application/javascript 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.863.0/js/countdown.min.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a62ae4c89743dc201c7f1bbf696700979e3aa721960ec38ac7bb87e9873f965c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 May 2022 16:14:24 GMT
server: cloudflare
age: 2112
etag: W/"62866ce0-309a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66e1b3a55fe91-MEL

GET
H2 200 status-bar.min.js Show response
s1.nordcdn.com/nordvpn/3.906.1/js/ 11 KB
3 KB 202ms
202ms Script
application/javascript 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.906.1/js/status-bar.min.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87194192f69885b261d6b17e2d47ed02b53699ca07a5b2665a5a16af163a43dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 07:49:36 GMT
server: cloudflare
age: 2111
etag: W/"63048690-2af9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66e1b3a59fe91-MEL

GET
H2 200 experiments-fallback.min.js Show response
s1.nordcdn.com/nordvpn/3.837.0/js/ 4 KB
2 KB 202ms
202ms Script
application/javascript 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.837.0/js/experiments-fallback.min.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba8d3bc86cfeb01c383756c7e9ce1047457199493d27da9508fb12456dcb3360

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 Mar 2022 08:28:33 GMT
server: cloudflare
age: 2112
etag: W/"62383731-eb5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66e1b3a5cfe91-MEL

GET
H2 200 jquery.min.js Show response
s1.nordcdn.com/jquery/1.12.4/ 95 KB
34 KB 292ms
208ms Script
application/javascript 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/jquery/1.12.4/jquery.min.js?ver=1.11.3

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Mar 2018 12:23:25 GMT
server: cloudflare
age: 2112
etag: W/"5abb893d-17b8b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66e1b3a47fe91-MEL

GET
H2 200 scripts.min.js Show response
nordvpn.com/wp-content/plugins/cookie-consent-plugin/public/1619784219/ 572 B
470 B 104ms
104ms Script
application/javascript 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/wp-content/plugins/cookie-consent-plugin/public/1619784219/scripts.min.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da530a104b6893598eb6e371298797593b69711fee880fb839ed0a813cdfb526

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:21:42 GMT
server: cloudflare
age: 6536
etag: W/"608bf656-23c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-generator: front-au-web-1
cache-control: public, max-age=2678400
cf-ray: 77a66e1a2dc15a9c-MEL
expires: Mon, 16 Jan 2023 09:35:38 GMT

GET
H2 200 compiled.min.js Show response
nordvpn.com/wp-content/plugins/popups-plugin/dist/ 30 KB
10 KB 111ms
110ms Script
application/javascript 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/wp-content/plugins/popups-plugin/dist/compiled.min.js?ver=3.7.1

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d4ebe6d5ef019f6c751f2445c28d8b0a27510ecf0d949aec8857af1fbe9cbd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Oct 2022 06:43:17 GMT
server: cloudflare
age: 651
etag: W/"6358d705-7907"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-generator: front-au-web-1
cache-control: public, max-age=2678400
cf-ray: 77a66e1a3dc65a9c-MEL
expires: Mon, 16 Jan 2023 09:35:38 GMT

GET
H2 200 base.min.js Show response
s1.nordcdn.com/nordvpn/3.942.0/js/ 183 KB
47 KB 183ms
183ms Script
application/javascript 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.942.0/js/base.min.js?ver=1.0.0

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43392d85def22d0195575d75fa1e538e7669c70a20736ffd49db162a36362c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Dec 2022 14:11:45 GMT
server: cloudflare
age: 2112
etag: W/"63909f21-2dcfa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66e1b3a4efe91-MEL

GET
DATA 200
OK truncated
/ 39 KB
39 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b371c18f48e2a0fcde36d514967fc00f4373eb78473fea3d61da38626bbcc09e

Request headers

Referer
Origin: https://nordvpn.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 40 KB
40 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09781b5bb4f268166f145ba7ec217e639631ac75bc952de5e6293cf14327925c

Request headers

Referer
Origin: https://nordvpn.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 40 KB
40 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b8ffbee1e4f7d9ae71e33629c1d60288ad2e600ddccfe28acc7c4b0a94a14dbd

Request headers

Referer
Origin: https://nordvpn.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
H2 200 chevrons-right.svg Show response
s1.nordcdn.com/nordvpn/media/1.1779.0/images/global/icons/16/ 178 B
218 B 98ms
97ms Fetch
image/svg+xml 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1779.0/images/global/icons/16/chevrons-right.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.942.0/js/base.min.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d48e49fc0a609fd2b9fb99587b6bd75dd2656b7fe316e0f3631f89d48a9e52f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 11:20:16 GMT
server: cloudflare
age: 11624
etag: W/"639b02f0-b2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66e1d6aa13772-MEL

GET
H2 200 chevrons-left.svg Show response
s1.nordcdn.com/nordvpn/media/1.1779.0/images/global/icons/16/ 183 B
307 B 95ms
94ms Fetch
image/svg+xml 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1779.0/images/global/icons/16/chevrons-left.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.942.0/js/base.min.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af3be6627918c04cf3707b1a4f91dae67554c4a6a14be9888cc6b8a45595b321

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 11:20:16 GMT
server: cloudflare
age: 11624
etag: W/"639b02f0-b7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66e1d6aa33772-MEL

GET
H2 200 checkbox-tick.svg Show response
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/icons/16/ 176 B
237 B 96ms
95ms Fetch
image/svg+xml 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/icons/16/checkbox-tick.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.942.0/js/base.min.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2ce5e9649172a30b614b52ab60c01d7620cab645526a13b8e391c2713dc3313

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 1612
etag: W/"638f59ef-b0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66e1d6aa63772-MEL

GET
H2 200 success.svg Show response
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/icons/16/ 209 B
232 B 96ms
96ms Fetch
image/svg+xml 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/icons/16/success.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.942.0/js/base.min.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f27c105f1c08f497757a1daf912c840c0f562a9448c78ae1272c8860c6146653

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 1214
etag: W/"638f59ef-d1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66e1d6aa93772-MEL

GET
H2 200 admin-ajax.php Show response
nordvpn.com/wp-admin/ 169 B
369 B 223ms
222ms XHR
application/json 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/wp-admin/admin-ajax.php?resolution=1600&currentUrl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&action=pop_get_relative_popup

