nordvpn.com Open in urlscan Pro
104.17.49.74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://coolrom.com/
Effective URL:
https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822
Submission: On December 16 via manual (December 16th 2022, 9:33:05 am UTC) from US — Scanned from DE

Summary HTTP 101 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 18 domains to perform 101 HTTP transactions. The main IP is 104.17.49.74, located in and belongs to CLOUDFLARENET, US. The main domain is nordvpn.com. The Cisco Umbrella rank of the primary domain is 18021.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 4th 2022. Valid for: a year.

This is the only time nordvpn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::6815:5779	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3034::ac43:8f4a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 9	2606:4700:310... 2606:4700:3108::ac42:286b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
3	151.101.193.91 151.101.193.91	54113 (FASTLY) (FASTLY)
1 1	52.16.200.194 52.16.200.194	16509 (AMAZON-02) (AMAZON-02)
2 15	104.17.49.74 104.17.49.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.248.223 18.66.248.223	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::ac43:4e7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	184.51.84.249 184.51.84.249	16625 (AKAMAI-AS) (AKAMAI-AS)
1	184.51.85.237 184.51.85.237	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
28	2606:4700::68... 2606:4700::6811:a71e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80e::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:402... 2a00:1450:4025:401::9b	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
1	104.109.57.2 104.109.57.2	16625 (AKAMAI-AS) (AKAMAI-AS)
1	108.157.1.118 108.157.1.118	16509 (AMAZON-02) (AMAZON-02)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
101	23

1 2606:4700:3034::6815:5779 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

coolrom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:8f4a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

coolrom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3108::ac42:286b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

coolrom.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.91 (United States)

ASN54113 (FASTLY, US)

spn-v1.revampcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.200.194 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-200-194.eu-west-1.compute.amazonaws.com

go.nordvpn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.17.49.74 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

visit.nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.223 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-223.dus51.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:4e7 (United States)

ASN13335 (CLOUDFLARENET, US)

c.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.84.249 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-84-249.deploy.static.akamaitechnologies.com

www.aaxdetect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.85.237 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-85-237.deploy.static.akamaitechnologies.com

l3.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

c21lg-d.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700::6811:a71e (United States)

ASN13335 (CLOUDFLARENET, US)

s1.nordcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80e::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4025:401::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

12123059.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.57.2 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-57-2.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.1.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-1-118.dus51.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	nordcdn.com s1.nordcdn.com — Cisco Umbrella Rank: 205496	344 KB
15	nordvpn.com 2 redirects visit.nordvpn.com — Cisco Umbrella Rank: 656820 nordvpn.com — Cisco Umbrella Rank: 18021 cm.nordvpn.com — Cisco Umbrella Rank: 334168	55 KB
14	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	41 KB
9	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 12123059.fls.doubleclick.net — Cisco Umbrella Rank: 478721	160 KB
9	coolrom.com.au 1 redirects coolrom.com.au — Cisco Umbrella Rank: 206882	69 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	294 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6041	737 B
4	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	1 KB
4	aaxads.com c.aaxads.com — Cisco Umbrella Rank: 2941 l3.aaxads.com — Cisco Umbrella Rank: 4424	146 KB
3	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1410 insight.adsrvr.org — Cisco Umbrella Rank: 596	3 KB
3	revampcdn.com spn-v1.revampcdn.com — Cisco Umbrella Rank: 93072	116 KB
2	coolrom.com 2 redirects coolrom.com — Cisco Umbrella Rank: 647132	1 KB
1	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 801	342 B
1	media.net c21lg-d.media.net — Cisco Umbrella Rank: 1799	296 B
1	aaxdetect.com www.aaxdetect.com — Cisco Umbrella Rank: 6135	324 B
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1822	40 KB
1	nordvpn.net 1 redirects go.nordvpn.net — Cisco Umbrella Rank: 311304	2 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 304	31 KB
101	18

	Domain	Requested by
28	s1.nordcdn.com	nordvpn.com s1.nordcdn.com
14	www.google-analytics.com	www.googletagmanager.com www.datadoghq-browser-agent.com www.google-analytics.com nordvpn.com
11	cm.nordvpn.com	nordvpn.com www.google-analytics.com www.googletagmanager.com
9	coolrom.com.au	1 redirects coolrom.com.au
5	www.googletagmanager.com	coolrom.com.au nordvpn.com www.googletagmanager.com
4	www.google.de	nordvpn.com
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	www.google.com	nordvpn.com
3	c.aaxads.com	spn-v1.revampcdn.com c.aaxads.com
3	nordvpn.com	1 redirects coolrom.com.au s1.nordcdn.com
3	spn-v1.revampcdn.com	coolrom.com.au spn-v1.revampcdn.com
3	securepubads.g.doubleclick.net	coolrom.com.au securepubads.g.doubleclick.net
2	insight.adsrvr.org	12123059.fls.doubleclick.net js.adsrvr.org
2	12123059.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	coolrom.com	2 redirects
1	adservice.google.com	12123059.fls.doubleclick.net
1	js.adsrvr.org	12123059.fls.doubleclick.net
1	servedby.flashtalking.com	12123059.fls.doubleclick.net
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	c21lg-d.media.net	c.aaxads.com
1	l3.aaxads.com
1	www.aaxdetect.com
1	www.datadoghq-browser-agent.com	spn-v1.revampcdn.com
1	visit.nordvpn.com	1 redirects
1	go.nordvpn.net	1 redirects
1	ajax.googleapis.com	coolrom.com.au
101	26

This site contains links to these domains. Also see Links.

Domain
account.nordvpn.com
nordlayer.com
support.nordvpn.com
nordpass.com
nordlocker.com
www.youtube.com
twitter.com
go.onelink.me
nordsecurity.com
nordvpn.org
www.facebook.com
www.linkedin.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.revampcdn.com R3	`2022-12-04` - `2023-03-04`	3 months	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2023-02-18`	a year	crt.sh
aaxads.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-12`	a year	crt.sh
*.aaxdetect.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.aaxads.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.nordcdn.com AlphaSSL CA - SHA256 - G2	`2022-02-21` - `2023-03-25`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-11` - `2023-11-12`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822
Frame ID: F8121904C8AF2ED12B2EE6A424A628F8
Requests: 98 HTTP requests in this frame

Frame: https://c.aaxads.com/aacxs.php?flg=AAXXX4L07&fv=1&fy=37&ke=1&suylg=371%2C231%2C353%2C380%2C265%2C203%2C292%2C361%2C167%2C368%2C3004%2C369%2C229%2C213%2C264%2C267%2C23%2C89%2C29%2C282%2C251%2C310%2C195%2C159%2C241%2C272%2C97%2C263%2C249%2C348%2C206%2C291%2C271%2C250%2C356%2C219%2C367%2C209&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Frame ID: 10B9AD0D04CC5EE76D27BAF27E746E8C
Requests: 2 HTTP requests in this frame

Frame: https://12123059.fls.doubleclick.net/activityi;dc_pre=CIeMxL7q_fsCFQlJHgId3tIC2w;src=12123059;type=retar0;cat=purea0;ord=732160555755;gtm=2wgbu0;auiddc=1337364386.1671183180;~oref=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822
Frame ID: E3A16C128A4F147A1C208FEAEED32CBE
Requests: 5 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=cyfpmts&ref=https%3A%2F%2Fnordvpn.com%2F&upid=d0g72j6&upv=1.1.0
Frame ID: 365D2634E3DE59EDC683914A3289334F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Einer der besten VPN-Anbieter online | NordVPNNordVPN logo-68%-68%

Page URL History Show full URLs

http://coolrom.com/ HTTP 301
https://coolrom.com/ HTTP 301
https://coolrom.com.au/ Page URL
https://coolrom.com.au/offers/nordvpn.php?sid=CoolROM_Alert HTTP 302
https://go.nordvpn.net/aff_c?offer_id=30&aff_id=29822&aff_sub=CoolROM_Alert HTTP 302
https://visit.nordvpn.com/?offer_id=30&aff_id=29822&aff_transaction_id=102a284909017df49f82436be11fdd&... HTTP 302
https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&... HTTP 302
https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

101
Requests

98 %
HTTPS

56 %
IPv6

18
Domains

26
Subdomains

23
IPs

5
Countries

1419 kB
Transfer

3756 kB
Size

35
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://account.nordvpn.com/legal/privacy-policy/
Title: Privacy Policy.

Search URL Search Domain Scan URL

URL: https://nordlayer.com/business-vpn/
Title: Business-VPN

Search URL Search Domain Scan URL

URL: https://support.nordvpn.com/de/
Title: Hilfe

Search URL Search Domain Scan URL

URL: https://account.nordvpn.com/oauth2/login
Title: Anmelden

Search URL Search Domain Scan URL

URL: https://nordpass.com/
Title: Passwort-Manager

Search URL Search Domain Scan URL

URL: https://nordpass.com/business-password-manager/
Title: BusinessPasswort-Manager für Unternehmen

Search URL Search Domain Scan URL

URL: https://nordlocker.com/
Title: Verschlüsselter Cloud-Speicher für Dateien

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=fEoJW3odeQM
Title: Auf YouTube ansehen

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=5U_6Pu_M0eY&t=55s&ab_channel=Varion
Title: Auf YouTube ansehen

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=TCAkKHzraTA&t=132s
Title: Auf YouTube ansehen

Search URL Search Domain Scan URL

URL: https://twitter.com/fsoonekindt/status/1478414021065859075
Title: Fabrice Soonekindt@fsoonekindtI never could've securely searched nor browsed the internet as an internaut nowadays on any of my devices the way it was meant to be: Browsing freely/ without data collection- and tracking from the start, without the help of my favourite virtual network @NordVPN Grateful for it!7:12 PM – 4 Jan 2022

Search URL Search Domain Scan URL

URL: https://twitter.com/CmDHoVeR/status/1485615200459968518
Title: Harsh@CmDHoVeR@NordVPN clearly has the BEST customer service Worldwide. You get conected to a support assistant faster than electricity. The team members are so qualified that a solution to the problem is reached even before it gets to your brains.4:07 PM – 24 Jan 2022

