urlscan.io logo urlscan.io
SecurityTrails logo

support.nordvpn.com Open in urlscan Pro
104.16.51.111  Public Scan

Go To Rescan Add Verdict Report
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Submission: On March 22 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 2 countries across 15 domains to perform 78 HTTP transactions. The main IP is 104.16.51.111, located in and belongs to CLOUDFLARENET, US. The main domain is support.nordvpn.com.
TLS certificate: Issued by R3 on March 15th 2024. Valid for: 3 months.
This is the only time support.nordvpn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 7 104.16.51.111 13335 (CLOUDFLAR...)
17 104.18.70.113 13335 (CLOUDFLAR...)
2 104.18.72.113 13335 (CLOUDFLAR...)
7 142.250.67.14 15169 (GOOGLE)
11 104.17.207.237 13335 (CLOUDFLAR...)
5 142.250.66.168 15169 (GOOGLE)
8 172.217.24.46 15169 (GOOGLE)
1 142.251.175.154 15169 (GOOGLE)
5 172.217.24.35 15169 (GOOGLE)
2 5 172.217.24.34 15169 (GOOGLE)
1 172.217.24.38 15169 (GOOGLE)
4 142.250.67.10 15169 (GOOGLE)
2 172.217.24.36 15169 (GOOGLE)
1 172.217.24.54 15169 (GOOGLE)
1 142.250.67.1 15169 (GOOGLE)
2 104.19.159.190 13335 (CLOUDFLAR...)
2 104.16.208.203 13335 (CLOUDFLAR...)
78 18
7    104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)
support.nordvpn.com
nordvpn.zendesk.com
17    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
theme.zdassets.com
2    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
p17.zdassets.com
7    142.250.67.14 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f14.1e100.net
www.google-analytics.com
11    104.17.207.237 (None, )

ASN13335 (CLOUDFLARENET, US)
s1.nordcdn.com
5    142.250.66.168 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s22-in-f8.1e100.net
www.googletagmanager.com
8    172.217.24.46 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f46.1e100.net
www.youtube.com
1    142.251.175.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f154.1e100.net
stats.g.doubleclick.net
5    172.217.24.35 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f35.1e100.net
fonts.gstatic.com
www.google.com.au
www.gstatic.com
5    172.217.24.34 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f34.1e100.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
ade.googlesyndication.com
1    172.217.24.38 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f6.1e100.net
static.doubleclick.net
4    142.250.67.10 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f10.1e100.net
jnn-pa.googleapis.com
2    172.217.24.36 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f4.1e100.net
www.google.com
1    172.217.24.54 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f22.1e100.net
i.ytimg.com
1    142.250.67.1 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f1.1e100.net
yt3.ggpht.com
2    104.19.159.190 (None, )

ASN13335 (CLOUDFLARENET, US)
tracy.nordvpn.com
cm.nordvpn.com
2    104.16.208.203 (None, )

ASN13335 (CLOUDFLARENET, US)
tracy.nordvpn.com
cm.nordvpn.com
Apex Domain
Subdomains		 Transfer
19 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 3546
p17.zdassets.com — Cisco Umbrella Rank: 136320
theme.zdassets.com — Cisco Umbrella Rank: 17325
394 KB
11 nordcdn.com
s1.nordcdn.com — Cisco Umbrella Rank: 137187
118 KB
10 nordvpn.com
support.nordvpn.com
tracy.nordvpn.com
cm.nordvpn.com — Cisco Umbrella Rank: 242288
39 KB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 78
1015 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
43 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
402 KB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 293
41 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
48 KB
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 195
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
static.doubleclick.net — Cisco Umbrella Rank: 365
2 KB
3 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 143
ade.googlesyndication.com — Cisco Umbrella Rank: 331
1 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 5
21 KB
1 google.com.au
www.google.com.au — Cisco Umbrella Rank: 18613
408 B
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 211
2 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 108
40 KB
1 zendesk.com
nordvpn.zendesk.com
801 B
78 15
Domain Requested by
11 s1.nordcdn.com support.nordvpn.com
9 theme.zdassets.com support.nordvpn.com
8 www.youtube.com support.nordvpn.com
www.youtube.com
8 static.zdassets.com support.nordvpn.com
static.zdassets.com
7 www.google-analytics.com support.nordvpn.com
www.google-analytics.com
www.googletagmanager.com
6 support.nordvpn.com 1 redirects static.zdassets.com
support.nordvpn.com
5 www.googletagmanager.com support.nordvpn.com
www.googletagmanager.com
4 jnn-pa.googleapis.com www.youtube.com
2 ade.googlesyndication.com 1 redirects
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 cm.nordvpn.com www.googletagmanager.com
2 tracy.nordvpn.com s1.nordcdn.com
2 www.google.com www.youtube.com
support.nordvpn.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 fonts.gstatic.com www.youtube.com
2 p17.zdassets.com support.nordvpn.com
1 www.google.com.au support.nordvpn.com
1 pagead2.googlesyndication.com www.googletagmanager.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 stats.g.doubleclick.net www.google-analytics.com
1 nordvpn.zendesk.com 1 redirects
78 23
Subject Issuer Validity Valid
support.nordvpn.com
R3		 2024-03-15 -
2024-06-13		 3 months crt.sh
zdassets.com
E1		 2024-03-03 -
2024-06-01		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.nordcdn.com
AlphaSSL CA - SHA256 - G4		 2023-02-28 -
2024-03-31		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.nordvpn.com
AlphaSSL CA - SHA256 - G4		 2023-09-18 -
2024-10-19		 a year crt.sh
*.google.com.au
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Frame ID: 68EB24C8284A8A7F61D3762BDCE912D9
Requests: 58 HTTP requests in this frame

Frame: https://www.youtube.com/embed/4KosNCHMPDQ
Frame ID: 4F23728F4B4EC384299F6DD1B8164DE1
Requests: 20 HTTP requests in this frame

Frame: https://support.nordvpn.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js
Frame ID: 7630C20E5A3CB8D45EC239231F5B47E4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NordVPN Kill Switch: how does it work – Live Chat, VPN Setup, Troubleshooting | NordVPN Customer Support

Detected technologies

Overall confidence: 100%
Detected patterns
  • react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

78
Requests

94 %
HTTPS

0 %
IPv6

15
Domains

23
Subdomains

18
IPs

2
Countries

2269 kB
Transfer

6762 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://nordvpn.zendesk.com/auth/v2/host/without_iframe.js HTTP 302
  • https://static.zdassets.com/auth/111e8e6e01b3952840fd6ff2ae791fb522c67b19/v2/host-without-iframe.js
Request Chain 38
  • https://support.nordvpn.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://support.nordvpn.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js
Request Chain 49
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 80
  • https://ade.googlesyndication.com/ddm/activity/src=12123059;type=retar0;cat=purea0;ord=7790442422441;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;gtm=45fe43k0z86894354za201;gcs=G101;gcd=13p3t3p3p5;dma_cps=-;dma=0;epver=2;~oref=https%3A%2F%2Fsupport.nordvpn.com%2Fhc%2Fen-us%2Farticles%2F19509682644369-NordVPN-Kill-Switch-how-does-it-work HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=12123059;dc_pre=CPPyybSph4UDFf9DwgUdRqAObQ;type=retar0;cat=purea0;ord=7790442422441;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;gtm=45fe43k0z86894354za201;gcs=G101;gcd=13p3t3p3p5;dma_cps=-;dma=0;epver=2;~oref=https%3A%2F%2Fsupport.nordvpn.com%2Fhc%2Fen-us%2Farticles%2F19509682644369-NordVPN-Kill-Switch-how-does-it-work