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/jquery/1.12.4/jquery.min.js?ver=1.11.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b375ccb5b3e41f34931c4a693a75793d387d279bcbad18d42cbbbb1f3066fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822
X-Requested-With: XMLHttpRequest
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/json; charset=UTF-8
x-generator: front-au-web-2
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
cf-ray: 77a66e1d8c2a5a9c-MEL
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 admin-ajax.php Show response
nordvpn.com/wp-admin/ 320 B
292 B 217ms
217ms XHR
application/json 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/wp-admin/admin-ajax.php?action=get_user_info_data

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.906.1/js/status-bar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71379895e38c46bc06e25cd442bfc0ba71dbcb8c3d44daa360485517659d4495

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/json; charset=UTF-8
x-generator: front-au-web-1
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
cf-ray: 77a66e1d9c555a9c-MEL
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 threat-protection-screenshot-man-phone.webp
s1.nordcdn.com/nordvpn/media/1.1761.0/images/homepage/ui-illustrations/de/ 18 KB
18 KB 105ms
104ms Image
image/webp 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1761.0/images/homepage/ui-illustrations/de/threat-protection-screenshot-man-phone.webp

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8600c55ec86fce2330eb58c66dcc2d7c6798cc474ef964e79c027d93e3fcddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 16:39:37 GMT
server: cloudflare
age: 28712
etag: "638635c9-484a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
accept-ranges: bytes
cf-ray: 77a66e1dad18fe91-MEL
content-length: 18506

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 223ms
222ms Script
application/javascript 142.250.4.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-42858496-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

37dda800992bb0dfc92ac6cf53e5a21c9dd0996e206e2f2e622dfb157490191d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43650
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Dec 2022 09:35:39 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 312ms
312ms Script
application/javascript 142.250.4.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-42858496-52&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

a237124a295196c1d31d18c5eb00095cb1dfa53623745fbe35f4bf3078bc2935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43665
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Dec 2022 09:35:39 GMT

GET
H2 200 safe-connecion-laptop-man-auto-connent.webp
s1.nordcdn.com/nordvpn/media/1.1761.0/images/homepage/ui-illustrations/de/ 18 KB
19 KB 100ms
100ms Image
image/webp 104.17.167.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1761.0/images/homepage/ui-illustrations/de/safe-connecion-laptop-man-auto-connent.webp

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.167.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d049fbd7122bbfdd759053f1f53f28a1e6fb96f1495d643aa064f1fb8edc0268

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 16:39:37 GMT
server: cloudflare
age: 28710
etag: "638635c9-49b2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
accept-ranges: bytes
cf-ray: 77a66e1e9e1ffe91-MEL
content-length: 18866

POST
H2 200 collect
cm.nordvpn.com/g/ 0
41 B 372ms
371ms Ping
text/plain 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.nordvpn.com/g/collect?v=2&tid=G-LEXMJ1N516&gtm=2oebu0&_p=237588016&_gaz=1&cid=1221978014.1671183339&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&cu=USD&sid=1671183339&sct=1&seg=0&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&en=status_bar_loaded&_fv=1&_nsi=1&_ss=2&_ee=1&ep.page_lang=EN&ep.countdown=active&epn.countdown_remaining=34763028&ep.consent_status=ignored&ep.status=unprotected&ep.product=nordvpn

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:35:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77a66e1efee55a9c-MEL
content-length: 0

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
335 B 645ms
215ms Ping
text/plain 172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LEXMJ1N516&cid=1221978014.1671183339&gtm=2oebu0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: si-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:35:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nordvpn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
501 B 671ms
231ms Image
image/gif 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LEXMJ1N516&cid=1221978014.1671183339&gtm=2oebu0&aip=1&z=2033924991

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:35:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/950534254/ 2 KB
2 KB 676ms
231ms Script
text/javascript 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950534254/?random=1671183339420&cv=11&fst=1671183339420&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&ref=https%3A%2F%2Fcoolrom.com.au%2F&tiba=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&auid=1338258813.1671183339&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

cafe /

Resource Hash

a143f262e3bb9738a041cbe4863304f1d50efa004227b9189cca82964d83eed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:35:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 978
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 87ms
87ms Script
text/javascript 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-42858496-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Dec 2022 08:46:19 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2960
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 16 Dec 2022 10:46:19 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 174ms
174ms XHR
text/plain 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=237588016&t=pageview&_s=1&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=910811431&gjid=2101121317&cid=1221978014.1671183339&tid=UA-42858496-1&_gid=1389142222.1671183340&_r=1&gtm=2oubu0&cd7=77a66e16224c5a9c-MEL&cd8=1671183338&cd40=active&z=1393278253

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nordvpn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:35:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nordvpn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
cm.nordvpn.com/j/ 35 B
238 B 385ms
384ms XHR
image/gif 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.nordvpn.com/j/collect?v=1&_v=j98&a=237588016&t=pageview&_s=1&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YKDACUABBAAAACAAMI~&jid=1639296480&gjid=1214634025&cid=3c62341a-fe31-41ed-acff-94ac44fdd5e1&tid=UA-42858496-52&_gid=925606473.1671183340&_fplc=0&_r=1&gtm=2oubu0&cd7=77a66e16224c5a9c-MEL&cd8=1671183338&z=749238104

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:35:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
access-control-allow-origin: https://nordvpn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 77a66e21ec1a5a9c-MEL
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 86ms
86ms Image
image/gif 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=237588016&t=event&ni=0&_s=1&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Countdown&el=Initiated&ev=34763&_u=YCDACUABBAAAACAAI~&jid=&gjid=&cid=1221978014.1671183339&tid=UA-42858496-1&_gid=1389142222.1671183340&gtm=2oubu0&cd7=77a66e16224c5a9c-MEL&cd8=1671183338&cd40=active&cd46=Active&z=414364212

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 03:45:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21000
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 87ms
87ms Image
image/gif 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=237588016&t=event&ni=1&_s=2&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Status%20Bar%20%2F%20Unprotected&el=Loaded&ev=0&_u=YCDACUABBAAAACAAI~&jid=&gjid=&cid=1221978014.1671183339&tid=UA-42858496-1&_gid=1389142222.1671183340&gtm=2oubu0&cd7=77a66e16224c5a9c-MEL&cd8=1671183338&cd40=active&cd46=Active&z=767996515