Search URL Search Domain Scan URL

URL: https://twitter.com/kanthalaraghu/status/1490442154334130177
Title: Kanthala Raghu@kanthalaraghuI recently started using Nord VPN was so impressed that i even bought 2 years subscription for it. Loving the service, thanks @NordVPN for helping keep internet safe and protecting privacy.11:47 PM – 6 Feb 2022

Search URL Search Domain Scan URL

URL: https://go.onelink.me/42qk/9g9tok8i

Search URL Search Domain Scan URL

URL: https://go.onelink.me/42qk/jobanbwl

Search URL Search Domain Scan URL

URL: https://nordsecurity.com/careers
Title: Stellen

Search URL Search Domain Scan URL

URL: https://nordvpn.org/
Title: Soziale Verantwortung

Search URL Search Domain Scan URL

URL: https://support.nordvpn.com/de/Haeufig-gestellte-Fragen/Installationsanleitung/
Title: Anleitungen

Search URL Search Domain Scan URL

URL: https://support.nordvpn.com/de/Haeufig-gestellte-Fragen/
Title: Du hast Fragen? Wir haben Antworten

Search URL Search Domain Scan URL

URL: https://account.nordvpn.com/de/legal/privacy-policy/
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

URL: https://account.nordvpn.com/de/legal/terms-of-service/
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nordvpn/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/NordVPN/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/nord-vpn/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCK-fTklZOWGfC77UyTw4-Ww
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nordvpn/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://nordsecurity.com/
Title: Nord Security

Search URL Search Domain Scan URL

URL: https://nordlayer.com/
Title: NordLayer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://coolrom.com/ HTTP 301
https://coolrom.com/ HTTP 301
https://coolrom.com.au/ Page URL
https://coolrom.com.au/offers/nordvpn.php?sid=CoolROM_Alert HTTP 302
https://go.nordvpn.net/aff_c?offer_id=30&aff_id=29822&aff_sub=CoolROM_Alert HTTP 302
https://visit.nordvpn.com/?offer_id=30&aff_id=29822&aff_transaction_id=102a284909017df49f82436be11fdd&source=&aff_sub=CoolROM_Alert&url={url} HTTP 302
https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822 HTTP 302
https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://coolrom.com/ HTTP 301
https://coolrom.com/ HTTP 301
https://coolrom.com.au/

Request Chain 82

https://12123059.fls.doubleclick.net/activityi;src=12123059;type=retar0;cat=purea0;ord=732160555755;gtm=2wgbu0;auiddc=1337364386.1671183180;~oref=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822 HTTP 302
https://12123059.fls.doubleclick.net/activityi;dc_pre=CIeMxL7q_fsCFQlJHgId3tIC2w;src=12123059;type=retar0;cat=purea0;ord=732160555755;gtm=2wgbu0;auiddc=1337364386.1671183180;~oref=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822

101 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
coolrom.com.au/
Redirect Chain

http://coolrom.com/
https://coolrom.com/
https://coolrom.com.au/

34 KB
11 KB

295ms
233ms

Document
text/html

2606:4700:3108::ac42:286b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coolrom.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:286b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.45
Resource Hash: 1d2c812bfaf38addc5e67ccec39a25b4c91218d5c9a46b96d19b25ac381d9250

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
access-control-allow-methods: GET, POST, UPDATE, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77a66a2bcec59a21-FRA
content-encoding: br
content-type: text/html
date: Fri, 16 Dec 2022 09:32:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XI0ekFBSlMpre5SJB2qp2sBP8oBQtYb6qvA6iQGlMecwe6qsKXENnUhtRe3JK2qVbnvz4MngvCY2qW1cIKb72Btl6MqLb8teldtTrZN3dKSDTjfZgcDIWJ51wTHRZaBspXiufnWB7%2FVsHrLy0g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.4.45

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
access-control-allow-methods: GET, POST, UPDATE, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77a66a297e9b90c6-FRA
content-type: text/html
date: Fri, 16 Dec 2022 09:32:57 GMT
location: https://coolrom.com.au/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Idike4Jh%2FEFbj2a5L3%2BEJ4ilrTgN354mASqXIyq22OtCJCznEQrhVoIeMGmtgSkFDO%2BDg5SlEBJJYmA338DiAPMXKKTVcD28uhI59sfRpZCVV8EL9IcSB62aGzzKi6tlVs9gSxZiNsRg%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.4.45

GET
H2 200 style.css
coolrom.com.au/css/ 5 KB
2 KB 64ms
61ms Stylesheet
text/css 2606:4700:3108::ac42:286b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coolrom.com.au/css/style.css
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:286b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9c88d196e9ff61e257364d7fe0bcb83f22efe74b2259758d333d22358cb2264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:57 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 24 Jul 2022 01:16:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 84785
etag: W/"62dc9d50-140a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wgq6d4XKglBVPNaJTFBWQf%2BVMDIkUW9XHw4ToXYn2HJtLJRq7a9YwgL1pNTR5usXhDff90K%2Fg9wtAbkRMSgIvrV%2Fei7fjSMFS%2B%2Fpyl3bPxKHDnai4yeS7YDfo%2FXqHtMw9aQKTivTRu2L62UWZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=172800, no-transform
cf-ray: 77a66a2d4a339a21-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 17 Dec 2022 01:32:02 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 73ms
20ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: coolrom.com.au
URL: https://coolrom.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 12:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 12:43:36 GMT

GET jquery-scrolltofixed-min.js
coolrom.com.au/js/ 0
0

GET
H2 200 dropmenu.min.js Show response
coolrom.com.au/js/ 5 KB
2 KB 60ms
59ms Script
application/javascript 2606:4700:3108::ac42:286b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coolrom.com.au/js/dropmenu.min.js
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:286b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96043f2902775b9903b1880464403573442b2abcfae52de51771388149f84147

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:57 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 27 Jan 2019 19:51:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 163831
etag: W/"5c4e0ba7-15b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkFN3vU8NQ8lvFuc4l4N2wHr%2F2Z%2BSa%2FywbYEPZ2af1bPzYVTI3vKctNWBlK6n0HaJirB2AX5qLD7tBBaEG0UBnMl%2FloGaK6mNXAY%2BKlDA5UWAP1Nex5bid%2BnEKK8TpgXkr%2By6aT1v%2F0%2B%2FthYHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=172800, no-transform
cf-ray: 77a66a2d4a3b9a21-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 14 Dec 2022 17:22:29 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ 109 KB
43 KB 83ms
30ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-3213938-1

Requested by

Host: coolrom.com.au
URL: https://coolrom.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43596
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Dec 2022 09:32:57 GMT

GET
H2 200 gpt.js
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 194ms
102ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: coolrom.com.au
URL: https://coolrom.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27666
x-xss-protection: 0
server: sffe
etag: "1422 / 524 of 1000 / last-modified: 1670587582"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 16 Dec 2022 09:32:58 GMT

GET
H2 200 prebid-client.js
spn-v1.revampcdn.com/prebid/coolrom/ 230 KB
67 KB 85ms
27ms Script
application/javascript 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://spn-v1.revampcdn.com/prebid/coolrom/prebid-client.js
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-version: 1.928.0
date: Fri, 16 Dec 2022 09:32:57 GMT
content-encoding: br
x-envoy-decorator-operation: svc-revamp-api-cms.revamp-api-v2.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 148873
x-cache: HIT, HIT
x-envoy-upstream-service-time: 31
x-region: NW
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 68261
x-request-id: ad757a53-580a-4717-a757-743b95f01d37
x-served-by: cache-ams12767-AMS, cache-hhn-etou8220073-HHN
server: istio-envoy
x-publisher-id: coolrom
x-timer: S1671183178.963142,VS0,VE5
etag: W/"a73e66c998711b7728ebe4b09241e40c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-country-code, x-region
cache-control: max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
accept-ranges: bytes
x-country-code: DE
x-cache-hits: 569, 1

GET
H2 200 coolrom.js
spn-v1.revampcdn.com/publishers/ 213 KB
49 KB 79ms
21ms Script
application/javascript 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://spn-v1.revampcdn.com/publishers/coolrom.js?modern=1
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://coolrom.com.au/
Origin: https://coolrom.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-version: 1.930.0
date: Fri, 16 Dec 2022 09:32:57 GMT
content-encoding: br
x-envoy-decorator-operation: svc-revamp-api-cms.revamp-api-v2.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 90534
x-cache: HIT, HIT
x-envoy-upstream-service-time: 805
x-region: NW
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 49533
x-request-id: 9cb1b6e5-722d-4a8d-95ab-b530dbf42ac7
x-served-by: cache-ams21023-AMS, cache-hhn-etou8220038-HHN
server: istio-envoy
x-publisher-id: coolrom
x-timer: S1671183178.963257,VS0,VE1
etag: W/"6915958921702022db761f2cd2ada8b4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-country-code, x-region
cache-control: max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
accept-ranges: bytes
x-country-code: DE
x-cache-hits: 8, 1

GET
H3 200 logo_christmas.gif
coolrom.com.au/images/ 8 KB
8 KB 75ms
74ms Image
image/gif 2606:4700:3108::ac42:286b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coolrom.com.au/images/logo_christmas.gif
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:286b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 93728
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8087
last-modified: Wed, 22 Nov 2006 08:07:59 GMT
server: cloudflare
etag: "4564055f-1f97"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rId44%2BWvCguQnU%2FKRupzi5pcr4Pmb8osgzqtyFjmqt3767Fc3QWWrMxEQs7wBCJuW11EdNS%2BpCjPr%2BIsFRQai3e6fihWebnSqG1lVvwLCdRgz%2Ff%2B%2B2hfZsI55MjhjG3labAEzUEvAH%2B0%2FDwpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=172800, no-transform
accept-ranges: bytes
cf-ray: 77a66a2dec96bbcd-FRA
expires: Sat, 17 Dec 2022 06:02:14 GMT