78 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 19509682644369-NordVPN-Kill-Switch-how-does-it-work
support.nordvpn.com/hc/en-us/articles/ 		125 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ac766f4460e894672f491e8d1f53a4059c737b46fe7b824b3eff848a90a8505
Security Headers
Name Value
Strict-Transport-Security max-age=259200; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, public
cf-cache-status
EXPIRED
cf-ray
868463e22e7da95b-SYD
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Fri, 22 Mar 2024 07:15:24 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
protocol
HTTP/1.1 always
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZEHOBBOv%2F80R9sZdklOzUF49dkgd0HPHOsV1s9k7wsZhxKUISXhBMUeXM1pu0WEFl6l157aSnHUwJwWO8bmLRp3YFc1KS4RjyDIbdUdE4eirlaKo%2B6QvBXbR%2FCWsQe%2BBVqLBWDU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=259200; includeSubDomains
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-request-id
868463e25386a95b-SYD
x-runtime
0.293004
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
x-zendesk-origin-server
app-server-5f87c44884-84whg
x-zendesk-processed-host-header
support.nordvpn.com
application-f897d93bd06b67f136ea5da710f56464.css
static.zdassets.com/hc/assets/ 		50 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/hc/assets/application-f897d93bd06b67f136ea5da710f56464.css
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ad448d0d9672487a2d7821e7c12b092282eb14c395bfcda618d3bc671d9184b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
x-amz-version-id
Kcd0ggzQYIDH8bp_13djh9ZxXHgxNUkg
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
BNRWM028D6MMYCNM
age
28483
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
KeNUce3WFeHKWp5EIIa03NeoOvCxWUrpWqRTiBGLzoMTQw3PQ+kjkoCDuaQZqhk1Xmy8Zsw+Gks=
last-modified
Wed, 13 Dec 2023 12:14:55 GMT
server
cloudflare
etag
W/"3971b5e792f22d425667124dace193d6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dei40wpJfoLv1b8YHkeI5Uw%2BsizRiBt87fJHLqYGgxnMNy2NR7g%2BbobYBzRS2uJgjvHlqOcnKgYCEicQmc%2B0Xa40hcdbA0zwjwA4OPN95HaesMPoHVEEXl1xUOiWOA1jrGV7hr0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=604800
access-control-max-age
0
cf-ray
868463eb98946a6f-SYD
access-control-allow-headers
*
style.css
p17.zdassets.com/hc/theming_assets/757086/445532/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p17.zdassets.com/hc/theming_assets/757086/445532/style.css?digest=23516185044753
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
482ddb997d025e240b52669b92ab944d40d47532098602920bf636ab03412613
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65956
x-zendesk-origin-server
app-server-7f58dc948d-r9qhx
protocol
HTTP/1.1 always
x-request-id
867e0d60ca7b23bf-LHR
x-ua-compatible
IE=edge
x-runtime
0.010029
server
cloudflare
etag
W/"482ddb997d025e240b52669b92ab944d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6reY2KsLHy4zEVl2xL6xKFN4U3DB5fH9e0V%2FJtEEFDmhFe9HUGk5aBthH3Jxq%2B1b4zJClKAf4JOhWPOQd9ev22ENzR6hzNZD08ugX7kv8z7R75QQi6N314haF5l4aGRa1yE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=604800, public
x-zendesk-processed-host-header
p17.zdassets.com
cf-ray
868463eb9edc571d-SYD
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Mar 2024 06:00:55 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4469
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 22 Mar 2024 08:00:55 GMT
75a0c2bab9820c5423741d449b733f60ffc3aad2.js
theme.zdassets.com/theme_assets/757086/ 		125 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://theme.zdassets.com/theme_assets/757086/75a0c2bab9820c5423741d449b733f60ffc3aad2.js
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb31d9603375dc87cb940c5839ab131e7fe5a95fd01db82124e4a5a5f63904f4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
x-amz-version-id
srBnMWmcvp2T5I_QIDy8m3.88WBtHBfQ
via
1.1 28cc33f6d1fa8bfd0cce12161c7d5e90.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-cf-pop
SYD62-P1
age
69255
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 01 Mar 2024 06:52:49 GMT
server
cloudflare
etag
W/"2cc5e14ee2c7a166e42132c6dcb43238"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GFsp7eNhSXqo8FbXSCa2RfXJBFrEMMEIdQ5uX1Be7%2F5gaRtWhHkNJjz4fL07uJNqAyzNuHn0XbUF3jIX1MeAGTyQ2xqANrEaens5GXFQVP%2FMJADQfXvTfMEtwWI7saFFlLPLSg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray
868463eb9c1da870-SYD
x-amz-cf-id
8vJk0QKsT1VT3DYt5pd4RrDvexUPI-HvlH83pRY8Kea34nLo0SdO6g==
index.js
s1.nordcdn.com/nord/tracy/1.18.0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordcdn.com/nord/tracy/1.18.0/index.js?collectorUrl=https://tracy.nordvpn.com/v1/collect&project=nordvpn
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.207.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d67566a6d059a005a910e6e8415111a3447eae999f78a42db5c42edbb83351d1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 31 Jul 2023 09:14:56 GMT
server
cloudflare
age
571
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
868463ee3b7c55b1-SYD
expires
Tue, 24 Sep 2024 07:15:24 GMT
js
www.googletagmanager.com/gtag/ 		270 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.168 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s22-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
361116b744686bc1d69d4b5a673a37e3bbba7f347ca1abb14707439e240cf3d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93961
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 22 Mar 2024 07:15:24 GMT
c9d9b07f425a70401b6753af4a2b9e00ccc57e72.css
theme.zdassets.com/theme_assets/757086/ 		130 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://theme.zdassets.com/theme_assets/757086/c9d9b07f425a70401b6753af4a2b9e00ccc57e72.css
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
febc8786679a812f7134423f57e93d6b522d1c5ba43df80ab15fbd840c36dfec
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
x-amz-version-id
Me0uYB8gXRcQ1yVDvwAou0ANcJT2pXQd
via
1.1 d565d9b03fa73bc2ae98eaadac0992b6.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-cf-pop
SYD62-P1
age
22563
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 22 Nov 2023 12:26:12 GMT
server
cloudflare
etag
W/"01cf5a5ef3e5294c8c0514ccb76796f2"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mX7e9uHd%2FSzs%2FrKzV76wnneOlq143awnLEXxguBpwZV3meKfmr%2BS4Erpm9Ez2EoMtlO585KZJCGXzpCLhpiPo6jNgeyq4hASghNg%2FLEQdtLLDwNtyE9P7LjRQEuzTuIckRdRxg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray
868463eb8c17a870-SYD
x-amz-cf-id
SRyNP9XyaFPjpruocrpu2oUfJxlRxGzA6O69ynGDrOrRGXWbRGiCWA==
share-light.svg
s1.nordcdn.com/nordvpn/media/1.2215.0/images/global/icons/32/ 		639 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.nordcdn.com/nordvpn/media/1.2215.0/images/global/icons/32/share-light.svg
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.207.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a453e0395b07040023cbfc111d724161c5a8f0776abfc1e094e655550f27d199
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 28 Feb 2024 10:04:53 GMT
server
cloudflare
etag
W/"65df0545-27f"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=16070400, immutable
cf-ray
868463ee3b7f55b1-SYD
15baa2c931e7ca63dbd077f983043a7e2b3595d8.js
theme.zdassets.com/theme_assets/757086/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://theme.zdassets.com/theme_assets/757086/15baa2c931e7ca63dbd077f983043a7e2b3595d8.js
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b3b05ad5e6ca9b3090c18ba035f9a4c81424582c5c2c3251e826e30eb586964
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
x-amz-version-id
BTOxlLEmu4YDmWpAhQlLGDKY4guMhMpT
via
1.1 8746917a03e290c5d72efdb8c6127ca0.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-cf-pop
BNE50-P1
age
66005
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 19 Mar 2024 14:19:22 GMT
server
cloudflare
etag
W/"653c54b670289704c8b5f804161fb924"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cGqf5N61mX3tv9SSAM%2BA2Asv%2FoccgCJPKw0jUgQ7eSFWmU%2BZCqM%2FPcjyTr2Ir6cmaNyRZUV78SkdTtmYtlEgqGmo3neX1E4zLvT18WuMPzbefvfBnl4wUuxrkPrmJeowGMPO1w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray
868463eb9c1fa870-SYD
x-amz-cf-id
JPY_2LxrcMhi0OIptUkrZ2gCYOI4zzd7Od8LMkU8PJtuTI-g_EFhjg==
61a3414ed45bb4e8968c532c539363bbc9841487.js
theme.zdassets.com/theme_assets/757086/ 		350 B
712 B 		Script
General
Check archive.org
Download Go to
Full URL
https://theme.zdassets.com/theme_assets/757086/61a3414ed45bb4e8968c532c539363bbc9841487.js
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5338dc4e807bbe53f3e659ee50e4c7161bd90220f82075285a9792657860941
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
x-amz-version-id
h6D7mG4TUfpXOSuLubu2ijf1XxWMVT9z
via
1.1 2c789043412562398f09d18eaf511294.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-cf-pop
BNE50-P1
age
66005
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 19 Mar 2024 14:19:22 GMT
server
cloudflare
etag
W/"f4bd2400b702079c34dc243217dc442e"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pTzfr7hkCbV74r%2BSl9dquZ6RWLGa6hte0Dd%2BxgHjBGgf7DWD9Ifvw7qAjqvE%2FpTRmGosgJVWadQzrV0ZLeqHbP8qSF2P4e0BNcqGnQDi0sFm7fZRV1Mv31%2FipwQeJeBjYSOE2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
vary
Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-ray