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 03:45:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21000
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
cm.nordvpn.com/ 35 B
89 B 831ms
830ms Image
image/gif 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?v=1&_v=j98&a=237588016&t=event&ni=0&_s=1&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Countdown&el=Initiated&ev=34763&_u=YKDACUABBAAAACAAMI~&jid=&gjid=&cid=3c62341a-fe31-41ed-acff-94ac44fdd5e1&tid=UA-42858496-52&_gid=925606473.1671183340&_fplc=0&gtm=2oubu0&cd7=77a66e16224c5a9c-MEL&cd8=1671183338&cd40=Active&cd46=Active&z=1162563771

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:35:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 77a66e21fc345a9c-MEL
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 collect
cm.nordvpn.com/ 35 B
169 B 362ms
362ms Image
image/gif 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?v=1&_v=j98&a=237588016&t=event&ni=1&_s=2&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Status%20Bar%20%2F%20Unprotected&el=Loaded&ev=0&_u=YKDACUABBAAAACAAMI~&jid=&gjid=&cid=3c62341a-fe31-41ed-acff-94ac44fdd5e1&tid=UA-42858496-52&_gid=925606473.1671183340&_fplc=0&gtm=2oubu0&cd7=77a66e16224c5a9c-MEL&cd8=1671183338&cd40=Active&cd46=Active&z=1802571734

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:35:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 77a66e21fc3a5a9c-MEL
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
155 B 216ms
215ms XHR
text/plain 172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-42858496-1&cid=1221978014.1671183339&jid=910811431&gjid=2101121317&_gid=1389142222.1671183340&_u=YADAAUAAAAAAACAAI~&z=1001015009

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nordvpn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 16 Dec 2022 09:35:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nordvpn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/950534254/ 42 B
154 B 663ms
225ms Image
image/gif 142.250.4.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/950534254/?random=1671183339420&cv=11&fst=1671181200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&ref=https%3A%2F%2Fcoolrom.com.au%2F&tiba=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&fmt=3&is_vtc=1&random=3756396520&rmt_tld=0&ipr=y

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f103.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:35:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.au/pagead/1p-user-list/950534254/ 42 B
154 B 527ms
226ms Image
image/gif 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/950534254/?random=1671183339420&cv=11&fst=1671181200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&ref=https%3A%2F%2Fcoolrom.com.au%2F&tiba=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&fmt=3&is_vtc=1&random=3756396520&rmt_tld=1&ipr=y

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:35:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 596ms
224ms Image
image/gif 142.250.4.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-42858496-1&cid=1221978014.1671183339&jid=910811431&_u=YADAAUAAAAAAACAAI~&z=751678932

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f103.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:35:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
107 B 523ms
223ms Image
image/gif 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-42858496-1&cid=1221978014.1671183339&jid=910811431&_u=YADAAUAAAAAAACAAI~&z=751678932

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:35:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 87ms
86ms Script
text/javascript 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:14:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1287
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 16 Dec 2022 10:14:13 GMT

GET
H2

200

activityi;dc_pre=CNe6qovr_fsCFTgytwAd_-EG7A;src=12123059;type=retar0;cat=purea0;ord=3750041503936;gtm=2wgbu0;auiddc=1338258813.1671183339;~oref=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate... Show response
12123059.fls.doubleclick.net/ Frame 055C
Redirect Chain

https://12123059.fls.doubleclick.net/activityi;src=12123059;type=retar0;cat=purea0;ord=3750041503936;gtm=2wgbu0;auiddc=1338258813.1671183339;~oref=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffili...
https://12123059.fls.doubleclick.net/activityi;dc_pre=CNe6qovr_fsCFTgytwAd_-EG7A;src=12123059;type=retar0;cat=purea0;ord=3750041503936;gtm=2wgbu0;auiddc=1338258813.1671183339;~oref=https%3A%2F%2Fno...

1 KB
710 B

531ms
230ms

Document
text/html

142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12123059.fls.doubleclick.net/activityi;dc_pre=CNe6qovr_fsCFTgytwAd_-EG7A;src=12123059;type=retar0;cat=purea0;ord=3750041503936;gtm=2wgbu0;auiddc=1338258813.1671183339;~oref=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f149.1e100.net

Software

cafe /

Resource Hash

9611c058eee5d2ffe628545098fb3853c1485597ef89213635aaeea406b11591

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nordvpn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 601
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 09:35:41 GMT
expires: Fri, 16 Dec 2022 09:35:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 09:35:41 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12123059.fls.doubleclick.net/activityi;dc_pre=CNe6qovr_fsCFTgytwAd_-EG7A;src=12123059;type=retar0;cat=purea0;ord=3750041503936;gtm=2wgbu0;auiddc=1338258813.1671183339;~oref=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
74 B 518ms
214ms XHR
text/plain 172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-42858496-1&cid=1221978014.1671183339&jid=1233495980&gjid=813025709&_gid=1389142222.1671183340&_u=aKDAiUAjBAAAAGAEOI~&z=1016219786

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nordvpn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 16 Dec 2022 09:35:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nordvpn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 88ms
87ms Image
image/gif 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=237588016&t=event&ni=1&_s=1&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Load%20time&ea=Loaded&el=%2Fen%2Fhome-lazyload-2-2%2F%20-%20fromDL&ev=2332&_u=aKDAiUAjBAAAACAEOI~&jid=1233495980&gjid=813025709&cid=1221978014.1671183339&uid=&tid=UA-42858496-1&_gid=1389142222.1671183340&gtm=2wgbu0WX5CH8&cd10=&cd20=1671183340768.14dyt4za&cd21=2022-12-16T09%3A35%3A40.768%2B00%3A00&cd22=&cd24=&cd25=&cd26=&cd27=&cd28=&cd29=&cd30=&cd32=&cd48=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwOC4wLjUzNTkuMTI0IFNhZmFyaS81MzcuMzYyMDAzMDEwN1dpbjMyODMxMjAwMTYwMA%3D%3D&cd19=1221978014.1671183339&z=944044244