GET
H3 200 Tekken%203.jpg
coolrom.com.au/screenshots/psx/ 13 KB
14 KB 76ms
74ms Image
image/jpeg 2606:4700:3108::ac42:286b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coolrom.com.au/screenshots/psx/Tekken%203.jpg
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:286b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 147833
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13425
last-modified: Wed, 30 Jan 2019 19:45:01 GMT
server: cloudflare
etag: "5c51febd-3471"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmeLk%2F7rBmpMX%2B4i%2Bx303PEbJOotnenLzA1lbwo%2BrLN9C1Xr74TwjtnhYZgtDSa0W4OSEm7Y9C%2BGBmwz9Kj4fNvZJc1wqyxfCBREf0jJ855usm44cnmHTtMGNwc7yjKRbggrvMtZDyHuJXkiOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=172800, no-transform
accept-ranges: bytes
cf-ray: 77a66a2dec9cbbcd-FRA
expires: Wed, 14 Dec 2022 17:38:28 GMT

GET
H3 200 Crash%20Bandicoot.jpg
coolrom.com.au/screenshots/psx/ 16 KB
17 KB 54ms
53ms Image
image/jpeg 2606:4700:3108::ac42:286b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coolrom.com.au/screenshots/psx/Crash%20Bandicoot.jpg
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:286b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18185
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16609
last-modified: Wed, 30 Jan 2019 19:45:00 GMT
server: cloudflare
etag: "5c51febc-40e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUibCqnawsAhofnrH%2FVkQqrQkLwYiW4ZMW%2BQFqyoxPplsgbXwUk6kVaxlw3UrnV2Jog5gX7YuEMqMdLZJ62EVZXqBif0cB7NnGKSQT1V6HWtVV42omasF1VHJ1p%2FeQwlrIBM7d2P5U0%2FnfLlRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=172800, no-transform
accept-ranges: bytes
cf-ray: 77a66a2deca0bbcd-FRA
expires: Fri, 16 Dec 2022 17:43:24 GMT

GET
H3 200 Jackie%20Chan%20Stuntmaster.jpg
coolrom.com.au/screenshots/psx/ 12 KB
13 KB 97ms
96ms Image
image/jpeg 2606:4700:3108::ac42:286b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coolrom.com.au/screenshots/psx/Jackie%20Chan%20Stuntmaster.jpg
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:286b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 147833
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12392
last-modified: Wed, 30 Jan 2019 19:44:57 GMT
server: cloudflare
etag: "5c51feb9-3068"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugkCem88id0ViZQukRuzRC6jqORTIZ%2Fw5LOfLJAKm20vzQr29xCyiJXjhpDumICGi5XU4Ip9eQfeTL4DfcaYh%2FogNyZEHLAjYW9hBZ1MhvTAAF0UAQD02wHiiSmpP9%2BPkfQe3hM6OS8%2FFOJ2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=172800, no-transform
accept-ranges: bytes
cf-ray: 77a66a2deca7bbcd-FRA
expires: Fri, 16 Dec 2022 15:24:56 GMT

GET
H3 200 yall.min.js
coolrom.com.au/js/ 3 KB
2 KB 73ms
73ms Script
application/javascript 2606:4700:3108::ac42:286b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coolrom.com.au/js/yall.min.js
Requested by: Host: coolrom.com.au
URL: https://coolrom.com.au/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:286b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:57 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 05 Jan 2019 00:35:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 18978
etag: W/"5c2ffbc4-cea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2XFsVQ63%2F1KmqWN2oJYfWZ1cW8rTIt8hJxjsYja3QOMV5pk479ie%2BTO7Oqc%2Fugc%2FZoz6D9j4cnVJ53J6Ln4dnsnyMXBLN6MaYkKx%2BbwfwzJZ%2F0ma5HPcRTRraIAsxFpiE%2BWIaW8qtuUnNM%2FWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=172800, no-transform
cf-ray: 77a66a2dac0dbbcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 16 Dec 2022 16:59:22 GMT

GET
H2

200

Primary Request / Show response
nordvpn.com/de/
Redirect Chain

https://coolrom.com.au/offers/nordvpn.php?sid=CoolROM_Alert
https://go.nordvpn.net/aff_c?offer_id=30&aff_id=29822&aff_sub=CoolROM_Alert
https://visit.nordvpn.com/?offer_id=30&aff_id=29822&aff_transaction_id=102a284909017df49f82436be11fdd&source=&aff_sub=CoolROM_Alert&url={url}
https://nordvpn.com/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822
https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

300 KB
53 KB

597ms
596ms

Document
text/html

104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Requested by

Host: coolrom.com.au
URL: https://coolrom.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99cd4eb12bffb7511bb4d4af96e8955799bfe88e04a86c4f05774d4cf7876f41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://coolrom.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=1800
cf-cache-status: MISS
cf-ray: 77a66a338d518fd1-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 16 Dec 2022 09:32:59 GMT
expires: Fri, 16 Dec 2022 10:02:59 GMT
last-modified: Fri, 16 Dec 2022 09:32:59 GMT
link: <https://nordvpn.com/>; rel=shortlink
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: EXPIRED
x-frame-options: SAMEORIGIN
x-generator: front-eu-web-6

Redirect headers

cache-control: no-store, no-cache, must-revalidate
cf-ray: 77a66a332cd28fd1-FRA
content-length: 0
date: Fri, 16 Dec 2022 09:32:58 GMT
expires: 0
location: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding

GET
H2 200 datadog-rum-v4.js
www.datadoghq-browser-agent.com/ 127 KB
40 KB 103ms
27ms Script
application/javascript 18.66.248.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by: Host: spn-v1.revampcdn.com
URL: https://spn-v1.revampcdn.com/publishers/coolrom.js?modern=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-223.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:19 GMT
content-encoding: br
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
last-modified: Thu, 15 Dec 2022 09:55:03 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 40
etag: W/"ffc4627ad2b2865dc2d4d24f7ebad9f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: LKYoQgGr-z3mNmos7CXUg-gyaxUgynysGLj9BStXxbevEr40ggyo-w==

HEAD
H3 200 coolrom.js
spn-v1.revampcdn.com/publishers/ 0
0 44ms
20ms Fetch
application/javascript 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://spn-v1.revampcdn.com/publishers/coolrom.js?modern=1
Requested by: Host: spn-v1.revampcdn.com
URL: https://spn-v1.revampcdn.com/publishers/coolrom.js?modern=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-version: 1.930.0
date: Fri, 16 Dec 2022 09:32:58 GMT
content-encoding: br
x-envoy-decorator-operation: svc-revamp-api-cms.revamp-api-v2.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 90534
x-cache: HIT, HIT
x-envoy-upstream-service-time: 805
x-region: NW
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 49533
x-request-id: 9cb1b6e5-722d-4a8d-95ab-b530dbf42ac7
x-served-by: cache-ams21023-AMS, cache-hhn-etou8220049-HHN
server: istio-envoy
x-publisher-id: coolrom
x-timer: S1671183178.043227,VS0,VE0
etag: W/"6915958921702022db761f2cd2ada8b4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-country-code, x-region
cache-control: max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
accept-ranges: bytes
x-country-code: DE
x-cache-hits: 8, 4

GET
H2 200 aax.js
c.aaxads.com/ 484 KB
136 KB 102ms
43ms Script
text/javascript 2606:4700:10::ac43:4e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aax.js?pub=AAXXX4L07&hst=coolrom.com.au&ver=1.2

Requested by

Host: spn-v1.revampcdn.com
URL: https://spn-v1.revampcdn.com/publishers/coolrom.js?modern=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:4e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:58 GMT
strict-transport-security: max-age=604800
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 09:22:19 GMT
server: cloudflare
age: 639
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 77a66a2f1aa8bb62-FRA
expires: Fri, 16 Dec 2022 09:52:19 GMT

GET
H2 200 analytics.js
www.google-analytics.com/ 49 KB
20 KB 73ms
21ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3213938-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Dec 2022 09:15:46 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1032
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 16 Dec 2022 11:15:46 GMT

GET
H3 200 pubads_impl_2022120601.js
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 103ms
35ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 11:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164726
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132161
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 09:39:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 14 Dec 2023 11:47:32 GMT

GET
H3 200 ppub_config
securepubads.g.doubleclick.net/pagead/ 386 B
179 B 138ms
67ms XHR
application/json 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=coolrom.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 154
x-xss-protection: 0
expires: Fri, 16 Dec 2022 09:32:58 GMT

POST
H3 200 collect
www.google-analytics.com/j/ 1 B
21 B 72ms
28ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1361593020&t=pageview&_s=1&dl=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=CoolROM.com%20-%20Play%20Retro%20Games%20on%20Your%20Computer%20or%20Mobile%20Device&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=744475930&gjid=1388960607&cid=1935849692.1671183178&tid=UA-3213938-1&_gid=2086067199.1671183178&_r=1&gtm=2oubu0&z=338877126

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://coolrom.com.au/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:32:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://coolrom.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aacxs.php
c.aaxads.com/ Frame 10B9 23 KB
9 KB 342ms
342ms Document
text/html 2606:4700:10::ac43:4e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aacxs.php?flg=AAXXX4L07&fv=1&fy=37&ke=1&suylg=371%2C231%2C353%2C380%2C265%2C203%2C292%2C361%2C167%2C368%2C3004%2C369%2C229%2C213%2C264%2C267%2C23%2C89%2C29%2C282%2C251%2C310%2C195%2C159%2C241%2C272%2C97%2C263%2C249%2C348%2C206%2C291%2C271%2C250%2C356%2C219%2C367%2C209&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0

Requested by

Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAXXX4L07&hst=coolrom.com.au&ver=1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:4e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://coolrom.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
cf-cache-status: DYNAMIC
cf-ray: 77a66a2fec63bb62-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 16 Dec 2022 09:32:58 GMT
expires: Sun, 18 Dec 2022 09:32:58 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: cloudflare
strict-transport-security: max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 pxusr.gif
c.aaxads.com/ 43 B
181 B 39ms
39ms Image
image/gif 2606:4700:10::ac43:4e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/pxusr.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:4e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:58 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
last-modified: Mon, 26 Feb 2018 13:29:58 GMT
server: cloudflare
age: 235598
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=374917
accept-ranges: bytes
cf-ray: 77a66a2fec64bb62-FRA
content-length: 43
expires: Sun, 18 Dec 2022 00:14:57 GMT