868463eb9c1ea870-SYD
x-amz-cf-id
X2jw3HAmq6mG7Hbwk_xEW4Cd4qqTR58eDyMPbz-V-pGqsVwkOLoEvA==
5fc27300f67109d59d342a81996880f809c9f998.js
theme.zdassets.com/theme_assets/757086/ 		1017 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://theme.zdassets.com/theme_assets/757086/5fc27300f67109d59d342a81996880f809c9f998.js
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c0fdc3d7022cec1e834340c8e83357c98e4494d8d13f9fe1ecb73a0008c0979
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
x-amz-version-id
iTTLWDMbX4XPlVhgAfKTGXGhM0JlvVo.
via
1.1 206bcd2d76786979a1ef3816dcf17ca4.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-cf-pop
BNE50-P1
age
66005
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 19 Mar 2024 14:19:22 GMT
server
cloudflare
etag
W/"ea25d952ec5a88ea7637226507e917cc"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ynyeL%2FywnEllj5RmBFTtRnpdjLGPVYQYX%2B%2FB2uhuG4JHgqrkEViNNq886S35XEySlWPrM5DMoy%2BDVtCN9uX8TYDJg7%2BIXpHuMKo9UXtL9iN6MFQ1KJNluS6uZoUjzp16ShVZYA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray
868463ebcc4fa870-SYD
x-amz-cf-id
A2V_iJagDqu2i7YKFVepX726qVT0bFixrRHiynaxctgYUASlfn3kEA==
c5e2fa82427075132bb77a98a387c2f6c698db1b.js
theme.zdassets.com/theme_assets/757086/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://theme.zdassets.com/theme_assets/757086/c5e2fa82427075132bb77a98a387c2f6c698db1b.js
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11e968c6d89a11dba44b408c4b30bdd64f4f8c1397c51c92be3989a88fc5def7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
x-amz-version-id
FjlD7.EtERl5j1zJN_nSqTGe_XMcs0fc
via
1.1 4ff5ebb40845c5d8b0ad7d9897bd13b6.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-cf-pop
BNE50-P1
age
66005
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 15 Mar 2024 11:37:41 GMT
server
cloudflare
etag
W/"ceaa71c172a78ae2933a56a011ff7534"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OnuTH%2FcgpxtLm73xc4z1PXuliYnUOgnOrn40lfFq28Jl5H6W3Jqig%2BCXTID0QvNoPNq8eLmoT%2FLJcvKaveq81%2BJT76FBSNmHPMnwpt6VRsoztNVwCsQhL3W3slI4tQhek%2BBReQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray
868463ebec8ca870-SYD
x-amz-cf-id
Y5uhK4bZxwZF7H_4sJK-ASKqv-h8dq2nAHhfmSOALTyha8tiaUw03g==
8c1cca7ff958ddd7415a6663687895831ae54673.js
theme.zdassets.com/theme_assets/757086/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://theme.zdassets.com/theme_assets/757086/8c1cca7ff958ddd7415a6663687895831ae54673.js
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac9b1a79aaf02d16bcb453ee8b61bd3cf9c2f985fd90be07b9876b0591ebabb5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
x-amz-version-id
fPx2WqY2myoCga7pEjg3X5qUlpKi4dT8
via
1.1 48d8e85703699c2da097b0f28aa75248.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-cf-pop
BNE50-P1
age
66005
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 21 Mar 2024 12:45:09 GMT
server
cloudflare
etag
W/"da47167328018641b95aefd7aee280cf"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d8EY8XKXy%2B719TpcICZM%2BvINM8QZlvVYQftkN4Yp5usV6Ol%2BaIcuMZ0%2BpMImwRtWe08fMslZZ4LMNZif9XyhRi4RfgRreb5P%2B%2BIOqqhjazuQC%2BEwdYmTdSAB6w5rSHTttnvt2g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray
868463ebec8da870-SYD
x-amz-cf-id
fWlXyp1mBKFgshAPOJkv8ldKEbrRiA69KUbWX-69x49UosXgvD8evA==
app-store.svg
s1.nordcdn.com/nordvpn/media/1.1716.0/images/global/button/download-app/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.nordcdn.com/nordvpn/media/1.1716.0/images/global/button/download-app/app-store.svg
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.207.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4162231352f88f0904675cef19e9b395f0100dca5db6484ea76b3795f7c2a5af
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Oct 2022 12:27:32 GMT
server
cloudflare
age
571
etag
W/"6357d634-16d0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=16070400, immutable
cf-ray
868463ee3b7a55b1-SYD
google-play.svg
s1.nordcdn.com/nordvpn/media/1.1716.0/images/global/button/download-app/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.nordcdn.com/nordvpn/media/1.1716.0/images/global/button/download-app/google-play.svg
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.207.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6231bb7529593e2a2ae31067363878950393756a285fbc19b8a2f6b53a7d864
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Oct 2022 12:27:32 GMT
server
cloudflare
age
571
etag
W/"6357d634-1326"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=16070400, immutable
cf-ray
868463ee3b7b55b1-SYD
credit-cards.svg
s1.nordcdn.com/nordvpn/media/1.2145.0/images/global/logos/card/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.nordcdn.com/nordvpn/media/1.2145.0/images/global/logos/card/credit-cards.svg
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.207.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fd79e6f23c0335e42a361c852d5c723ddf4caca13d043f8a37d506cfe2be52e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 07:04:52 GMT
server
cloudflare
age
571
etag
W/"6566e294-2010"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=16070400, immutable
cf-ray
868463ee3b7855b1-SYD
unsupported-fallback.min.js
s1.nordcdn.com/nordvpn/3.816.0/js/ 		1 KB
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordcdn.com/nordvpn/3.816.0/js/unsupported-fallback.min.js
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.207.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38d18d8c6ab204062eedcb2980b6bfe059578f042c81bd0a17599853a5dd9cc4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Jan 2022 12:16:13 GMT
server
cloudflare
age
2216
etag
W/"61e8010d-465"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=16070400, immutable
cf-ray
868463ee5b9355b1-SYD
a4e7f949e3b9b345b11c834404ca9def1a80aaca.js
theme.zdassets.com/theme_assets/757086/ 		449 B
656 B 		Script
General
Check archive.org
Download Go to
Full URL
https://theme.zdassets.com/theme_assets/757086/a4e7f949e3b9b345b11c834404ca9def1a80aaca.js
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fddf3fc71000c1041d20cb2ae63264f7d94e2d00a48a0472f3d31ac2c25ab7fc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
x-amz-version-id
EsHLs0IxbzM_yoG9TGkdgxGLyhSPXllL
via
1.1 83584bf6ea773b47a6c16832ee18c23e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-cf-pop
BNE50-P1
age
66005
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 19 Mar 2024 14:19:22 GMT
server
cloudflare
etag
W/"2482d328c07a7f9c6c3d13b24962900e"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MoHnYN1jUwhRMylyGTsokKd3%2FYRL6PkYAxjhxTwDdlmk7Sa3K739MaW43fhUh9HufW5HBmE4%2FkI1aej8ulqZC%2FY1eHKt8jn5cZfcnR3UAwu6pAc1DdjK6HUWPJzGlcZBzHQ31Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
vary
Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-ray
868463ebec8fa870-SYD
x-amz-cf-id
L6fy19WG8Eh4I2Lw3Z-atBSLLiYbq1Ntl2kvtOnTJKsgYgQl3WXY6Q==
en-us.9a6c6b54c1f44cae0ddd.js
static.zdassets.com/hc/assets/ 		212 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/hc/assets/en-us.9a6c6b54c1f44cae0ddd.js
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cf6a7c1b044d609083c274ea1cdecdbf1ecd2c84c2e322329ba4adbff381ed9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
x-amz-version-id
R4t_bMqI.MQt85gEICmfR7LQJTU3_FN4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
X0H6MSDTPC2EJXFD
age
58997
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
oK3kOoFEtWvZ8z/SyLTgSC1vYdpTdzkFfc8DHpVNHawW+rePwxgh3omi2f9txoH4nXYgvrEGwi4=
last-modified
Mon, 18 Mar 2024 13:40:06 GMT
server
cloudflare
etag
W/"9a6c6b54c1f44cae0ddd2b781b41524e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j6Tmwj%2B1kM3JjgfQRawiZOWZ4Hs6yHf%2Bad4tFotuC32E6YLK8YfTL%2Fdr7auspehmt0Svz3r9GMw443UXxZ1o2XLJriVB4aMshZgn2NAFi0c1b9Kf16bMhBO5nogHpwbPcU7utyU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=604800
access-control-max-age
0
cf-ray
868463ebe8e76a6f-SYD
access-control-allow-headers
*
host-without-iframe.js
static.zdassets.com/auth/111e8e6e01b3952840fd6ff2ae791fb522c67b19/v2/
Redirect Chain
  • https://nordvpn.zendesk.com/auth/v2/host/without_iframe.js
  • https://static.zdassets.com/auth/111e8e6e01b3952840fd6ff2ae791fb522c67b19/v2/host-without-iframe.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/auth/111e8e6e01b3952840fd6ff2ae791fb522c67b19/v2/host-without-iframe.js
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f919bb8db7a2fe7126380d85836c540c3fc883cc4dff3f44ae1ecc697027a6c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
x-amz-version-id
KSmUWZZPaK1vsWrmUQVn23dSj1b63R2s
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
FRAXGHP6ZPRA1HG0
age
3818
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
YNhqtucY7tJICC0PGzRwtoOei7z0j4KI8KbXbhaqEUA25tLSupEfBuwCW0wnE3qESDc+xRI4JQ0=
last-modified
Wed, 25 Oct 2023 18:53:30 GMT
server
cloudflare
etag
W/"35166401913bc433e702156b229abb6d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QCBfs6CYgEpNi3rLljGSyVbyjgKNpea2S0XYlFfG5luiFWdR5xHImK%2F0tK7fjqsXc%2BcTZAW6%2F5FRY75dAVcoY5WBNyQs0oWpQNCJjPNcD0V9gEKsPQdhX%2FGZbJGQAbMossdPF18%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-max-age
0
cf-ray
868463ecb9d66a6f-SYD
access-control-allow-headers
*