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 03:45:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21001
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 89ms
86ms Image
image/gif 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=237588016&t=event&ni=1&_s=3&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Currency&ea=Loaded&el=USD&_u=aKDACUAjBAAAAGAEOI~&jid=&gjid=&cid=1221978014.1671183339&tid=UA-42858496-1&_gid=1389142222.1671183340&gtm=2oubu0&cd7=77a66e16224c5a9c-MEL&cd8=1671183338&cd40=active&cd46=Active&z=1996707493

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 03:45:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21001
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
cm.nordvpn.com/ 35 B
112 B 366ms
362ms Image
image/gif 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?v=1&_v=j98&a=237588016&t=event&ni=1&_s=3&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Currency&ea=Loaded&el=USD&_u=aKDACUAjBAAAAGAEOI~&jid=&gjid=&cid=3c62341a-fe31-41ed-acff-94ac44fdd5e1&tid=UA-42858496-52&_gid=925606473.1671183340&_fplc=0&gtm=2oubu0&cd7=77a66e16224c5a9c-MEL&cd8=1671183338&cd40=Active&cd46=Active&z=674122252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:35:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 77a66e28ca575a9c-MEL
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 91ms
89ms Image
image/gif 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=237588016&t=event&ni=1&_s=4&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Cookie%20Consent&ea=Loaded&ev=0&_u=aKDACUAjBAAAAGAEOI~&jid=&gjid=&cid=1221978014.1671183339&tid=UA-42858496-1&_gid=1389142222.1671183340&gtm=2oubu0&cd7=77a66e16224c5a9c-MEL&cd8=1671183338&cd40=active&cd46=Active&z=491289960

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 03:45:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21001
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
cm.nordvpn.com/ 35 B
89 B 368ms
365ms Image
image/gif 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?v=1&_v=j98&a=237588016&t=event&ni=1&_s=4&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Cookie%20Consent&ea=Loaded&ev=0&_u=aKDACUAjBAAAAGAEOI~&jid=&gjid=&cid=3c62341a-fe31-41ed-acff-94ac44fdd5e1&tid=UA-42858496-52&_gid=925606473.1671183340&_fplc=0&gtm=2oubu0&cd7=77a66e16224c5a9c-MEL&cd8=1671183338&cd40=Active&cd46=Active&z=385826866

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:35:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 77a66e28ca5a5a9c-MEL
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 94ms
92ms Image
image/gif 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=237588016&t=event&ni=1&_s=5&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Scroll&el=01%20-%20HeroLeftV4&ev=0&_u=aKDACUAjBAAAAGAEOI~&jid=&gjid=&cid=1221978014.1671183339&tid=UA-42858496-1&_gid=1389142222.1671183340&gtm=2oubu0&cd7=77a66e16224c5a9c-MEL&cd8=1671183338&cd40=active&cd46=Active&z=849300055

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 03:45:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21001
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
cm.nordvpn.com/ 35 B
89 B 376ms
373ms Image
image/gif 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?v=1&_v=j98&a=237588016&t=event&ni=1&_s=5&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Scroll&el=01%20-%20HeroLeftV4&ev=0&_u=aKDACUAjBAAAAGAEOI~&jid=&gjid=&cid=3c62341a-fe31-41ed-acff-94ac44fdd5e1&tid=UA-42858496-52&_gid=925606473.1671183340&_fplc=0&gtm=2oubu0&cd7=77a66e16224c5a9c-MEL&cd8=1671183338&cd40=Active&cd46=Active&z=1167355963

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:35:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 77a66e28ca5b5a9c-MEL
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 94ms
92ms Image
image/gif 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=237588016&t=event&ni=1&_s=6&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Scroll&el=00%20-%20Header&ev=0&_u=aKDACUAjBAAAAGAEOI~&jid=&gjid=&cid=1221978014.1671183339&tid=UA-42858496-1&_gid=1389142222.1671183340&gtm=2oubu0&cd7=77a66e16224c5a9c-MEL&cd8=1671183338&cd40=active&cd46=Active&z=1589716905

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 03:45:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21001
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
cm.nordvpn.com/ 35 B
89 B 383ms
381ms Image
image/gif 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?v=1&_v=j98&a=237588016&t=event&ni=1&_s=6&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Scroll&el=00%20-%20Header&ev=0&_u=aKDACUAjBAAAAGAEOI~&jid=&gjid=&cid=3c62341a-fe31-41ed-acff-94ac44fdd5e1&tid=UA-42858496-52&_gid=925606473.1671183340&_fplc=0&gtm=2oubu0&cd7=77a66e16224c5a9c-MEL&cd8=1671183338&cd40=Active&cd46=Active&z=265020988

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:35:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 77a66e28ca5c5a9c-MEL
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 94ms
92ms Image
image/gif 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=237588016&t=event&ni=1&_s=7&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Cookie%20Consent&ea=Cookie%20Consent&el=Loaded&ev=0&_u=aKDACUAjBAAAAGAEOI~&jid=&gjid=&cid=1221978014.1671183339&tid=UA-42858496-1&_gid=1389142222.1671183340&gtm=2oubu0&cd7=77a66e16224c5a9c-MEL&cd8=1671183338&cd40=active&cd46=Active&z=1731011823

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 03:45:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21001
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
cm.nordvpn.com/ 35 B
89 B 371ms
369ms Image
image/gif 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?v=1&_v=j98&a=237588016&t=event&ni=1&_s=7&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Cookie%20Consent&ea=Cookie%20Consent&el=Loaded&ev=0&_u=aKDACUAjBAAAAGAEOI~&jid=&gjid=&cid=3c62341a-fe31-41ed-acff-94ac44fdd5e1&tid=UA-42858496-52&_gid=925606473.1671183340&_fplc=0&gtm=2oubu0&cd7=77a66e16224c5a9c-MEL&cd8=1671183338&cd40=Active&cd46=Active&z=1705627439

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:35:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 77a66e28ca5d5a9c-MEL
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 94ms
93ms Image
image/gif 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=237588016&t=event&ni=0&_s=8&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Countdown&el=Activated.10&ev=0&_u=aKDACUAjBAAAAGAEOI~&jid=&gjid=&cid=1221978014.1671183339&tid=UA-42858496-1&_gid=1389142222.1671183340&gtm=2oubu0&cd7=77a66e16224c5a9c-MEL&cd8=1671183338&cd40=Active&cd46=Active&z=1959664577