GET
H/1.1 200
OK pxext.gif
www.aaxdetect.com/ 43 B
324 B 99ms
20ms Image
image/gif 184.51.84.249
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aaxdetect.com/pxext.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.84.249 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-84-249.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 09:32:58 GMT
Last-Modified: Mon, 26 Feb 2018 13:29:58 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=1071285
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 28 Dec 2022 19:07:43 GMT

GET
H/1.1 200
OK log
l3.aaxads.com/ 35 B
296 B 379ms
21ms Image
image/gif 184.51.85.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&wHos=139&dgw=desktop&flg=AAXXX4L07&fw=BERLIN&ff=DE&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=coolrom.com.au&vhuyqdph=ssp-serving-54794f6b58-g825x&vyu=121511_501_121410_471_ssp&vf=BE&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001671183178205025524194986762&vvsDeExfnhw=CONTROL&oz=1&gdss=green&lwbshlg=6&vg=1&dgeg=0&qsd=0&jgsu_hqi=1&fvha=0&jgivwu=Y-N&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&wfi_dsl=1&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_gcp_w&deg=2&fdeg=0&gdeg=2&ghqg=138&fhqg=20&hqg=35&gvwduw=21&fvwduw=20&vwduw=20&uhtxuo=https%3A%2F%2Fcoolrom.com.au%2F&nzui=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.85.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-85-237.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolrom.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Dec 2022 09:32:58 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Fri, 16 Dec 2022 09:32:58 GMT

GET
H/1.1 200
OK log
c21lg-d.media.net/ Frame 10B9 35 B
296 B 240ms
170ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c21lg-d.media.net/log?___stu13p=5idgihgb3r73nr56xnl0ch00yxnzunr&gho=1&yvlg=3141847785555544000V10&ruljlq=1&iow=0&syjlg[]=028AAX&syjlg[]=041AAX&syjlg[]=054AAX&syjlg[]=345AAX&syjlg[]=076AAX&syjlg[]=080AAX&syjlg[]=097AAX&syjlg[]=109AAX
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXXX4L07&fv=1&fy=37&ke=1&suylg=371%2C231%2C353%2C380%2C265%2C203%2C292%2C361%2C167%2C368%2C3004%2C369%2C229%2C213%2C264%2C267%2C23%2C89%2C29%2C282%2C251%2C310%2C195%2C159%2C241%2C272%2C97%2C263%2C249%2C348%2C206%2C291%2C271%2C250%2C356%2C219%2C367%2C209&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-23.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.aaxads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Dec 2022 09:32:58 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Fri, 16 Dec 2022 09:32:58 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
69 KB 77ms
32ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c62507275d507ed10e41c289aa857c351d99215b23a8f2921d4bbb964cc9d656

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 70295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Dec 2022 09:32:59 GMT

GET
H2 200 ga-set-dimensions.min.js Show response
s1.nordcdn.com/nordvpn/3.887.6/js/ 4 KB
2 KB 153ms
87ms Script
application/javascript 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.887.6/js/ga-set-dimensions.min.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ad20dd36cacac4881b1c436c1371889716db9d3f4aa68ad75ae271338cd4c5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jul 2022 13:51:46 GMT
server: cloudflare
age: 2081
etag: W/"62cc2af2-fa1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66a37d9dc900c-FRA

GET
H2 200 base.css
s1.nordcdn.com/nordvpn/3.942.0/css/ 98 KB
18 KB 111ms
45ms Stylesheet
text/css 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.942.0/css/base.css

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1c0dca5a0594f0358c4aacbd4e5d9ece3717414892fc9bd496c95dbb6d6ea68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Dec 2022 14:11:45 GMT
server: cloudflare
age: 2081
etag: W/"63909f21-1899a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66a37b985900c-FRA

GET
H2 200 /
cm.nordvpn.com/ 0
33 B 168ms
160ms Image
text/plain 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/?id=ecc06ff6-58d2-4804-aac1-18233eecfdb2

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77a66a377abc8fd1-FRA
content-length: 0

GET
H2 200 chevrons-right.svg
s1.nordcdn.com/nordvpn/media/1.1779.0/images/global/icons/16/ 178 B
223 B 145ms
91ms Image
image/svg+xml 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1779.0/images/global/icons/16/chevrons-right.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d48e49fc0a609fd2b9fb99587b6bd75dd2656b7fe316e0f3631f89d48a9e52f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 11:20:16 GMT
server: cloudflare
age: 26496
etag: W/"639b02f0-b2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66a37d9de900c-FRA

GET
H2 200 chevrons-left.svg
s1.nordcdn.com/nordvpn/media/1.1779.0/images/global/icons/16/ 183 B
245 B 127ms
73ms Image
image/svg+xml 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1779.0/images/global/icons/16/chevrons-left.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af3be6627918c04cf3707b1a4f91dae67554c4a6a14be9888cc6b8a45595b321

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 11:20:16 GMT
server: cloudflare
age: 26491
etag: W/"639b02f0-b7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66a37d9df900c-FRA

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 287 KB
97 KB 72ms
40ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e4144e519b9d4cf123fe54478ee3e26b5eb4c47bc86f56d80a0d5a97172253bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99715
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Dec 2022 09:32:59 GMT

GET
DATA 200
OK truncated
/ 240 B
240 B Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1f389a4a583504e955a630f2dc66ba3ef895fed89b6c6477f30fef9e09fd631

Request headers

Referer
Origin: https://nordvpn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H2 200 en-woff2.css Show response
s1.nordcdn.com/nord/misc/0.53.0/common/fonts/ 158 KB
119 KB 91ms
34ms XHR
text/css 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nord/misc/0.53.0/common/fonts/en-woff2.css

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8727c71f4728b6602235e5955f077d24dfcf02ec17f6d7ad7754dd7cd6c04ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Sep 2022 08:49:27 GMT
server: cloudflare
age: 2051
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=16070400
cf-ray: 77a66a37b9a09b5d-FRA
expires: Tue, 20 Jun 2023 09:32:59 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 success.svg
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/icons/16/ 209 B
232 B 111ms
72ms Image
image/svg+xml 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/icons/16/success.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f27c105f1c08f497757a1daf912c840c0f562a9448c78ae1272c8860c6146653

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 2012
etag: W/"638f59ef-d1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66a37b988900c-FRA

GET
H2 200 bg-christmas-campaign-chimney-lg.webp
s1.nordcdn.com/nordvpn/media/1.1758.0/images/campaigns/christmas-campaign/ 61 KB
62 KB 78ms
51ms Image
image/webp 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1758.0/images/campaigns/christmas-campaign/bg-christmas-campaign-chimney-lg.webp

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c653e441ae1cfe405cd2c68b389bf7d6927b55409dfa1264bf56154b20f8e637

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Sat, 26 Nov 2022 13:29:17 GMT
server: cloudflare
age: 1872
etag: "638214ad-f55c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
accept-ranges: bytes
cf-ray: 77a66a37b98d900c-FRA
content-length: 62812

GET
H2 200 hero-gift-moon-christmas_thumb_blur.webp
s1.nordcdn.com/nordvpn/media/1.1752.0/images/campaigns/christmas-campaign/ 858 B
958 B 50ms
49ms Image
image/webp 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1752.0/images/campaigns/christmas-campaign/hero-gift-moon-christmas_thumb_blur.webp

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f04ee7b0722e25032ba99c6394208520439cb04115a421b6294d6d27235cf92c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 17:01:55 GMT
server: cloudflare
age: 2012
etag: "637baf03-35a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
accept-ranges: bytes
cf-ray: 77a66a37fa0d900c-FRA
content-length: 858

GET
H2 200 checkbox-tick.svg
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/icons/16/ 176 B
210 B 84ms
73ms Image
image/svg+xml 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/icons/16/checkbox-tick.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2ce5e9649172a30b614b52ab60c01d7620cab645526a13b8e391c2713dc3313

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 2009
etag: W/"638f59ef-b0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66a37d9db900c-FRA

GET
H2 200 wired-white.svg
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/ 3 KB
1 KB 84ms
73ms Image
image/svg+xml 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/wired-white.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0acc7761130881ec8bc4031fa28505d071d1c6c6f65fe1ea2490b4e5139db63d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 2009
etag: W/"638f59ef-a48"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66a37d9d2900c-FRA

GET
H2 200 huffpost-white.svg
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/ 2 KB
1 KB 99ms
87ms Image
image/svg+xml 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/huffpost-white.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f87f46055339523542d49302a1f7665e2e217654516f0681f963c375249f3107

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 2009
etag: W/"638f59ef-77c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66a37b993900c-FRA

GET
H2 200 buzzfeed-white.svg
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/ 3 KB
2 KB 83ms
71ms Image
image/svg+xml 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/buzzfeed-white.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edc12bc907c10f796a3d4a2cfcf5715ccd6498f80322d22e94c67ed2731b9988

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 2009
etag: W/"638f59ef-d11"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66a37b98f900c-FRA

GET
H2 200 forbes-white.svg
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/ 5 KB
2 KB 83ms
72ms Image
image/svg+xml 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/forbes-white.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

867285c239048863ae0da1e8ad72376c7494cdad435b2ca3f37a5dd38fa4fdaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 2009
etag: W/"638f59ef-123b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66a37b994900c-FRA

GET
H2 200 tedx-white.svg
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/ 586 B
450 B 84ms
72ms Image
image/svg+xml 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/tedx-white.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac14e2aa10fadd38fa180ceac3e55e5f2c849035b1fa5c021f0b98d1c6856fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 2009
etag: W/"638f59ef-24a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66a37d9cf900c-FRA

GET
H2 200 bbc-white.svg
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/ 1 KB
779 B 48ms
36ms Image
image/svg+xml 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/logos/horizontal/bbc-white.svg

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

488f6c8d07cf99844634c770d5ceb7306403f42fad6132e34388c71b1d795cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 2009
etag: W/"638f59ef-477"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66a37b991900c-FRA

GET
H2 200 unsupported-fallback.min.js Show response
s1.nordcdn.com/nordvpn/3.816.0/js/ 1 KB
650 B 50ms
49ms Script
application/javascript 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.816.0/js/unsupported-fallback.min.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38d18d8c6ab204062eedcb2980b6bfe059578f042c81bd0a17599853a5dd9cc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jan 2022 12:16:13 GMT
server: cloudflare
age: 2081
etag: W/"61e8010d-465"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66a37fa0f900c-FRA