Redirect headers

date
Fri, 22 Mar 2024 07:15:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
32749
p3p
CP="NOI DSP COR NID ADMa OPTa OUR NOR"
x-zendesk-origin-server
classic-app-server-5ff799f87-hb9gz
content-length
165
x-xss-protection
1; mode=block
x-request-id
868144618c97572f-SYD, 868144618c97572f-SYD
x-runtime
0.050438
server
cloudflare
x-zendesk-zorg
yes
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ccakf0dIsEBXUDwda2cTKY7xO4kqWeu%2FLAkdzSnCIPS2JP8c%2BJXvvov0bu3%2FFsr9VA8EMDZ0PFhg5wfSKE2vSyZ5cMlqlpGmLTdCrlvP4ORmKwUMvbf5dKlzaeeS0F1%2F8Y9Ryqs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
location
https://static.zdassets.com/auth/111e8e6e01b3952840fd6ff2ae791fb522c67b19/v2/host-without-iframe.js
cache-control
max-age=86400, public
cf-ray
868463ec0882a93b-SYD
hc_enduser-c3876b3ed5b8b941804fa6107c33cc80.js
static.zdassets.com/hc/assets/ 		602 KB
195 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/hc/assets/hc_enduser-c3876b3ed5b8b941804fa6107c33cc80.js
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca29399061d31aef72259df4ec495bf63e5a8b5bed86f83f1680934a46e97e25
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
x-amz-version-id
e3bmEHXk1uiCfnYh7OzycviN2v9Iy5B_
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
YQ60HQE3T4C4JH8M
age
237937
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
fJSGPxSogCMDB9oXBXWMkRCX4wz3/VEylZaaHsxkshCHocHEfIgcNmEZa8kkzZDkLS273IRFCmY=
last-modified
Tue, 19 Mar 2024 13:05:50 GMT
server
cloudflare
etag
W/"98b52b6a30cd6408926adc56cd0d53ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rMgTyuhlMPNCglDJ70wf85fx3ZaIZt7cATTNj1g9hzXn6hJMgr8coKbmES8iGwqv2FvG0YVz3MXzpjGSFzxO7oaMQd26xAPDR6B6jZ0oZATJdFydXpMFazgXQL%2BRvlQpseskH%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=604800
access-control-max-age
0
cf-ray
868463ebf8e96a6f-SYD
access-control-allow-headers
*
script.js
p17.zdassets.com/hc/theming_assets/757086/445532/ 		0
389 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p17.zdassets.com/hc/theming_assets/757086/445532/script.js?digest=23516185044753
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65956
x-zendesk-origin-server
app-server-7f58dc948d-6xfgx
protocol
HTTP/1.1 always
x-request-id
867e0d618bd223bf-LHR
x-ua-compatible
IE=edge
x-runtime
0.012479
last-modified
Thu, 21 Mar 2024 12:47:44 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fnc3eJyqmKWvGqgp5juLkAIVhMYcACRcbCDxSDXldGKI3Cf5Lc7Sfk8ePeT%2Fy3ckIKQWqZRh0cSK%2FOGxEn0rB%2BCUMmr1QSPRzu7EF0SzPdu%2FQMbjvxc1pCJu6J0bQN5K8SI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
max-age=604800, public
x-zendesk-processed-host-header
p17.zdassets.com
cf-ray
868463ebef29571d-SYD
gtm.js
www.googletagmanager.com/ 		332 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.168 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s22-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0c434255179af092069022c277bbdbf168568a92654de30f57116d62a26eb959
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113479
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 22 Mar 2024 07:15:24 GMT
en-woff2.css
s1.nordcdn.com/nord/misc/0.68.0/common/fonts/aurora/ 		139 KB
105 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s1.nordcdn.com/nord/misc/0.68.0/common/fonts/aurora/en-woff2.css
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.207.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f3ddfe69fc4b56e22639b5159b327592e9db7e394f9be71c022cfc8630b4e41
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Mar 2023 13:47:21 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
868463ee3b9ea801-SYD
expires
Tue, 24 Sep 2024 07:15:25 GMT
4KosNCHMPDQ
www.youtube.com/embed/ Frame 4F23 		89 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/4KosNCHMPDQ
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
ESF /
Resource Hash
59ac6cd177a06d562e967e9e8bfad4de347525143400b68c2cb59480719c6dc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://support.nordvpn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Mar 2024 07:15:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
353523e26d9d339d16abab432889b27560ada675.json
theme.zdassets.com/theme_assets/757086/ 		95 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://theme.zdassets.com/theme_assets/757086/353523e26d9d339d16abab432889b27560ada675.json
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccdb7b0f4fda59e6ecc2534c3999f70fdca75693cbbd5a6d014bba187f7b7acb
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
x-amz-version-id
A.up6pvTyeM_bSQX.cq5eWmM2pPiv51A
via
1.1 ddbdc753f03fb9542b090928fc2d074a.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-cf-pop
SYD62-P1
age
80339
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 28 Feb 2024 14:09:06 GMT
server
cloudflare
etag
W/"962c43b73032990d2256d26fe0ebec51"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=826787JMSCJcLi40PZdSlGHn6Kf%2Br1%2BVQ3ViqSn3rb%2BWzjY8lio78nZhkP%2Fs6zoTSWxSl8QLMXXdDdplLtGHUuMdmKk0Rb4rJxjiew3lc3yyUOSnKBE%2BZEv1TqiMouaJDmgCiA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray
868463ec4e29556f-SYD
x-amz-cf-id
FauWjvROj3a4N3O3P22j3XUuSvlk7hEn0kQvkMBlfiYJNRrnPsOczA==
truncated
/ 		448 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3707b45935eaa92da89634aa2e2a340a2ebbd0f08035f7f93fba1c58966a8b3f