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 03:45:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21001
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
cm.nordvpn.com/ 35 B
89 B 369ms
367ms Image
image/gif 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?v=1&_v=j98&a=237588016&t=event&ni=0&_s=8&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Countdown&el=Activated.10&ev=0&_u=aKDACUAjBAAAAGAEOI~&jid=&gjid=&cid=3c62341a-fe31-41ed-acff-94ac44fdd5e1&tid=UA-42858496-52&_gid=925606473.1671183340&_fplc=0&gtm=2oubu0&cd7=77a66e16224c5a9c-MEL&cd8=1671183338&cd40=Active&cd46=Active&z=1162925403

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:35:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 77a66e28ca5e5a9c-MEL
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 524ms
222ms Image
image/gif 142.250.4.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-42858496-1&cid=1221978014.1671183339&jid=1233495980&_u=aKDAiUAjBAAAAGAEOI~&z=580213597

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f103.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:35:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com.au/ads/ 42 B
63 B 225ms
225ms Image
image/gif 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-42858496-1&cid=1221978014.1671183339&jid=1233495980&_u=aKDAiUAjBAAAAGAEOI~&z=580213597

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:35:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
servedby.flashtalking.com/spot/1/26275;132023;14586/ Frame 055C 42 B
342 B 748ms
308ms Image
image/gif 23.12.23.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://servedby.flashtalking.com/spot/1/26275;132023;14586/?spotName=Retargeting_Event_Snippet&cachebuster=1369902175

Requested by

Host: 12123059.fls.doubleclick.net
URL: https://12123059.fls.doubleclick.net/activityi;dc_pre=CNe6qovr_fsCFTgytwAd_-EG7A;src=12123059;type=retar0;cat=purea0;ord=3750041503936;gtm=2wgbu0;auiddc=1338258813.1671183339;~oref=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822?

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.12.23.226 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-12-23-226.deploy.static.akamaitechnologies.com

Software

prod-xre-app4.syd11 /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://12123059.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Dec 2022 09:35:42 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app4.syd11
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 42
Expires: Fri, 16 Dec 2022 09:35:42 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame 055C 4 KB
2 KB 539ms
174ms Script
application/x-javascript 13.33.90.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: 12123059.fls.doubleclick.net
URL: https://12123059.fls.doubleclick.net/activityi;dc_pre=CNe6qovr_fsCFTgytwAd_-EG7A;src=12123059;type=retar0;cat=purea0;ord=3750041503936;gtm=2wgbu0;auiddc=1338258813.1671183339;~oref=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.90.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-90-128.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://12123059.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 15 Dec 2022 17:23:45 GMT
Content-Encoding: gzip
Via: 1.1 cccd1c02ebcc6a46e3ee52075ec059e8.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SIN2-P2
Age: 59252
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: An_WtNU3vwQ0JlG_n8C5UKQVS_nPmOPFtX7KB34nkNMwrKXQwUr_7A==

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 055C
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=cyfpmts&ct=0:jf8p7o8&fmt=3
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NDM2ZDcyMTItMzZmNi00MjQ3LTk2OTItY2M5ZGYyZDk3NTcx&gdpr=0&gdpr_consent=&ttd_tdid=436d7212-36f6-4247-9692-cc9df...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=436d7212-36f6-4247-9692-cc9df2d97571&google_gid=CAESEBqMAFwRg46P7fupXopZc3E&google_cver=1
https://ups.analytics.yahoo.com/ups/55953/sync?uid=436d7212-36f6-4247-9692-cc9df2d97571&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=436d7212-36f6-4247-9692-cc9df2d97571&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-HyXtN1tE2uLuAKYe6k2ABOjAM0S1UQ0-~A&gdpr=0&gdpr_consent=
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=436d7212-36f6-4247-9692-cc9df2d97571&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=436d7212-36f6-4247-9692-cc9df2d97571&r=https%3A%2F%2Fmatch.adsrvr.org%2...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=436d7212-36f6-4247-9692-cc9df2d97571&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch

70 B
602 B

99ms
99ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Requested by: Host: 12123059.fls.doubleclick.net
URL: https://12123059.fls.doubleclick.net/activityi;dc_pre=CNe6qovr_fsCFTgytwAd_-EG7A;src=12123059;type=retar0;cat=purea0;ord=3750041503936;gtm=2wgbu0;auiddc=1338258813.1671183339;~oref=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822?
Protocol: H2
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://12123059.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 16 Dec 2022 09:35:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Date: Fri, 16 Dec 2022 09:35:45 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 dc_pre=CNe6qovr_fsCFTgytwAd_-EG7A;src=12123059;type=retar0;cat=purea0;ord=3750041503936;gtm=2wgbu0;auiddc=*;~oref=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCo...
adservice.google.com/ddm/fls/z/ Frame 055C 42 B
262 B 531ms
229ms Image
image/gif 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNe6qovr_fsCFTgytwAd_-EG7A;src=12123059;type=retar0;cat=purea0;ord=3750041503936;gtm=2wgbu0;auiddc=*;~oref=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://12123059.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:35:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
cm.nordvpn.com/g/ 0
145 B 408ms
407ms Ping
text/plain 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.nordvpn.com/g/collect?v=2&tid=G-LEXMJ1N516&gtm=2oebu0&_p=237588016&cid=1221978014.1671183339&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1671183339&sct=1&seg=0&dl=https%3A%2F%2Fnordvpn.com%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&dt=The%20best%20online%20VPN%20service%20for%20speed%20and%20security%20%7C%20NordVPN&_s=2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 16 Dec 2022 09:35:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77a66e4769645a9c-MEL
content-length: 0

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 27D4 545 B
1 KB 102ms
101ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=cyfpmts&ref=https%3A%2F%2Fnordvpn.com%2F&upid=d0g72j6&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 34baf4d3eaf7d523d52fa5f01a13e11ea6ab901b4994474614c64e3c4ff510ca