GET
H2 200 lazyload.min.js Show response
s1.nordcdn.com/nordvpn/3.683.0/js/ 10 KB
5 KB 60ms
59ms Script
application/javascript 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.683.0/js/lazyload.min.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61d2bf3aa4b939301a3046a5ec9aca05533dd7091342a36afe2b321886cd0c8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Mar 2021 14:28:00 GMT
server: cloudflare
age: 2081
etag: W/"605b4c70-29e0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66a37fa13900c-FRA

GET
H2 200 countdown.min.js Show response
s1.nordcdn.com/nordvpn/3.863.0/js/ 12 KB
4 KB 69ms
68ms Script
application/javascript 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.863.0/js/countdown.min.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a62ae4c89743dc201c7f1bbf696700979e3aa721960ec38ac7bb87e9873f965c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 May 2022 16:14:24 GMT
server: cloudflare
age: 2094
etag: W/"62866ce0-309a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66a37fa1c900c-FRA

GET
H2 200 status-bar.min.js Show response
s1.nordcdn.com/nordvpn/3.906.1/js/ 11 KB
3 KB 50ms
50ms Script
application/javascript 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.906.1/js/status-bar.min.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87194192f69885b261d6b17e2d47ed02b53699ca07a5b2665a5a16af163a43dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 07:49:36 GMT
server: cloudflare
age: 2094
etag: W/"63048690-2af9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66a37fa21900c-FRA

GET
H2 200 experiments-fallback.min.js Show response
s1.nordcdn.com/nordvpn/3.837.0/js/ 4 KB
2 KB 53ms
53ms Script
application/javascript 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.837.0/js/experiments-fallback.min.js

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba8d3bc86cfeb01c383756c7e9ce1047457199493d27da9508fb12456dcb3360

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 Mar 2022 08:28:33 GMT
server: cloudflare
age: 2081
etag: W/"62383731-eb5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66a37fa22900c-FRA

GET
H2 200 jquery.min.js Show response
s1.nordcdn.com/jquery/1.12.4/ 95 KB
34 KB 92ms
71ms Script
application/javascript 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/jquery/1.12.4/jquery.min.js?ver=1.11.3

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Mar 2018 12:23:25 GMT
server: cloudflare
age: 2094
etag: W/"5abb893d-17b8b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66a37b98c900c-FRA

GET
H2 200 base.min.js Show response
s1.nordcdn.com/nordvpn/3.942.0/js/ 183 KB
47 KB 51ms
49ms Script
application/javascript 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.942.0/js/base.min.js?ver=1.0.0

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43392d85def22d0195575d75fa1e538e7669c70a20736ffd49db162a36362c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Dec 2022 14:11:45 GMT
server: cloudflare
age: 2081
etag: W/"63909f21-2dcfa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66a37fa0a900c-FRA

GET
DATA 200
OK truncated
/ 39 KB
39 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b371c18f48e2a0fcde36d514967fc00f4373eb78473fea3d61da38626bbcc09e

Request headers

Referer
Origin: https://nordvpn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 40 KB
40 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09781b5bb4f268166f145ba7ec217e639631ac75bc952de5e6293cf14327925c

Request headers

Referer
Origin: https://nordvpn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 40 KB
40 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b8ffbee1e4f7d9ae71e33629c1d60288ad2e600ddccfe28acc7c4b0a94a14dbd

Request headers

Referer
Origin: https://nordvpn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-42858496-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

480ef0e2aa71b1ce3787ffe6b798e7d39d24b84c5eb098b7643b0eaefc045465

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43688
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Dec 2022 09:32:59 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-42858496-52&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

493647a1e3d00d8314d6d65d476354b74c6e8148a4d3a8346090c3a273a3be8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43638
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Dec 2022 09:32:59 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/950534254/ 2 KB
2 KB 92ms
41ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950534254/?random=1671183179710&cv=11&fst=1671183179710&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&ref=https%3A%2F%2Fcoolrom.com.au%2F&tiba=Einer%20der%20besten%20VPN-Anbieter%20online%20%7C%20NordVPN&auid=1337364386.1671183180&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd9b83d969598ffb39bd1aeb648f6c3cc0cc8d3eb52bdc81595eabed74060d34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:32:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 970
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 chevrons-right.svg Show response
s1.nordcdn.com/nordvpn/media/1.1779.0/images/global/icons/16/ 178 B
218 B 63ms
62ms Fetch
image/svg+xml 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1779.0/images/global/icons/16/chevrons-right.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.942.0/js/base.min.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d48e49fc0a609fd2b9fb99587b6bd75dd2656b7fe316e0f3631f89d48a9e52f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 11:20:16 GMT
server: cloudflare
age: 10206
etag: W/"639b02f0-b2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66a399d5c9b5d-FRA

GET
H2 200 chevrons-left.svg Show response
s1.nordcdn.com/nordvpn/media/1.1779.0/images/global/icons/16/ 183 B
245 B 51ms
50ms Fetch
image/svg+xml 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1779.0/images/global/icons/16/chevrons-left.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.942.0/js/base.min.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af3be6627918c04cf3707b1a4f91dae67554c4a6a14be9888cc6b8a45595b321

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 11:20:16 GMT
server: cloudflare
age: 10206
etag: W/"639b02f0-b7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66a399d609b5d-FRA

GET
H2 200 checkbox-tick.svg Show response
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/icons/16/ 176 B
276 B 42ms
41ms Fetch
image/svg+xml 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/icons/16/checkbox-tick.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.942.0/js/base.min.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2ce5e9649172a30b614b52ab60c01d7620cab645526a13b8e391c2713dc3313

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 1396
etag: W/"638f59ef-b0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66a399d629b5d-FRA

GET
H2 200 success.svg Show response
s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/icons/16/ 209 B
232 B 43ms
42ms Fetch
image/svg+xml 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1770.0/images/global/icons/16/success.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.942.0/js/base.min.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f27c105f1c08f497757a1daf912c840c0f562a9448c78ae1272c8860c6146653

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 15:04:15 GMT
server: cloudflare
age: 1912
etag: W/"638f59ef-d1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 77a66a399d639b5d-FRA

GET
H2 200 admin-ajax.php Show response
nordvpn.com/wp-admin/ 343 B
439 B 136ms
136ms XHR
application/json 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordvpn.com/wp-admin/admin-ajax.php?action=get_user_info_data

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.906.1/js/status-bar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06de8124acb7323a1f7ee86026de19da5fa8bf87196968f7bdc4f11ac85353ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/json; charset=UTF-8
x-generator: front-eu-web-4
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
cf-ray: 77a66a39bddf8fd1-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-42858496-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Dec 2022 09:15:46 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1033
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 16 Dec 2022 11:15:46 GMT

GET
H2 200 threat-protection-screenshot-man-phone-de.webp
s1.nordcdn.com/nordvpn/media/1.1761.0/images/homepage/ui-illustrations/de/ 18 KB
18 KB 47ms
44ms Image
image/webp 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1761.0/images/homepage/ui-illustrations/de/threat-protection-screenshot-man-phone-de.webp

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d77e6487d0d5631b727be84c5ddeb3524824a0972de4d1eefa2b733896ea20a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 16:39:37 GMT
server: cloudflare
age: 1336
etag: "638635c9-4936"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
accept-ranges: bytes
cf-ray: 77a66a39dd91900c-FRA
content-length: 18742

GET
H2 200 /
www.google.com/pagead/1p-user-list/950534254/ 42 B
548 B 149ms
60ms Image
image/gif 2a00:1450:400d:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/950534254/?random=1671183179710&cv=11&fst=1671181200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&ref=https%3A%2F%2Fcoolrom.com.au%2F&tiba=Einer%20der%20besten%20VPN-Anbieter%20online%20%7C%20NordVPN&fmt=3&is_vtc=1&random=26429678&rmt_tld=0&ipr=y

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:32:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/950534254/ 42 B
548 B 83ms
33ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/950534254/?random=1671183179710&cv=11&fst=1671181200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&ref=https%3A%2F%2Fcoolrom.com.au%2F&tiba=Einer%20der%20besten%20VPN-Anbieter%20online%20%7C%20NordVPN&fmt=3&is_vtc=1&random=26429678&rmt_tld=1&ipr=y

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:32:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
28ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=505430462&t=pageview&_s=1&dl=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=Einer%20der%20besten%20VPN-Anbieter%20online%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=540728710&gjid=1774588079&cid=1045131646.1671183180&tid=UA-42858496-1&_gid=2125833069.1671183180&_r=1&gtm=2oubu0&cd7=77a66a33d25d8fd1-FRA&cd8=1671183179&cd40=active&z=338062216

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nordvpn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:32:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nordvpn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
cm.nordvpn.com/j/ 35 B
218 B 188ms
188ms XHR
image/gif 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.nordvpn.com/j/collect?v=1&_v=j98&a=505430462&t=pageview&_s=1&dl=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=Einer%20der%20besten%20VPN-Anbieter%20online%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YODACUABBAAAACAAMI~&jid=484526532&gjid=331018164&cid=ecc06ff6-58d2-4804-aac1-18233eecfdb2&tid=UA-42858496-52&_gid=1548034435.1671183180&_fplc=0&_r=1&gtm=2oubu0&cd7=77a66a33d25d8fd1-FRA&cd8=1671183179&z=2035004475

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordvpn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:33:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
access-control-allow-origin: https://nordvpn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 77a66a3a4e908fd1-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=505430462&t=event&ni=0&_s=1&dl=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=Einer%20der%20besten%20VPN-Anbieter%20online%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Countdown&el=Initiated&ev=34763&_u=YGDACUABBAAAACAAI~&jid=&gjid=&cid=1045131646.1671183180&tid=UA-42858496-1&_gid=2125833069.1671183180&gtm=2oubu0&cd7=77a66a33d25d8fd1-FRA&cd8=1671183179&cd40=active&cd46=Active&z=1568365992