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
VoteControls-fbf188ecf1c5f819550578468df0b333.js
static.zdassets.com/hc/assets/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/hc/assets/VoteControls-fbf188ecf1c5f819550578468df0b333.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-c3876b3ed5b8b941804fa6107c33cc80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed99f1be8e94c69733b9cfe19fb18d6072501f43b8ca3dde662eb05d27723d96
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
x-amz-version-id
8mly5GeAWG57SDNnP82hYeSaVYo88Pzh
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
R51M4TV6WJ90A16Z
age
23876
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
Op6l7ul3ylw0Qst2GtvS4sbmdrFszZtSeuxBBVPQJjJc7/K8FcVyNfq6TPzwlWVBYq0eNAGNxXY=
last-modified
Thu, 30 Nov 2023 13:04:21 GMT
server
cloudflare
etag
W/"d0154eb40865562f974460a5889fba5d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wdlmWYXEnqp2ybmols8sF%2BfnNqDFoyC0o2U%2BcDAw0DR%2FJ%2B4UldoVm8XxcBi8WuuGCdZfyInFJ6PJaRkdFFv5ftfZ6zpcKtwB4CH%2FWgPkRTxNo2gKH3t5VnUlui1ksMTFaRldmQc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=604800
access-control-max-age
0
cf-ray
868463ed2a2c6a6f-SYD
access-control-allow-headers
*
react-59929afd541f3d4213b2a81d773e1d73.js
static.zdassets.com/hc/assets/ 		135 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/hc/assets/react-59929afd541f3d4213b2a81d773e1d73.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-c3876b3ed5b8b941804fa6107c33cc80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84f0bdd85fef21051f9a2592bf767ba112d745949315a860b8d9af9b12ed4e5c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
x-amz-version-id
I7GY0e3wDnwyg0Wzz9dhJeA.9zxxZ63P
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
698TDXERZ5SZC9P4
age
132766
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
Lxmaim9Kq97tJj/X+pHQ58tQBIgdOlwNM1NidhALWuF/dgiDMlGgKmrW3L1SMHwZhvozkmxRGUg=
last-modified
Tue, 16 Jan 2024 13:32:06 GMT
server
cloudflare
etag
W/"369b985d745fd3baca53908699104a02"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jaNM2K7kbV1snAJtaBitq0QoaYvXwiGcgYIonhqBElK1QJ9allhM6m2RMbk8%2F10Q%2BsRnJrvTgZLo8r4sX6DT2elK08isX1yVYJhvlBxEdlUyuwqhCVgYLcBQBlRgfmuZboZRYeA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=604800
access-control-max-age
0
cf-ray
868463ed2a2d6a6f-SYD
access-control-allow-headers
*
61618-e00125bb003008fb81737a0eb569cb2b.js
static.zdassets.com/hc/assets/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/hc/assets/61618-e00125bb003008fb81737a0eb569cb2b.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-c3876b3ed5b8b941804fa6107c33cc80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
674b5cf8d02b7fcdf3274afd0363177c7a5016ad6820b53714fd886da97a38c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
x-amz-version-id
hoIIGkfOPU86DTEDKdcBXVvhoAJeBsRP
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
RTNWD1FJNJR7QT2E
age
23879
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
ok6VyKSViV41Bdr5xX7kOTxb7YUSlTWl6no/lCpi7nzDrOFPMNnQ8Xnm2u3BGJv566x3KXGSbhs=
last-modified
Thu, 30 Nov 2023 13:04:20 GMT
server
cloudflare
etag
W/"e5f85e6bd463e2e2730ee981abc816ab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Apyo2RBmZZA7BbMRBSUOZQ9c8bAdq%2FHOdSf6ID2Gc4TpjDX%2BLJL71mh2NNoOmPxIb6IR71kQxG3AyFoFb2OXHqekgewY2zV41ZIcEEF1ICJmc6EP22J076L5xlbK%2B1YBTlL8tK4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=604800
access-control-max-age
0
cf-ray
868463ed2a2e6a6f-SYD
access-control-allow-headers
*
subscribe-bcea9748128daed810dc1d824bcc210d.js
static.zdassets.com/hc/assets/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/hc/assets/subscribe-bcea9748128daed810dc1d824bcc210d.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-c3876b3ed5b8b941804fa6107c33cc80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a3789d87b04629a3296ef99f693037adbb8f5c8c76a0d3d76ed31a54babeb1f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
x-amz-version-id
.4Lbp15QtM6dhBXWoJitC7eTkepioeHB
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
2AZSB9ZS1A71F941
age
237513
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
stoiGA9fiep/1zSRnRvjlKveWgx9nUEv4RKug/Km15jkHjt2hdbdELTFzUSEMIzUDu1BJg7xZ98=
last-modified
Tue, 23 Jan 2024 10:57:48 GMT
server
cloudflare
etag
W/"ff27f27e6f093644d38df3b19332ee00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fnnTGKgRchxoNOP7zkYZNP1yk2DYp5nYX687eTd3JF9bHO8aIhXRm4Bz%2BbrpJ0im09P3pYg8YpHP7DqtdKcYDRRyswqcZfpLdtROSfTd6b1XFm21pDbUFSbtr2ueoVFn0zqkGXY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=604800
access-control-max-age
0
cf-ray
868463ed2a2f6a6f-SYD
access-control-allow-headers
*
view.json
support.nordvpn.com/api/v2/help_center/en-us/articles/19509682644369/stats/ 		0
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://support.nordvpn.com/api/v2/help_center/en-us/articles/19509682644369/stats/view.json
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-c3876b3ed5b8b941804fa6107c33cc80.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=259200; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
X-Requested-With
XMLHttpRequest
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
strict-transport-security
max-age=259200; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
app-server-5f87c44884-pvd6k
protocol
HTTP/1.1 always
x-xss-protection
1; mode=block
x-request-id
868463ed2cbea95b-SYD
x-ua-compatible
IE=edge
x-runtime
0.055450
server
cloudflare
x-zendesk-api-version
v2
x-zendesk-api-gateway
yes
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eaI4r%2B2dhtDpn%2BN2qR6sOj61M0ONBJ2IDU7g1t1Er7NhUzcQaO9gLhJu7K7ddiCVY2LraY%2FTFC6c%2FI9mSzJfwVrcF5zQWGMnG%2FKQsQt5GksmrYIvrAoFIKuW%2Bjt7KEEpHhQgP9o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://support.nordvpn.com
access-control-expose-headers
X-Zendesk-API-Warn
cache-control
no-cache
access-control-allow-credentials
true
x-zendesk-processed-host-header
support.nordvpn.com
cf-ray
868463ed2cbea95b-SYD
activity
support.nordvpn.com/hc/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://support.nordvpn.com/hc/activity
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-c3876b3ed5b8b941804fa6107c33cc80.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
868463ed4457a95b-SYD, 868463ed4457a95b-SYD
x-runtime
0.002165
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QoMZGhzQF%2FgjaBhISzLet8VTMkAhr464I6V%2FSPViStWTLs%2FDONnGCDXlcjPgUprFd%2FwRxTrNCsVfLqgQ%2BrKqOpgroWAOUngQxix1x27YyclDUB7FDzdnwo3BWkEMM%2FdREjvE1I8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
vary
Accept-Encoding
x-zendesk-zorg
yes
cf-ray
868463ed2cc3a95b-SYD
4c5e2ece-1b44-4855-8c54-4e7f31ec2182
https://support.nordvpn.com/ 		819 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://support.nordvpn.com/4c5e2ece-1b44-4855-8c54-4e7f31ec2182
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b54315aa20706ade20a86f6e6e84fdc06e18f4aa8a61f0584a30b717c3cfad9f

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length
819
Content-Type
facebook.svg
s1.nordcdn.com/nordvpn/media/1.2216.0/images/global/icons/24// 		540 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.nordcdn.com/nordvpn/media/1.2216.0/images/global/icons/24//facebook.svg
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.207.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
000cdaeb0a207c972470a7ff314fcba17c9ee680341b737e04e2601f2c7f9d53
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 29 Feb 2024 07:12:45 GMT
server
cloudflare
etag
W/"65e02e6d-21c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=16070400, immutable
cf-ray
868463ee5b9755b1-SYD
x-twitter.svg
s1.nordcdn.com/nordvpn/media/1.2216.0/images/global/icons/24// 		310 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.nordcdn.com/nordvpn/media/1.2216.0/images/global/icons/24//x-twitter.svg
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.207.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
114021b482955189a09d4fc27bbd37b2a17713583088d9c0d73fc73eda33f498
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 29 Feb 2024 07:12:45 GMT
server
cloudflare
etag
W/"65e02e6d-136"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=16070400, immutable
cf-ray
868463ee5b9855b1-SYD
linkedin.svg
s1.nordcdn.com/nordvpn/media/1.2216.0/images/global/icons/24// 		589 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.nordcdn.com/nordvpn/media/1.2216.0/images/global/icons/24//linkedin.svg
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.207.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e5bd1ced33d690040f0556553785d721fe3dd8a441376c88f5f77e1026550ee
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 29 Feb 2024 07:12:45 GMT
server
cloudflare
etag
W/"65e02e6d-24d"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=16070400, immutable
cf-ray
868463ee5b9955b1-SYD
files.svg
s1.nordcdn.com/nordvpn/media/1.2216.0/images/global/icons/24// 		589 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.nordcdn.com/nordvpn/media/1.2216.0/images/global/icons/24//files.svg
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.207.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9cfed476eeaec69caae049fdd4eecb68372fab6907125e4412103e47ee8a8f0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 29 Feb 2024 07:12:45 GMT
server
cloudflare
etag
W/"65e02e6d-24d"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=16070400, immutable
cf-ray
868463ee5b9a55b1-SYD
main.js
support.nordvpn.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/ Frame 7630
Redirect Chain
  • https://support.nordvpn.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://support.nordvpn.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://support.nordvpn.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
432e384398cae3aef622db77136392188a31e6ca48e20606fdbc311716e07387
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g3Hlqw6gc3buEdcLN96wKFzhW%2FknVxwkwF7RStA2L0CSg1tHTE0mogdOItD%2Bc%2BqI3KPBMWO%2Bkru4FXBszcNDR%2BDxUmOFiAOxyDvDOj2reVkaPI54iPptqVcwLY9z5GAzn%2FpijoQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
868463ed6d09a95b-SYD