Request headers

Referer: https://12123059.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Fri, 16 Dec 2022 09:35:46 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 27D4 487 B
986 B 171ms
170ms Script
application/x-javascript 13.33.90.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=cyfpmts&ref=https%3A%2F%2Fnordvpn.com%2F&upid=d0g72j6&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.90.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-90-128.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 15 Dec 2022 19:46:20 GMT
Via: 1.1 cccd1c02ebcc6a46e3ee52075ec059e8.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SIN2-P2
Age: 51179
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: Nc2YIUBmlXjhJA5FQlA7P-Jti0IvRuXGx2kR0Fkr9WsoxWedH0UfSw==

GET rum
dsum-sec.casalemedia.com/ Frame 042E 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ads.servenobid.com
URL: https://ads.servenobid.com/adreq?cb=7756

Domain: event.clientgear.com
URL: https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=medianet&bsw_custom_parameter=cfdb8db9-703e-4fe2-b2e5-93d25aa8037d

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/khaos.jpg?

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/simgad/13269334533242779079?

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&lang=en

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/simgad/12444116532471404824?

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/khaos.jpg?

Domain: dsum-sec.casalemedia.com
URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=436d7212-36f6-4247-9692-cc9df2d97571&expiration=1673775346&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

59 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.coolrom.com.au/	1970-01-20 08:56:15	Name: lang Value: en
.coolrom.com.au/	1970-01-20 08:17:22	Name: alert Value: 1
coolrom.com.au/	1970-01-20 08:56:15	Name: _pbjs_userid_consent_data Value: 3524755945110770
.coolrom.com.au/	1970-01-20 17:49:03	Name: _ga Value: GA1.3.1071673608.1671183336
.coolrom.com.au/	1970-01-20 08:14:29	Name: _gid Value: GA1.3.1088864240.1671183336
.coolrom.com.au/	1970-01-20 08:13:03	Name: _gat_gtag_UA_3213938_1 Value: 1
coolrom.com.au/	1969-12-31 23:59:59	Name: aasd Value: 5%7C1671183336526
.aaxads.com/	1970-01-20 16:58:39	Name: aax-vsid Value: 3141849361535525000V10
.id5-sync.com/	1970-01-20 10:22:39	Name: id5 Value: 462671d3-62b7-73ab-9fd2-adc087a5e940#1671183337012#1
coolrom.com.au/	1969-12-31 23:59:59	Name: __aaxsc Value: 2
.yieldmo.com/	1970-01-20 16:58:39	Name: yieldmo_id Value: g74b08fe511eed7d1ff0%7C1671183337202%7C0%7C
.media.net/	1970-01-20 16:58:39	Name: visitor-id Value: 3141849371535515000V10
go.nordvpn.net/	1970-01-20 09:10:39	Name: enc_aff_session_30 Value: ENC03cc55ba7f4e698c66e55d84cfe4ef7fc1d79c638a78df55b3d21916b42c5ed497f9d37cec84b0c58825354086e6ed5343e284dd445269fbfbb2a531b9b3fcf691106b3039efa5810df8c7e182588d68a91f411e3b53e3d1c5e585c7eb6f0c4ffe4da786afb55ad807a5096bbe8331a4eee591400f391531e8a68f964b8eb910d6853c1032dca76bc7157bda485938453a485eae5b027b669cdf07ccc26df1e2471cf67e7d
go.nordvpn.net/	1970-01-20 17:49:03	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDgiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEwOC4wLjUzNTkuMTI0IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1BVSxlbjtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
.adnxs.com/	1970-01-20 10:22:39	Name: uuid2 Value: 5573947107601337309
.aaxads.com/	1970-01-20 16:58:39	Name: 353AAX Value: g74b08fe511eed7d1ff0~~1
.us.ck-ie.com/	1970-01-20 08:23:08	Name: CID Value: 43f2d7d6312d98aab257e91e92ddf6c394f7c89c
.aaxads.com/	1970-01-20 16:58:39	Name: 380AAX Value: c4d75523f4043c5d429448afe2b1c942cfaa60d065820be0dcde39dcb477f77d~~1
coolrom.com.au/	1970-01-20 08:13:04	Name: _dd_s Value: rum=0&expire=1671184236726
.aaxads.com/	1970-01-20 10:21:12	Name: 023AAX Value: 5573947107601337309~~1
.criteo.com/	1970-01-20 17:34:39	Name: uid Value: 4689a0c6-9890-4e3f-a84f-3a7e5dde331a
.nordvpn.com/	1970-01-20 08:56:15	Name: aff_id Value: 29822
.nordvpn.com/	1970-01-20 08:56:15	Name: aff_transaction_id Value: 102f97a4091c0ca0f13fcfde43bdf4
.nordvpn.com/	1970-01-20 08:56:15	Name: nordvpn_aff_id Value: 29822
.nordvpn.com/	1970-01-20 08:56:15	Name: nordvpn_aff_transaction_id Value: 102f97a4091c0ca0f13fcfde43bdf4
.nordvpn.com/	1970-01-20 08:13:05	Name: __cf_bm Value: bKNSekRPK2tNlUbXC1cvPW8knGfvuDodZksKwwzS1ow-1671183337-0-AalFOjceIhiC9UKDSVAkyAaFS3847vHNfgwwoXPV5AtOJoHGkBfrfUgpIFbdopucyxwSSDTZBPSbTACPXE/6oTQ=
.adkernel.com/	1970-01-20 08:56:15	Name: ADKUID Value: A7889496589820330964