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 03:44:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20931
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
cm.nordvpn.com/ 35 B
169 B 169ms
168ms Image
image/gif 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?v=1&_v=j98&a=505430462&t=event&ni=0&_s=1&dl=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=Einer%20der%20besten%20VPN-Anbieter%20online%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Countdown&el=Initiated&ev=34763&_u=YODACUABBAAAACAAMI~&jid=&gjid=&cid=ecc06ff6-58d2-4804-aac1-18233eecfdb2&tid=UA-42858496-52&_gid=1548034435.1671183180&_fplc=0&gtm=2oubu0&cd7=77a66a33d25d8fd1-FRA&cd8=1671183179&cd40=Active&cd46=Active&z=1863388851

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:33:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 77a66a3a4e978fd1-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 88ms
31ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-42858496-1&cid=1045131646.1671183180&jid=540728710&gjid=1774588079&_gid=2125833069.1671183180&_u=YEBAAUAAAAAAACAAI~&z=1913896823

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nordvpn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 16 Dec 2022 09:32:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nordvpn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
cm.nordvpn.com/g/ 0
33 B 182ms
182ms Ping
text/plain 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.nordvpn.com/g/collect?v=2&tid=G-LEXMJ1N516&gtm=2oebu0&_p=505430462&_gaz=1&cid=1045131646.1671183180&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&cu=EUR&sid=1671183179&sct=1&seg=0&dl=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&dt=Einer%20der%20besten%20VPN-Anbieter%20online%20%7C%20NordVPN&en=status_bar_loaded&_fv=1&_ss=2&_ee=1&ep.page_lang=DE&ep.countdown=active&epn.countdown_remaining=34763321&ep.consent_status=ignored&ep.status=unprotected&ep.product=nordvpn

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:33:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77a66a3a9f068fd1-FRA
content-length: 0

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
344 B 54ms
30ms Ping
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LEXMJ1N516&cid=1045131646.1671183180&gtm=2oebu0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:32:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nordvpn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=505430462&t=event&ni=1&_s=2&dl=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=Einer%20der%20besten%20VPN-Anbieter%20online%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Status%20Bar%20%2F%20Unprotected&el=Loaded&ev=0&_u=aODACUABBAAAACAAMI~&jid=&gjid=&cid=1045131646.1671183180&tid=UA-42858496-1&_gid=2125833069.1671183180&gtm=2oubu0&cd7=77a66a33d25d8fd1-FRA&cd8=1671183179&cd40=active&cd46=Active&z=202176416

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 03:44:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20931
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
cm.nordvpn.com/ 35 B
89 B 192ms
191ms Image
image/gif 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?v=1&_v=j98&a=505430462&t=event&ni=1&_s=2&dl=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=Einer%20der%20besten%20VPN-Anbieter%20online%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Status%20Bar%20%2F%20Unprotected&el=Loaded&ev=0&_u=aODACUABBAAAACAAMI~&jid=&gjid=&cid=ecc06ff6-58d2-4804-aac1-18233eecfdb2&tid=UA-42858496-52&_gid=1548034435.1671183180&_fplc=0&gtm=2oubu0&cd7=77a66a33d25d8fd1-FRA&cd8=1671183179&cd40=Active&cd46=Active&z=550026364

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:33:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 77a66a3a9f098fd1-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 79ms
34ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LEXMJ1N516&cid=1045131646.1671183180&gtm=2oebu0&aip=1&z=275751261

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:32:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 safe-connecion-laptop-man-auto-connent-de.webp
s1.nordcdn.com/nordvpn/media/1.1761.0/images/homepage/ui-illustrations/de/ 20 KB
20 KB 30ms
30ms Image
image/webp 2606:4700::6811:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1761.0/images/homepage/ui-illustrations/de/safe-connecion-laptop-man-auto-connent-de.webp

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:a71e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7be582ed8248a836ad258e13b86e51273b2515f6fa2d73e83fe2096716a30d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:32:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 16:39:37 GMT
server: cloudflare
age: 1335
etag: "638635c9-4f2e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
accept-ranges: bytes
cf-ray: 77a66a3abf1e900c-FRA
content-length: 20270

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 136ms
58ms Image
image/gif 2a00:1450:400d:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-42858496-1&cid=1045131646.1671183180&jid=540728710&_u=YEBAAUAAAAAAACAAI~&z=678165351

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:33:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 34ms
33ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-42858496-1&cid=1045131646.1671183180&jid=540728710&_u=YEBAAUAAAAAAACAAI~&z=678165351

Requested by

Host: nordvpn.com
URL: https://nordvpn.com/de/?utm_medium=affiliate&utm_term&utm_content=CoolROM_Alert&utm_campaign=off30&utm_source=aff29822

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:33:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:02:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 16 Dec 2022 10:02:05 GMT

GET
H3

200

activityi;dc_pre=CIeMxL7q_fsCFQlJHgId3tIC2w;src=12123059;type=retar0;cat=purea0;ord=732160555755;gtm=2wgbu0;auiddc=1337364386.1671183180;~oref=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffil... Show response
12123059.fls.doubleclick.net/ Frame E3A1
Redirect Chain

https://12123059.fls.doubleclick.net/activityi;src=12123059;type=retar0;cat=purea0;ord=732160555755;gtm=2wgbu0;auiddc=1337364386.1671183180;~oref=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daf...
https://12123059.fls.doubleclick.net/activityi;dc_pre=CIeMxL7q_fsCFQlJHgId3tIC2w;src=12123059;type=retar0;cat=purea0;ord=732160555755;gtm=2wgbu0;auiddc=1337364386.1671183180;~oref=https%3A%2F%2Fnor...

1 KB
631 B

112ms
66ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12123059.fls.doubleclick.net/activityi;dc_pre=CIeMxL7q_fsCFQlJHgId3tIC2w;src=12123059;type=retar0;cat=purea0;ord=732160555755;gtm=2wgbu0;auiddc=1337364386.1671183180;~oref=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

6348cc3eb4b66b9e78f2400137101065d18c1b8dfd685a77ba42f28256c92ea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nordvpn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 606
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 09:33:00 GMT
expires: Fri, 16 Dec 2022 09:33:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 09:33:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12123059.fls.doubleclick.net/activityi;dc_pre=CIeMxL7q_fsCFQlJHgId3tIC2w;src=12123059;type=retar0;cat=purea0;ord=732160555755;gtm=2wgbu0;auiddc=1337364386.1671183180;~oref=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 84ms
30ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-42858496-1&cid=1045131646.1671183180&jid=1131947838&gjid=494113452&_gid=2125833069.1671183180&_u=aODAiUAjBAAAAGAEOI~&z=925922514

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nordvpn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 16 Dec 2022 09:33:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nordvpn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=505430462&t=event&ni=1&_s=1&dl=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=Einer%20der%20besten%20VPN-Anbieter%20online%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Load%20time&ea=Loaded&el=%2Fde%2Fhome-lazyload-2-2%2F%20-%20fromDL&ev=713&_u=aODAiUAjBAAAACAEOI~&jid=1131947838&gjid=494113452&cid=1045131646.1671183180&uid=&tid=UA-42858496-1&_gid=2125833069.1671183180&gtm=2wgbu0WX5CH8&cd10=&cd20=1671183180125.sd7l1u6b&cd21=2022-12-16T09%3A33%3A00.125%2B00%3A00&cd22=&cd24=&cd25=&cd26=&cd27=&cd28=&cd29=&cd30=&cd32=&cd48=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwOC4wLjUzNTkuMTI0IFNhZmFyaS81MzcuMzYyMDAzMDEwN1dpbjMyODMxMjAwMTYwMA%3D%3D&cd19=1045131646.1671183180&z=279556287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 03:44:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20932
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
21ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=505430462&t=event&ni=1&_s=3&dl=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=Einer%20der%20besten%20VPN-Anbieter%20online%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Currency&ea=Loaded&el=EUR&_u=aODACUAjBAAAAGAEOI~&jid=&gjid=&cid=1045131646.1671183180&tid=UA-42858496-1&_gid=2125833069.1671183180&gtm=2oubu0&cd7=77a66a33d25d8fd1-FRA&cd8=1671183179&cd40=active&cd46=Active&z=1069606429

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 03:44:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20932
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
cm.nordvpn.com/ 35 B
89 B 190ms
187ms Image
image/gif 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?v=1&_v=j98&a=505430462&t=event&ni=1&_s=3&dl=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=Einer%20der%20besten%20VPN-Anbieter%20online%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Currency&ea=Loaded&el=EUR&_u=aODACUAjBAAAAGAEOI~&jid=&gjid=&cid=ecc06ff6-58d2-4804-aac1-18233eecfdb2&tid=UA-42858496-52&_gid=1548034435.1671183180&_fplc=0&gtm=2oubu0&cd7=77a66a33d25d8fd1-FRA&cd8=1671183179&cd40=Active&cd46=Active&z=452425935

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:33:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 77a66a3c494c8fd1-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
21ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=505430462&t=event&ni=1&_s=4&dl=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=Einer%20der%20besten%20VPN-Anbieter%20online%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Cookie%20Consent&ea=Loaded&ev=0&_u=aODACUAjBAAAAGAEOI~&jid=&gjid=&cid=1045131646.1671183180&tid=UA-42858496-1&_gid=2125833069.1671183180&gtm=2oubu0&cd7=77a66a33d25d8fd1-FRA&cd8=1671183179&cd40=active&cd46=Active&z=624356496

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 03:44:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20932
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
cm.nordvpn.com/ 35 B
89 B 234ms
231ms Image
image/gif 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?v=1&_v=j98&a=505430462&t=event&ni=1&_s=4&dl=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=Einer%20der%20besten%20VPN-Anbieter%20online%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Cookie%20Consent&ea=Loaded&ev=0&_u=aODACUAjBAAAAGAEOI~&jid=&gjid=&cid=ecc06ff6-58d2-4804-aac1-18233eecfdb2&tid=UA-42858496-52&_gid=1548034435.1671183180&_fplc=0&gtm=2oubu0&cd7=77a66a33d25d8fd1-FRA&cd8=1671183179&cd40=Active&cd46=Active&z=1633849793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:33:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 77a66a3c494e8fd1-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
21ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=505430462&t=event&ni=1&_s=5&dl=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=Einer%20der%20besten%20VPN-Anbieter%20online%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Scroll&el=01%20-%20HeroLeftV4&ev=0&_u=aODACUAjBAAAAGAEOI~&jid=&gjid=&cid=1045131646.1671183180&tid=UA-42858496-1&_gid=2125833069.1671183180&gtm=2oubu0&cd7=77a66a33d25d8fd1-FRA&cd8=1671183179&cd40=active&cd46=Active&z=1797699401