Redirect headers

date
Fri, 22 Mar 2024 07:15:24 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TLtUMdELfk%2BC06tbqEvHYCo5b4qJvGLCLmfzVr%2FjbcSUtUbQzl5AAHAD0y%2FpA%2Bv%2BJDqABJHXV69lrMbOKymq8V8BuyRlx454%2FaNaJeYE287Z3FSJ38ujvtI6HUc7OQh3UAji0yE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js
cache-control
max-age=300, public
cf-ray
868463ed5cf5a95b-SYD
content-length
0
868463e22e7da95b
support.nordvpn.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 7630 		0
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://support.nordvpn.com/cdn-cgi/challenge-platform/h/b/jsd/r/868463e22e7da95b
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 22 Mar 2024 07:15:24 GMT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
868463ee5e4ea95b-SYD
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gEZqC5heSw8Y3lCWvkHO4Na3M4loIMWAqpIv%2BTrX9evxhcv9R7JslsXII07xA3CsXHXeU8OgxCutWmef1SvX47EIpqTR2KCaKPtf8it6eD12OnNHMvNGNovCH2GIT8CeEMUUrjk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
collect
www.google-analytics.com/j/ 		4 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=492349226&t=pageview&_s=1&dl=https%3A%2F%2Fsupport.nordvpn.com%2Fhc%2Fen-us%2Farticles%2F19509682644369-NordVPN-Kill-Switch-how-does-it-work&ul=en-us&de=UTF-8&dt=NordVPN%20Kill%20Switch%3A%20how%20does%20it%20work%20%E2%80%93%20Live%20Chat%2C%20VPN%20Setup%2C%20Troubleshooting%20%7C%20NordVPN%20Customer%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=891741822&gjid=741730568&cid=535897971.1711091725&tid=UA-42858496-9&_gid=394596909.1711091725&_r=1&_slc=1&z=940484887
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://support.nordvpn.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 07:15:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://support.nordvpn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		8 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-42858496-9&cid=535897971.1711091725&jid=891741822&gjid=741730568&_gid=394596909.1711091725&_u=IEBAAEAAAAAAACAAI~&z=1974251737
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://support.nordvpn.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 22 Mar 2024 07:15:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://support.nordvpn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-player.css
www.youtube.com/s/player/589f1394/ Frame 4F23 		371 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/589f1394/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4KosNCHMPDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
sffe /
Resource Hash
d3e9bc168bcafb793c1f88803b8d62bae049d099b4d59eb15117f060ecba8e44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/4KosNCHMPDQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 01:28:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
20815
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48009
x-xss-protection
0
last-modified
Mon, 18 Mar 2024 04:21:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 22 Mar 2025 01:28:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4F23 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4KosNCHMPDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f35.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 03:23:44 GMT
x-content-type-options
nosniff
age
13901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 Mar 2025 03:23:44 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4F23 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4KosNCHMPDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f35.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 03:16:24 GMT
x-content-type-options
nosniff
age
14341
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 Mar 2025 03:16:24 GMT
embed.js
www.youtube.com/s/player/589f1394/player_ias.vflset/en_GB/ Frame 4F23 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/589f1394/player_ias.vflset/en_GB/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4KosNCHMPDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
sffe /
Resource Hash
c85348eb7216378cc2051aa4302df48f967770db741cbb66337aedc006b09f00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/4KosNCHMPDQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 01:28:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
20814
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18060
x-xss-protection
0
last-modified
Mon, 18 Mar 2024 04:21:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 22 Mar 2025 01:28:30 GMT
www-embed-player.js
www.youtube.com/s/player/589f1394/www-embed-player.vflset/ Frame 4F23 		320 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/589f1394/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4KosNCHMPDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
sffe /
Resource Hash
42a4914076688cc439ac8dbf82ed794170e03ef887d68d999db2a712d5c8f1ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/4KosNCHMPDQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 01:27:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
20865
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97800
x-xss-protection
0
last-modified
Mon, 18 Mar 2024 04:21:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 22 Mar 2025 01:27:39 GMT
base.js
www.youtube.com/s/player/589f1394/player_ias.vflset/en_GB/ Frame 4F23 		2 MB
782 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/589f1394/player_ias.vflset/en_GB/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4KosNCHMPDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
sffe /
Resource Hash
99c8a946f57acad2389e1e2955cd35e0d4cbb76cae99a77dc5288c0269c53dc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/4KosNCHMPDQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 01:23:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21120
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
800536
x-xss-protection
0
last-modified
Mon, 18 Mar 2024 04:21:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 22 Mar 2025 01:23:24 GMT
js
www.googletagmanager.com/gtag/ 		139 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-42858496-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.168 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s22-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
46cbbe7bff0cbb2a5750d9065fbb8b66260a620f6d4fcd40b3617f7b10f55b8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
54266
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 22 Mar 2024 07:15:25 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 4F23
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4KosNCHMPDQ
Protocol
H2
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
c52dd7b64bd1d45ca8922242c85714561927c3c3b07cccdaeae3fdf66d8b01f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 22 Mar 2024 07:15:25 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 4F23 		29 B
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/589f1394/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f6.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:10:54 GMT
x-content-type-options
nosniff
age
271
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Mar 2024 07:25:54 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.10 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 22 Mar 2024 07:15:25 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4F23 		87 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/589f1394/player_ias.vflset/en_GB/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.10 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f10.1e100.net
Software
ESF /
Resource Hash
dffbc95b244429f2e6ea25f86b5a4e05bf3592ae04ca6b3ae6a0cddbf7eeb6f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 22 Mar 2024 07:15:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41553
x-xss-protection
0
remote.js
www.youtube.com/s/player/589f1394/player_ias.vflset/en_GB/ Frame 4F23 		117 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/589f1394/player_ias.vflset/en_GB/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/589f1394/player_ias.vflset/en_GB/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
sffe /
Resource Hash
f270f4fb19e26c1190c927ffe5a576d83682f655386e42774bb0ec6e1606ed6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/4KosNCHMPDQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 01:38:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
20244
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33798
x-xss-protection
0
last-modified
Mon, 18 Mar 2024 04:21:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 22 Mar 2025 01:38:01 GMT
WYTIt-NnTSB_Iq9CaAb1lyhgQsr3_6ssf6BwxEETdOI.js
www.google.com/js/th/ Frame 4F23 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/WYTIt-NnTSB_Iq9CaAb1lyhgQsr3_6ssf6BwxEETdOI.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/589f1394/player_ias.vflset/en_GB/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f4.1e100.net
Software
sffe /
Resource Hash
5984c8b7e3674d207f22af426806f597286042caf7ffab2c7fa070c4411374e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 01:32:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
20556
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20184
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 13:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 22 Mar 2025 01:32:49 GMT
sddefault.jpg