.bidswitch.net/	1970-01-20 16:58:39	Name: tuuid Value: cfdb8db9-703e-4fe2-b2e5-93d25aa8037d
.bidswitch.net/	1970-01-20 16:58:39	Name: c Value: 1671183337
.aaxads.com/	1970-01-20 16:58:39	Name: 167AAX Value: A7889496589820330964~~1
.media.net/	1970-01-20 08:56:15	Name: data-c Value: 4689a0c6-9890-4e3f-a84f-3a7e5dde331a~~1
.media.net/	1970-01-20 08:56:15	Name: data-c-ts Value: 1671183337
.coolrom.com.au/	1970-01-20 17:34:39	Name: __gads Value: ID=6f2456a7be057333:T=1671183337:S=ALNI_MYuQZyO1UzJcOrxt0KlvlMVAwkC7g
.coolrom.com.au/	1970-01-20 17:34:39	Name: __gpi Value: UID=00000b915a8b792d:T=1671183337:RT=1671183337:S=ALNI_MZ5OwYPINbig66cYniHZyWsnqQAmA
.bidswitch.net/	1970-01-20 16:58:39	Name: tuuid_lu Value: 1671183338
.nordvpn.com/	1970-01-20 16:58:39	Name: locale Value: en
.nordvpn.com/	1970-01-20 17:49:03	Name: nord_countdown Value: 1671218102339
.nordvpn.com/	1970-01-20 17:49:03	Name: nord_countdown_iteration Value: 10
.nordvpn.com/	1970-01-20 17:49:03	Name: nord_countdown_seen Value: 1
.nordvpn.com/	1970-01-20 12:35:08	Name: FirstSession Value: source%3Daff29822%26campaign%3Doff30%26medium%3Daffiliate%26term%3D%26content%3DCoolROM_Alert%26hostname%3Dnordvpn.com%26date%3D20221216%26query%3Dnull
.nordvpn.com/	1970-01-20 12:35:08	Name: CurrentSession Value: source%3Daff29822%26campaign%3Doff30%26medium%3Daffiliate%26term%3D%26content%3DCoolROM_Alert%26hostname%3Dnordvpn.com%26date%3D20221216%26query%3Dnull
.nordvpn.com/	1970-01-20 08:23:08	Name: font-css-en Value: true
.nordvpn.com/	1970-01-20 10:22:39	Name: _gcl_au Value: 1.1.1338258813.1671183339
.nordvpn.com/	1970-01-20 17:49:03	Name: _ga Value: GA1.2.1221978014.1671183339
.nordvpn.com/	1970-01-20 08:14:29	Name: _gid Value: GA1.2.1389142222.1671183340
.nordvpn.com/	1970-01-20 08:13:03	Name: _gat_gtag_UA_42858496_1 Value: 1
.nordvpn.com/	1970-01-20 17:49:03	Name: nextbid Value: GA1.2.3c62341a-fe31-41ed-acff-94ac44fdd5e1
.nordvpn.com/	1970-01-20 08:14:29	Name: nextbid_gid Value: GA1.2.925606473.1671183340
.nordvpn.com/	1970-01-20 08:13:03	Name: _gat_gtag_UA_42858496_52 Value: 1
.doubleclick.net/	1970-01-20 17:49:03	Name: IDE Value: AHWqTUlpGaGABjx_jei_j1Xf1KKgTVqwMvvZCq0hPxLlkBxq31fYlC-QF6c2RxR2
.nordvpn.com/	1970-01-20 10:22:39	Name: FPAU Value: 1.1.1338258813.1671183339
.nordvpn.com/	1970-01-20 17:49:03	Name: _ga_LEXMJ1N516 Value: GS1.1.1671183339.1.1.1671183340.59.0.0
.nordvpn.com/	1970-01-20 08:13:03	Name: _dc_gtm_UA-42858496-1 Value: 1
.adsrvr.org/	1970-01-20 16:58:39	Name: TDID Value: 436d7212-36f6-4247-9692-cc9df2d97571
.yahoo.com/	1970-01-20 16:59:00	Name: A3 Value: d=AQABBO87nGMCEBawId90vD__o1BW0joTiMMFEgEBAQGNnWOmYwAAAAAA_eMAAA&S=AQAAAlFzTCbQysnMCQiXS7vfr5w
.analytics.yahoo.com/	1970-01-20 16:58:39	Name: IDSYNC Value: 1769~28vl
.rubiconproject.com/	1970-01-20 16:58:39	Name: khaos Value: LBQBEXEJ-K-BZNB
.rubiconproject.com/	1970-01-20 16:58:39	Name: audit Value: 1\|razUqMCQx0M50TR37ev9UYr+YNp8OugmaQyCpK7JkdJNDY5C4h7Krzf6ynIWtc6SC9oS7E7n8haM1KxoLazIt9i2Wk5FrGos0XY24Ec+XLsGZxhOFLq92TzKEt4xK9RkafY77kR2Typ9b/xUIF7Iwm/GdX8YWjpcOpWvBGztqNVbOz6AjJtUa8ZnH3r7x5VAdeodiyl5GGjkt77VmXBK7kiCfUmSYXqD+ohH/uuQN8oOr/S07bYDcYQkZmofZQkSVSwKu1RXSJT0/fhu8/pkBO4VeIulq+4M1TRwmTZWV3Xc6UO785F0Pw==
.adsrvr.org/	1970-01-20 16:58:39	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsI2Ivm8t3UrzsQBRIZCgpyaWdodG1lZGlhEgsI2Ivm8t3UrzsQBRIWCgdydWJpY29uEgsI6tGy-t3UrzsQBRIXCghwdWJtYXRpYxILCPzqnYLe1K87EAUYBSADKAEyCwjk5rKY9NSvOxAFQg8iDQgBEgkKBXRpZXIyEAFaB2N5ZnBtdHNgAXIIcHVibWF0aWM.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12123059.fls.doubleclick.net
227baa4aa4670b146b4c4468967cc729.safeframe.googlesyndication.com
ads.servenobid.com
ads.yieldmo.com
adservice.google.com
adservice.google.com.au
ajax.googleapis.com
c.aaxads.com
cm.g.doubleclick.net
cm.nordvpn.com
contextual.media.net
coolrom.com.au
dis.criteo.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
event.clientgear.com
fonts.googleapis.com
go.nordvpn.net
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
hbx.media.net
ib.adnxs.com
id5-sync.com
insight.adsrvr.org
js.adsrvr.org
l3.aaxads.com
match.adsrvr.org
nordvpn.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
s1.nordcdn.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
simage2.pubmatic.com
spn-v1.revampcdn.com
stats.g.doubleclick.net
sync.adkernel.com
token.rubiconproject.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us.ck-ie.com
visit.nordvpn.com
www.aaxdetect.com
www.datadoghq-browser-agent.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ads.servenobid.com
dsum-sec.casalemedia.com
event.clientgear.com
fonts.googleapis.com
token.rubiconproject.com