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 03:44:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20932
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
cm.nordvpn.com/ 35 B
89 B 395ms
393ms Image
image/gif 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?v=1&_v=j98&a=505430462&t=event&ni=1&_s=5&dl=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=Einer%20der%20besten%20VPN-Anbieter%20online%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Scroll&el=01%20-%20HeroLeftV4&ev=0&_u=aODACUAjBAAAAGAEOI~&jid=&gjid=&cid=ecc06ff6-58d2-4804-aac1-18233eecfdb2&tid=UA-42858496-52&_gid=1548034435.1671183180&_fplc=0&gtm=2oubu0&cd7=77a66a33d25d8fd1-FRA&cd8=1671183179&cd40=Active&cd46=Active&z=1851548377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:33:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 77a66a3c494f8fd1-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
22ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=505430462&t=event&ni=1&_s=6&dl=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=Einer%20der%20besten%20VPN-Anbieter%20online%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Scroll&el=00%20-%20Header&ev=0&_u=aODACUAjBAAAAGAEOI~&jid=&gjid=&cid=1045131646.1671183180&tid=UA-42858496-1&_gid=2125833069.1671183180&gtm=2oubu0&cd7=77a66a33d25d8fd1-FRA&cd8=1671183179&cd40=active&cd46=Active&z=1901337208

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 03:44:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20932
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
cm.nordvpn.com/ 35 B
89 B 201ms
199ms Image
image/gif 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?v=1&_v=j98&a=505430462&t=event&ni=1&_s=6&dl=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=Einer%20der%20besten%20VPN-Anbieter%20online%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Scroll&el=00%20-%20Header&ev=0&_u=aODACUAjBAAAAGAEOI~&jid=&gjid=&cid=ecc06ff6-58d2-4804-aac1-18233eecfdb2&tid=UA-42858496-52&_gid=1548034435.1671183180&_fplc=0&gtm=2oubu0&cd7=77a66a33d25d8fd1-FRA&cd8=1671183179&cd40=Active&cd46=Active&z=1173601222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:33:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 77a66a3c49518fd1-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
22ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=505430462&t=event&ni=1&_s=7&dl=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=Einer%20der%20besten%20VPN-Anbieter%20online%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Cookie%20Consent&ea=Cookie%20Consent&el=Loaded&ev=0&_u=aODACUAjBAAAAGAEOI~&jid=&gjid=&cid=1045131646.1671183180&tid=UA-42858496-1&_gid=2125833069.1671183180&gtm=2oubu0&cd7=77a66a33d25d8fd1-FRA&cd8=1671183179&cd40=active&cd46=Active&z=534989052

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 03:44:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20932
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
cm.nordvpn.com/ 35 B
89 B 155ms
153ms Image
image/gif 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?v=1&_v=j98&a=505430462&t=event&ni=1&_s=7&dl=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=Einer%20der%20besten%20VPN-Anbieter%20online%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Cookie%20Consent&ea=Cookie%20Consent&el=Loaded&ev=0&_u=aODACUAjBAAAAGAEOI~&jid=&gjid=&cid=ecc06ff6-58d2-4804-aac1-18233eecfdb2&tid=UA-42858496-52&_gid=1548034435.1671183180&_fplc=0&gtm=2oubu0&cd7=77a66a33d25d8fd1-FRA&cd8=1671183179&cd40=Active&cd46=Active&z=1652991860

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:33:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 77a66a3c49538fd1-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
22ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=505430462&t=event&ni=0&_s=8&dl=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=Einer%20der%20besten%20VPN-Anbieter%20online%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Countdown&el=Activated.10&ev=0&_u=aODACUAjBAAAAGAEOI~&jid=&gjid=&cid=1045131646.1671183180&tid=UA-42858496-1&_gid=2125833069.1671183180&gtm=2oubu0&cd7=77a66a33d25d8fd1-FRA&cd8=1671183179&cd40=Active&cd46=Active&z=911467560

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 03:44:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20932
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
cm.nordvpn.com/ 35 B
89 B 179ms
178ms Image
image/gif 104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?v=1&_v=j98&a=505430462&t=event&ni=0&_s=8&dl=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&ul=en-us&de=UTF-8&dt=Einer%20der%20besten%20VPN-Anbieter%20online%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Countdown&el=Activated.10&ev=0&_u=aODACUAjBAAAAGAEOI~&jid=&gjid=&cid=ecc06ff6-58d2-4804-aac1-18233eecfdb2&tid=UA-42858496-52&_gid=1548034435.1671183180&_fplc=0&gtm=2oubu0&cd7=77a66a33d25d8fd1-FRA&cd8=1671183179&cd40=Active&cd46=Active&z=1612929902

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.49.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:33:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 77a66a3c49548fd1-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 61ms
60ms Image
image/gif 2a00:1450:400d:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-42858496-1&cid=1045131646.1671183180&jid=1131947838&_u=aODAiUAjBAAAAGAEOI~&z=649458714

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:33:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 34ms
34ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-42858496-1&cid=1045131646.1671183180&jid=1131947838&_u=aODAiUAjBAAAAGAEOI~&z=649458714

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:33:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
servedby.flashtalking.com/spot/1/26275;132023;14586/ Frame E3A1 42 B
342 B 80ms
23ms Image
image/gif 104.109.57.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://servedby.flashtalking.com/spot/1/26275;132023;14586/?spotName=Retargeting_Event_Snippet&cachebuster=1852945692

Requested by

Host: 12123059.fls.doubleclick.net
URL: https://12123059.fls.doubleclick.net/activityi;dc_pre=CIeMxL7q_fsCFQlJHgId3tIC2w;src=12123059;type=retar0;cat=purea0;ord=732160555755;gtm=2wgbu0;auiddc=1337364386.1671183180;~oref=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822?

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.109.57.2 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-57-2.deploy.static.akamaitechnologies.com

Software

prod-xre-app3.frk11 /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12123059.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Dec 2022 09:33:00 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app3.frk11
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 42
Expires: Fri, 16 Dec 2022 09:33:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame E3A1 4 KB
2 KB 76ms
21ms Script
application/x-javascript 108.157.1.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: 12123059.fls.doubleclick.net
URL: https://12123059.fls.doubleclick.net/activityi;dc_pre=CIeMxL7q_fsCFQlJHgId3tIC2w;src=12123059;type=retar0;cat=purea0;ord=732160555755;gtm=2wgbu0;auiddc=1337364386.1671183180;~oref=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.1.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-1-118.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12123059.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 15 Dec 2022 15:54:34 GMT
Content-Encoding: gzip
Via: 1.1 d45a8c6f9f33ed6e98c7762d0a4f951a.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-P2
Age: 63507
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: gXM7ps9me3bR13B6VoSEARuBr3zh4F0IGcpCHmF1R3t1dEAOOZ2BZw==

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame E3A1 70 B
261 B 144ms
46ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=cyfpmts&ct=0:jf8p7o8&fmt=3
Requested by: Host: 12123059.fls.doubleclick.net
URL: https://12123059.fls.doubleclick.net/activityi;dc_pre=CIeMxL7q_fsCFQlJHgId3tIC2w;src=12123059;type=retar0;cat=purea0;ord=732160555755;gtm=2wgbu0;auiddc=1337364386.1671183180;~oref=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12123059.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 16 Dec 2022 09:33:00 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 dc_pre=CIeMxL7q_fsCFQlJHgId3tIC2w;src=12123059;type=retar0;cat=purea0;ord=732160555755;gtm=2wgbu0;auiddc=*;~oref=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%...
adservice.google.com/ddm/fls/z/ Frame E3A1 42 B
494 B 111ms
58ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIeMxL7q_fsCFQlJHgId3tIC2w;src=12123059;type=retar0;cat=purea0;ord=732160555755;gtm=2wgbu0;auiddc=*;~oref=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12123059.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 09:33:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 365D 0
181 B 46ms
46ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=cyfpmts&ref=https%3A%2F%2Fnordvpn.com%2F&upid=d0g72j6&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://12123059.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Fri, 16 Dec 2022 09:33:00 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

POST collect
cm.nordvpn.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: coolrom.com.au
URL: https://coolrom.com.au/js/jquery-scrolltofixed-min.js

Domain: cm.nordvpn.com
URL: https://cm.nordvpn.com/g/collect?v=2&tid=G-LEXMJ1N516&gtm=2oebu0&_p=505430462&cid=1045131646.1671183180&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1671183179&sct=1&seg=0&dl=https%3A%2F%2Fnordvpn.com%2Fde%2F%3Futm_medium%3Daffiliate%26utm_term%26utm_content%3DCoolROM_Alert%26utm_campaign%3Doff30%26utm_source%3Daff29822&dr=https%3A%2F%2Fcoolrom.com.au%2F&dt=Einer%20der%20besten%20VPN-Anbieter%20online%20%7C%20NordVPN&_s=2