i.ytimg.com/vi/4KosNCHMPDQ/ Frame 4F23 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/4KosNCHMPDQ/sddefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4KosNCHMPDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f22.1e100.net
Software
sffe /
Resource Hash
457caa203bc49edae6d08c326cf2d90d2357bb1f87da61794358f37e61d2e19b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:26 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40058
x-xss-protection
0
server
sffe
etag
"1626762453"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 22 Mar 2024 09:15:26 GMT
truncated
/ Frame 4F23 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
75oNPQZSnKnc2PmJ9G_7F6VJwpEC3MfYhk7VLpPPhu2oazg4aXyzIYn28z1mnFrQIRCjFNS1_A=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 4F23 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/75oNPQZSnKnc2PmJ9G_7F6VJwpEC3MfYhk7VLpPPhu2oazg4aXyzIYn28z1mnFrQIRCjFNS1_A=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4KosNCHMPDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.1 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f1.1e100.net
Software
fife /
Resource Hash
259e873337a013b4ee71810aa70e1af087908e9539977f7f8c0e1ab4dbd55fe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 05:16:16 GMT
x-content-type-options
nosniff
age
7149
cross-origin-resource-policy
cross-origin
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2073
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 23 Mar 2024 05:16:16 GMT
collect
tracy.nordvpn.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tracy.nordvpn.com/v1/collect
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://support.nordvpn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
https://support.nordvpn.com
access-control-max-age
600
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
868463f31b5a6a48-SYD
content-length
0
date
Fri, 22 Mar 2024 07:15:25 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 06:56:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
1112
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 22 Mar 2024 07:56:53 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Mar 2024 06:00:55 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4470
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 22 Mar 2024 08:00:55 GMT
landing
pagead2.googlesyndication.com/pagead/ 		42 B
455 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G101&gcd=13p3t3p3p5&rnd=516192240.1711091725&url=https%3A%2F%2Fsupport.nordvpn.com%2Fhc%2Fen-us%2Farticles%2F19509682644369-NordVPN-Kill-Switch-how-does-it-work&dma_cps=-&dma=0&npa=1&gtm=45He43k0n71WX5CH8v6894354za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 07:15:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
destination
www.googletagmanager.com/gtag/ 		207 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-950534254&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.168 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s22-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b2ad7416559b58d169cafb789fa7bedec551ada44ccfe274e5bf638070b75366
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77007
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 22 Mar 2024 07:15:25 GMT
collect
tracy.nordvpn.com/v1/ 		0
302 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracy.nordvpn.com/v1/collect
Requested by
Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nord/tracy/1.18.0/index.js?collectorUrl=https://tracy.nordvpn.com/v1/collect&project=nordvpn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.208.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://support.nordvpn.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 22 Mar 2024 07:15:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
access-control-max-age
600
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
https://support.nordvpn.com
access-control-allow-credentials
true
cf-ray
868463f58a95a7e9-SYD
alt-svc
h3=":443"; ma=86400
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length
0
x-request-id
5c8da80421c2e88b67fd6c6bd2dba8e1
collect
cm.nordvpn.com/g/ 		0
368 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cm.nordvpn.com/g/collect?v=2&tid=G-LEXMJ1N516&gtm=45je43k0v874252800z86894354za200&_p=1711091724132&gcs=G101&gcd=13p3t3p3p5&npa=1&dma_cps=-&dma=0&cid=535897971.1711091725&ul=en-us&sr=1600x1200&_fplc=0&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=denied&_eu=EA&_s=1&sid=1711091725&sct=1&seg=0&dl=https%3A%2F%2Fsupport.nordvpn.com%2Fhc%2Fen-us%2Farticles%2F19509682644369-NordVPN-Kill-Switch-how-does-it-work&dt=NordVPN%20Kill%20Switch%3A%20how%20does%20it%20work%20%E2%80%93%20Live%20Chat%2C%20VPN%20Setup%2C%20Troubleshooting%20%7C%20NordVPN%20Customer%20Support&en=consent_status&_fv=1&_ss=2&ep.consent_status=ignored&ep.consent_settings=ES&ep.placement=cookie_consent&tfd=2739
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.208.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
868463f33fffa7e9-SYD
alt-svc
h3=":443"; ma=86400
content-length
0
ga-audiences
www.google.com/ads/ 		42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-42858496-9&cid=535897971.1711091725&jid=891741822&_u=IEBAAEAAAAAAACAAI~&z=1925246038
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 07:15:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.au/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-42858496-9&cid=535897971.1711091725&jid=891741822&_u=IEBAAEAAAAAAACAAI~&z=1925246038
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f35.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 07:15:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=492349226&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsupport.nordvpn.com%2Fhc%2Fen-us%2Farticles%2F19509682644369-NordVPN-Kill-Switch-how-does-it-work&ul=en-us&de=UTF-8&dt=NordVPN%20Kill%20Switch%3A%20how%20does%20it%20work%20%E2%80%93%20Live%20Chat%2C%20VPN%20Setup%2C%20Troubleshooting%20%7C%20NordVPN%20Customer%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=cookie_consent&ea=consent_status&el=ignored%2CES&_u=aGDAgUAjAAAAICAEKg~&cid=535897971.1711091725&uid=&tid=UA-42858496-1&_gid=394596909.1711091725&_slc=1&gtm=45He43k0n71WX5CH8v6894354za200&cd10=&cd20=1711091725235.2jd12u3e&cd21=2024-03-22T15%3A15%3A25.235%2B08%3A00&cd22=&cd24=&cd25=&cd26=&cd27=&cd28=&cd29=&cd30=&cd32=&cd48=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMi4wLjYyNjEuMTI4IFNhZmFyaS81MzcuMzYyMDAzMDEwN1dpbjMyODMxMjAwMTYwMA%3D%3D&gcs=G101&gcd=13p3t3p3p5&dma_cps=-&dma=0&cd19=535897971.1711091725&npa=1&z=1670288431
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://support.nordvpn.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 07:15:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://support.nordvpn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=492349226&t=event&ni=1&_s=2&dl=https%3A%2F%2Fsupport.nordvpn.com%2Fhc%2Fen-us%2Farticles%2F19509682644369-NordVPN-Kill-Switch-how-does-it-work&ul=en-us&de=UTF-8&dt=NordVPN%20Kill%20Switch%3A%20how%20does%20it%20work%20%E2%80%93%20Live%20Chat%2C%20VPN%20Setup%2C%20Troubleshooting%20%7C%20NordVPN%20Customer%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=cookie_consent&ea=widget_loaded&el=ignored%2CES&_u=aGDAgUAjAAAAICAEKg~&cid=535897971.1711091725&uid=&tid=UA-42858496-1&_gid=394596909.1711091725&gtm=45He43k0n71WX5CH8v6894354za200&cd10=&cd20=1711091725258.x72nhrtu&cd21=2024-03-22T15%3A15%3A25.258%2B08%3A00&cd22=&cd24=&cd25=&cd26=&cd27=&cd28=&cd29=&cd30=&cd32=&cd48=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMi4wLjYyNjEuMTI4IFNhZmFyaS81MzcuMzYyMDAzMDEwN1dpbjMyODMxMjAwMTYwMA%3D%3D&gcs=G101&gcd=13p3t3p3p5&dma_cps=-&dma=0&cd19=535897971.1711091725&npa=1&z=831306612
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Mar 2024 20:29:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
38747
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=492349226&t=pageview&_s=1&dl=https%3A%2F%2Fsupport.nordvpn.com%2Fhc%2Fen-us%2Farticles%2F19509682644369-NordVPN-Kill-Switch-how-does-it-work&ul=en-us&de=UTF-8&dt=NordVPN%20Kill%20Switch%3A%20how%20does%20it%20work%20%E2%80%93%20Live%20Chat%2C%20VPN%20Setup%2C%20Troubleshooting%20%7C%20NordVPN%20Customer%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACUAjBAAAICAEKg~&cid=535897971.1711091725&tid=UA-42858496-1&_gid=394596909.1711091725&gtm=457e43k0za200&gcs=G101&gcd=13p3t3p3p5&dma_cps=-&dma=0&jsscut=1&npa=1&z=407554668
Requested by
Host: support.nordvpn.com
URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Mar 2024 20:29:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
38747
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 4F23 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/589f1394/player_ias.vflset/en_GB/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f35.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 22 Mar 2024 07:15:25 GMT
truncated
/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23cbff70dd4a68416bff0bb406a57ddfb40dbce28e2eb9baa9957d2a841c1a6

Request headers

Referer
Origin
https://support.nordvpn.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
truncated
/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
428cf1a8dc0d1063a7576688d547bf7ebc70aee941fc033c659173da0d4293e4

Request headers

Referer
Origin
https://support.nordvpn.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
truncated
/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9cd46bd882ff69696adb5cf7d4efba4fde6068e5265a58c019c1574751087a62