tpc.googlesyndication.com
www.googletagservices.com
103.231.98.193
103.231.98.194
104.17.167.30
104.17.49.74
104.22.55.232
104.254.151.60
104.84.162.5
104.84.173.189
13.33.90.128
13.33.90.60
142.250.4.103
142.250.4.155
142.250.4.97
142.251.10.132
142.251.10.155
142.251.12.149
142.251.12.155
15.197.193.217
151.101.1.91
162.19.138.120
172.217.194.156
172.217.194.157
172.217.194.94
172.217.194.95
172.66.43.149
182.161.73.146
216.130.169.24
216.239.34.178
23.12.23.226
23.195.152.23
23.44.27.86
23.75.85.227
35.213.12.39
52.220.48.165
52.74.13.196
69.173.158.64
74.125.24.154
74.125.24.155
8.2.108.175
99.81.126.252
09781b5bb4f268166f145ba7ec217e639631ac75bc952de5e6293cf14327925c
0ac14e2aa10fadd38fa180ceac3e55e5f2c849035b1fa5c021f0b98d1c6856fd
0acc7761130881ec8bc4031fa28505d071d1c6c6f65fe1ea2490b4e5139db63d
0e1a2e6ebcc8ac89f647d5efbad9af5fddcb222f374e13049b384f15290a6e99
1b375ccb5b3e41f34931c4a693a75793d387d279bcbad18d42cbbbb1f3066fad
2d4ebe6d5ef019f6c751f2445c28d8b0a27510ecf0d949aec8857af1fbe9cbd6
34baf4d3eaf7d523d52fa5f01a13e11ea6ab901b4994474614c64e3c4ff510ca
37dda800992bb0dfc92ac6cf53e5a21c9dd0996e206e2f2e622dfb157490191d
38d18d8c6ab204062eedcb2980b6bfe059578f042c81bd0a17599853a5dd9cc4
43392d85def22d0195575d75fa1e538e7669c70a20736ffd49db162a36362c40
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
488f6c8d07cf99844634c770d5ceb7306403f42fad6132e34388c71b1d795cc7
61d2bf3aa4b939301a3046a5ec9aca05533dd7091342a36afe2b321886cd0c8a
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6d8116044518d0810f5ba5e77f6aa06b8805b2caf2d83bcb053455800ec7c12d
71379895e38c46bc06e25cd442bfc0ba71dbcb8c3d44daa360485517659d4495
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
7ad20dd36cacac4881b1c436c1371889716db9d3f4aa68ad75ae271338cd4c5d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
867285c239048863ae0da1e8ad72376c7494cdad435b2ca3f37a5dd38fa4fdaf
87194192f69885b261d6b17e2d47ed02b53699ca07a5b2665a5a16af163a43dc
8727c71f4728b6602235e5955f077d24dfcf02ec17f6d7ad7754dd7cd6c04ad3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
96043f2902775b9903b1880464403573442b2abcfae52de51771388149f84147
9611c058eee5d2ffe628545098fb3853c1485597ef89213635aaeea406b11591
a143f262e3bb9738a041cbe4863304f1d50efa004227b9189cca82964d83eed4
a1c0dca5a0594f0358c4aacbd4e5d9ece3717414892fc9bd496c95dbb6d6ea68
a1f389a4a583504e955a630f2dc66ba3ef895fed89b6c6477f30fef9e09fd631
a237124a295196c1d31d18c5eb00095cb1dfa53623745fbe35f4bf3078bc2935
a62ae4c89743dc201c7f1bbf696700979e3aa721960ec38ac7bb87e9873f965c
af3be6627918c04cf3707b1a4f91dae67554c4a6a14be9888cc6b8a45595b321
b371c18f48e2a0fcde36d514967fc00f4373eb78473fea3d61da38626bbcc09e
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b8ffbee1e4f7d9ae71e33629c1d60288ad2e600ddccfe28acc7c4b0a94a14dbd
ba8d3bc86cfeb01c383756c7e9ce1047457199493d27da9508fb12456dcb3360
c653e441ae1cfe405cd2c68b389bf7d6927b55409dfa1264bf56154b20f8e637
d049fbd7122bbfdd759053f1f53f28a1e6fb96f1495d643aa064f1fb8edc0268
d2ce5e9649172a30b614b52ab60c01d7620cab645526a13b8e391c2713dc3313
d48e49fc0a609fd2b9fb99587b6bd75dd2656b7fe316e0f3631f89d48a9e52f6
d8600c55ec86fce2330eb58c66dcc2d7c6798cc474ef964e79c027d93e3fcddc
da530a104b6893598eb6e371298797593b69711fee880fb839ed0a813cdfb526
dbb7d3cfa34ad462fa1f62e7b1c5717106b0e0ddc8205a836b935137597b1863
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea9cfa9d38927268f81f16bd8ef3595707f5c6da9230e12ca5d91872d10c752f
edc12bc907c10f796a3d4a2cfcf5715ccd6498f80322d22e94c67ed2731b9988
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04ee7b0722e25032ba99c6394208520439cb04115a421b6294d6d27235cf92c
f27c105f1c08f497757a1daf912c840c0f562a9448c78ae1272c8860c6146653
f55f07029a3fb464d3ef67a0e9cbfa5bba081d4e79506e2cd620e71fbc69faa6
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f87f46055339523542d49302a1f7665e2e217654516f0681f963c375249f3107
f9c88d196e9ff61e257364d7fe0bcb83f22efe74b2259758d333d22358cb2264
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff5c0f311fbb2d268ea31dd76ca96f877d52a2376c6232030d28b7118ed8427d

nordvpn.com Open in urlscan Pro 104.17.49.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

140 Requests

87 %HTTPS

0 %IPv6

32 Domains

51 Subdomains

30 IPs

8 Countries

1525 kBTransfer

4116 kBSize

59 Cookies

28 Outgoing links

Page URL History

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nordvpn.com Open in urlscan Pro
104.17.49.74 Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

87 %
HTTPS

0 %
IPv6

32
Domains

51
Subdomains

30
IPs

8
Countries

1525 kB
Transfer

4116 kB
Size

59
Cookies

140 HTTP transactions
5 data transactions