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.coolrom.com/	1970-01-20 08:56:15	Name: lang Value: de
.coolrom.com.au/	1970-01-20 08:56:15	Name: lang Value: de
.coolrom.com.au/	1970-01-20 08:17:22	Name: alert Value: 1
.coolrom.com.au/	1970-01-20 17:49:03	Name: _ga Value: GA1.3.1935849692.1671183178
.coolrom.com.au/	1970-01-20 08:14:29	Name: _gid Value: GA1.3.2086067199.1671183178
.coolrom.com.au/	1970-01-20 08:13:03	Name: _gat_gtag_UA_3213938_1 Value: 1
coolrom.com.au/	1969-12-31 23:59:59	Name: aasd Value: 1%7C1671183178206
coolrom.com.au/	1969-12-31 23:59:59	Name: __aaxsc Value: 2
go.nordvpn.net/	1970-01-20 09:10:39	Name: enc_aff_session_30 Value: ENC039dc5ca46709dd293f08614823e638b58c2f3fd5215b10284bd0d46ddbb83ba16aeffbccfd2a12faa27b588edb7240c90b845aa16e1bdc73f354f545e59c09c57a3375d78acdbc2cb72165f3ff8f1c7b3fbc345001a944b353dc1eb53eb4f1476d819b89996410440a7f9fdf76b6a0d5996d5060d4a098289d29610c5daeb2d07880f60ebed80151783e6f2306ff17f43ac93e4cf3ea5636e75704a02ec5f9d6b26004aac
go.nordvpn.net/	1970-01-20 17:49:03	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDgiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEwOC4wLjUzNTkuMTI0IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
.aaxads.com/	1970-01-20 16:58:39	Name: aax-vsid Value: 3141847785555544000V10
.nordvpn.com/	1970-01-20 08:56:15	Name: aff_id Value: 29822
.nordvpn.com/	1970-01-20 08:56:15	Name: aff_transaction_id Value: 102a284909017df49f82436be11fdd
.nordvpn.com/	1970-01-20 08:56:15	Name: nordvpn_aff_id Value: 29822
.nordvpn.com/	1970-01-20 08:56:15	Name: nordvpn_aff_transaction_id Value: 102a284909017df49f82436be11fdd
.nordvpn.com/	1970-01-20 08:13:04	Name: __cf_bm Value: f9DwjqcOy1myR0I2Oj3HRbYU6CKQwTvcG8vI5JwHjz0-1671183178-0-Acpd4zdPR90jj0PU88o8hnUWo+SppgwkKInvRcldbuFENutnq0KHnSPsJHcA93mKaPZDLGPZgRW8y8dfF3eXf0M=
coolrom.com.au/	1970-01-20 08:13:04	Name: _dd_s Value: rum=0&expire=1671184078153
.nordvpn.com/	1970-01-20 16:58:39	Name: locale Value: de
.nordvpn.com/	1970-01-20 17:49:03	Name: nord_countdown Value: 1671217943248
.nordvpn.com/	1970-01-20 17:49:03	Name: nord_countdown_iteration Value: 10
.nordvpn.com/	1970-01-20 17:49:03	Name: nord_countdown_seen Value: 1
.nordvpn.com/	1970-01-20 12:35:07	Name: FirstSession Value: source%3Daff29822%26campaign%3Doff30%26medium%3Daffiliate%26term%3D%26content%3DCoolROM_Alert%26hostname%3Dnordvpn.com%26date%3D20221216%26query%3Dnull
.nordvpn.com/	1970-01-20 12:35:07	Name: CurrentSession Value: source%3Daff29822%26campaign%3Doff30%26medium%3Daffiliate%26term%3D%26content%3DCoolROM_Alert%26hostname%3Dnordvpn.com%26date%3D20221216%26query%3Dnull
.nordvpn.com/	1970-01-20 08:23:07	Name: font-css-en Value: true
.nordvpn.com/	1970-01-20 10:22:39	Name: _gcl_au Value: 1.1.1337364386.1671183180
.nordvpn.com/	1970-01-20 08:14:29	Name: _gid Value: GA1.2.2125833069.1671183180
.nordvpn.com/	1970-01-20 08:13:03	Name: _gat_gtag_UA_42858496_1 Value: 1
.nordvpn.com/	1970-01-20 17:49:03	Name: nextbid Value: GA1.2.ecc06ff6-58d2-4804-aac1-18233eecfdb2
.nordvpn.com/	1970-01-20 08:14:29	Name: nextbid_gid Value: GA1.2.1548034435.1671183180
.nordvpn.com/	1970-01-20 08:13:03	Name: _gat_gtag_UA_42858496_52 Value: 1
.nordvpn.com/	1970-01-20 10:22:39	Name: FPAU Value: 1.1.1337364386.1671183180
.nordvpn.com/	1970-01-20 17:49:03	Name: _ga Value: GA1.2.1045131646.1671183180
.nordvpn.com/	1970-01-20 17:49:03	Name: _ga_LEXMJ1N516 Value: GS1.1.1671183179.1.1.1671183180.59.0.0
.nordvpn.com/	1970-01-20 08:13:03	Name: _dc_gtm_UA-42858496-1 Value: 1
.doubleclick.net/	1970-01-20 17:34:39	Name: IDE Value: AHWqTUlHbXA1AMqRCbPquIgeUUSC_HydLHj3FeVMrbcDP86UU1sZta4wsDdDo9aUJ1Y

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12123059.fls.doubleclick.net
adservice.google.com
ajax.googleapis.com
c.aaxads.com
c21lg-d.media.net
cm.nordvpn.com
coolrom.com
coolrom.com.au
go.nordvpn.net
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
l3.aaxads.com
nordvpn.com
s1.nordcdn.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
spn-v1.revampcdn.com
stats.g.doubleclick.net
visit.nordvpn.com
www.aaxdetect.com
www.datadoghq-browser-agent.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
cm.nordvpn.com
coolrom.com.au
104.109.57.2
104.17.49.74
108.157.1.118
142.250.185.198
151.101.193.91
18.66.248.223
184.51.84.249
184.51.85.237
23.35.228.23
2606:4700:10::ac43:4e7
2606:4700:3034::6815:5779
2606:4700:3034::ac43:8f4a
2606:4700:3108::ac42:286b
2606:4700::6811:a71e
2a00:1450:4001:809::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:400d:807::2002
2a00:1450:400d:80e::2004
2a00:1450:4025:401::9b
35.71.131.137
52.16.200.194
06de8124acb7323a1f7ee86026de19da5fa8bf87196968f7bdc4f11ac85353ec
09781b5bb4f268166f145ba7ec217e639631ac75bc952de5e6293cf14327925c
0ac14e2aa10fadd38fa180ceac3e55e5f2c849035b1fa5c021f0b98d1c6856fd
0acc7761130881ec8bc4031fa28505d071d1c6c6f65fe1ea2490b4e5139db63d
1d2c812bfaf38addc5e67ccec39a25b4c91218d5c9a46b96d19b25ac381d9250
38d18d8c6ab204062eedcb2980b6bfe059578f042c81bd0a17599853a5dd9cc4
43392d85def22d0195575d75fa1e538e7669c70a20736ffd49db162a36362c40
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
480ef0e2aa71b1ce3787ffe6b798e7d39d24b84c5eb098b7643b0eaefc045465
488f6c8d07cf99844634c770d5ceb7306403f42fad6132e34388c71b1d795cc7
493647a1e3d00d8314d6d65d476354b74c6e8148a4d3a8346090c3a273a3be8a
61d2bf3aa4b939301a3046a5ec9aca05533dd7091342a36afe2b321886cd0c8a
6348cc3eb4b66b9e78f2400137101065d18c1b8dfd685a77ba42f28256c92ea4
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
7ad20dd36cacac4881b1c436c1371889716db9d3f4aa68ad75ae271338cd4c5d
7be582ed8248a836ad258e13b86e51273b2515f6fa2d73e83fe2096716a30d2e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
867285c239048863ae0da1e8ad72376c7494cdad435b2ca3f37a5dd38fa4fdaf
87194192f69885b261d6b17e2d47ed02b53699ca07a5b2665a5a16af163a43dc
8727c71f4728b6602235e5955f077d24dfcf02ec17f6d7ad7754dd7cd6c04ad3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
96043f2902775b9903b1880464403573442b2abcfae52de51771388149f84147
99cd4eb12bffb7511bb4d4af96e8955799bfe88e04a86c4f05774d4cf7876f41
9d77e6487d0d5631b727be84c5ddeb3524824a0972de4d1eefa2b733896ea20a
a1c0dca5a0594f0358c4aacbd4e5d9ece3717414892fc9bd496c95dbb6d6ea68
a1f389a4a583504e955a630f2dc66ba3ef895fed89b6c6477f30fef9e09fd631
a62ae4c89743dc201c7f1bbf696700979e3aa721960ec38ac7bb87e9873f965c
af3be6627918c04cf3707b1a4f91dae67554c4a6a14be9888cc6b8a45595b321
b371c18f48e2a0fcde36d514967fc00f4373eb78473fea3d61da38626bbcc09e
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b8ffbee1e4f7d9ae71e33629c1d60288ad2e600ddccfe28acc7c4b0a94a14dbd
ba8d3bc86cfeb01c383756c7e9ce1047457199493d27da9508fb12456dcb3360
c62507275d507ed10e41c289aa857c351d99215b23a8f2921d4bbb964cc9d656
c653e441ae1cfe405cd2c68b389bf7d6927b55409dfa1264bf56154b20f8e637
d2ce5e9649172a30b614b52ab60c01d7620cab645526a13b8e391c2713dc3313
d48e49fc0a609fd2b9fb99587b6bd75dd2656b7fe316e0f3631f89d48a9e52f6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4144e519b9d4cf123fe54478ee3e26b5eb4c47bc86f56d80a0d5a97172253bf
edc12bc907c10f796a3d4a2cfcf5715ccd6498f80322d22e94c67ed2731b9988
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04ee7b0722e25032ba99c6394208520439cb04115a421b6294d6d27235cf92c
f27c105f1c08f497757a1daf912c840c0f562a9448c78ae1272c8860c6146653
f87f46055339523542d49302a1f7665e2e217654516f0681f963c375249f3107
f9c88d196e9ff61e257364d7fe0bcb83f22efe74b2259758d333d22358cb2264
fd9b83d969598ffb39bd1aeb648f6c3cc0cc8d3eb52bdc81595eabed74060d34
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

nordvpn.com Open in urlscan Pro 104.17.49.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

101 Requests

98 %HTTPS

56 %IPv6

18 Domains

26 Subdomains

23 IPs

5 Countries

1419 kBTransfer

3756 kBSize

35 Cookies

28 Outgoing links

Page URL History

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nordvpn.com Open in urlscan Pro
104.17.49.74 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

98 %
HTTPS

56 %
IPv6

18
Domains

26
Subdomains

23
IPs

5
Countries

1419 kB
Transfer

3756 kB
Size

35
Cookies

101 HTTP transactions
5 data transactions