Request headers

Referer
Origin
https://support.nordvpn.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
generate_204
www.youtube.com/ Frame 4F23 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?ij41jA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4KosNCHMPDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/4KosNCHMPDQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:25 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.10 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 22 Mar 2024 07:15:25 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4F23 		90 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/589f1394/player_ias.vflset/en_GB/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.10 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f10.1e100.net
Software
ESF /
Resource Hash
9634a15bd7e7f25427f9b2b0437ec80a00c7398cfa4c5a592f525d5fb2f4092f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 22 Mar 2024 07:15:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
cast_sender.js
www.gstatic.com/eureka/clank/122/ Frame 4F23 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/122/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f35.1e100.net
Software
sffe /
Resource Hash
765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:10:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
276
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14711
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 16:03:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 23 Mar 2024 07:10:49 GMT
collect
cm.nordvpn.com/g/ 		0
173 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cm.nordvpn.com/g/collect?v=2&tid=G-LEXMJ1N516&gtm=45je43k0v874252800z86894354za200&_p=1711091724132&gcs=G101&gcd=13p3t3p3p5&npa=1&dma_cps=-&dma=0&cid=535897971.1711091725&ul=en-us&sr=1600x1200&_fplc=0&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=denied&_eu=EA&_s=2&sid=1711091725&sct=1&seg=0&dl=https%3A%2F%2Fsupport.nordvpn.com%2Fhc%2Fen-us%2Farticles%2F19509682644369-NordVPN-Kill-Switch-how-does-it-work&dt=NordVPN%20Kill%20Switch%3A%20how%20does%20it%20work%20%E2%80%93%20Live%20Chat%2C%20VPN%20Setup%2C%20Troubleshooting%20%7C%20NordVPN%20Customer%20Support&en=widget_loaded&ep.consent_status=ignored&ep.consent_settings=ES&ep.placement=cookie_consent&_et=4&tfd=4093
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
868463fb8f55a97a-SYD
alt-svc
h3=":443"; ma=86400
content-length
0
destination
www.googletagmanager.com/gtag/ 		193 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-12123059&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.168 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s22-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
691bf91f09ec6fd560a5d544358744a550dfbc8c0549861d1913aa88806c28c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:15:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72026
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 22 Mar 2024 07:15:26 GMT
src=12123059;dc_pre=CPPyybSph4UDFf9DwgUdRqAObQ;type=retar0;cat=purea0;ord=7790442422441;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;gtm=45fe43k0z86894354za201;gcs=G101;gcd=13p3...
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=12123059;type=retar0;cat=purea0;ord=7790442422441;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;gtm=45fe43k0z86894354za201;gcs=...
  • https://ade.googlesyndication.com/ddm/activity/src=12123059;dc_pre=CPPyybSph4UDFf9DwgUdRqAObQ;type=retar0;cat=purea0;ord=7790442422441;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=deni...
42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/src=12123059;dc_pre=CPPyybSph4UDFf9DwgUdRqAObQ;type=retar0;cat=purea0;ord=7790442422441;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;gtm=45fe43k0z86894354za201;gcs=G101;gcd=13p3t3p3p5;dma_cps=-;dma=0;epver=2;~oref=https%3A%2F%2Fsupport.nordvpn.com%2Fhc%2Fen-us%2Farticles%2F19509682644369-NordVPN-Kill-Switch-how-does-it-work?
Protocol
H2
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://support.nordvpn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 07:15:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Mar 2024 07:15:27 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://ade.googlesyndication.com/ddm/activity/src=12123059;dc_pre=CPPyybSph4UDFf9DwgUdRqAObQ;type=retar0;cat=purea0;ord=7790442422441;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;gtm=45fe43k0z86894354za201;gcs=G101;gcd=13p3t3p3p5;dma_cps=-;dma=0;epver=2;~oref=https%3A%2F%2Fsupport.nordvpn.com%2Fhc%2Fen-us%2Farticles%2F19509682644369-NordVPN-Kill-Switch-how-does-it-work?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 4F23 		28 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/589f1394/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
X-Goog-Request-Time
1711091728658
Content-Type
application/json
X-YouTube-Utc-Offset
480
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/4KosNCHMPDQ
X-YouTube-Client-Version
1.20240317.00.00
X-YouTube-Time-Zone
Australia/Perth
X-Goog-Visitor-Id
CgtPTUlQeE5JNjAydyiM4PSvBjIKCgJBVRIEGgAgYA%3D%3D
X-YouTube-Ad-Signals
dt=1711091724921&flash=0&frm=2&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Fri, 22 Mar 2024 07:15:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| ga object| dataLayer function| gtag object| tracy object| __nord_domainList object| I18N object| Zendesk object| HelpCenter object| webpackChunkhelp_center object| regeneratorRuntime object| I18n object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| postscribe object| google_tag_manager_external string| GoogleAnalyticsObject boolean| isStatusBarHovered object| statusBarUnprotectedElement

16 Cookies

Domain/Path Name / Value
.support.nordvpn.com/ Name: __cfruid
Value: 1c2fd9331db0db17ae3f909bf093de6c4ee59122-1711091724
.nordvpn.zendesk.com/ Name: __cfruid
Value: 1c2fd9331db0db17ae3f909bf093de6c4ee59122-1711091724
.nordvpn.com/ Name: nv_tri
Value: TC_20504194449452662_1711091724535
.support.nordvpn.com/ Name: cf_clearance
Value: MZ9Cy2.tmPFHo.st1b3qjflQ.waty_2_.hc4kvu2QKk-1711091724-1.0.1.1-R6.14uvHyEsQSt48ARIE7wsvHaPngoAYZSUbPeI_gvYHYGifj28Lv5k_j3wecOLuOB78WoUA7vVUfUNnjZdqEg
.nordvpn.com/ Name: _gid
Value: GA1.2.394596909.1711091725
.nordvpn.com/ Name: _gat
Value: 1
.youtube.com/ Name: YSC
Value: w1ONqIO2PPY
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: OMIPxNI602w
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJBVRIEGgAgYA%3D%3D
support.nordvpn.com/ Name: nv_trs
Value: 1711091724537_1711091725261_0_0
.nordvpn.com/ Name: _ga
Value: GA1.2.535897971.1711091725
.nordvpn.com/ Name: font-css-en
Value: true
.nordvpn.com/ Name: __cf_bm
Value: mXO9oX.oac.yAUNkyyrSZ3fBqanG.jrOTYpxNGFl0n4-1711091725-1.0.1.1-1of8UQ0G0uTwdml54VsUUU5RzV6QKVPmhrsbOjEALyjzqX95S9vVwl8WCWAfoKLCkQ8Zvpjsn_Xe4OMvpimeSF50P3Pl5uBHsnGHbMiHBko
.nordvpn.com/ Name: _ga_LEXMJ1N516
Value: GS1.1.1711091725.1.1.1711091726.0.0.0
.nordvpn.com/ Name: FirstSession
Value: source%3D(direct)%26campaign%3D(direct)%26medium%3D(none)%26term%3D%26content%3D%26hostname%3Dsupport.nordvpn.com%26date%3D20240322%26query%3Dnull
.nordvpn.com/ Name: CurrentSession
Value: source%3D(direct)%26campaign%3D(direct)%26medium%3D(none)%26term%3D%26content%3D%26hostname%3Dsupport.nordvpn.com%26date%3D20240322%26query%3Dnull

25 Console Messages

Source Level URL
Text
other warning URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.nordvpn.com/hc/en-us/articles/19509682644369-NordVPN-Kill-Switch-how-does-it-work
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=259200; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
cm.nordvpn.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
nordvpn.zendesk.com
p17.zdassets.com
pagead2.googlesyndication.com
s1.nordcdn.com
static.doubleclick.net
static.zdassets.com
stats.g.doubleclick.net
support.nordvpn.com
theme.zdassets.com
tracy.nordvpn.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.16.208.203
104.16.51.111
104.17.207.237
104.18.70.113
104.18.72.113
104.19.159.190
142.250.66.168
142.250.67.1
142.250.67.10
142.250.67.14
142.251.175.154
172.217.24.34
172.217.24.35
172.217.24.36
172.217.24.38
172.217.24.46
172.217.24.54
000cdaeb0a207c972470a7ff314fcba17c9ee680341b737e04e2601f2c7f9d53
0c0fdc3d7022cec1e834340c8e83357c98e4494d8d13f9fe1ecb73a0008c0979
0c434255179af092069022c277bbdbf168568a92654de30f57116d62a26eb959
0cf6a7c1b044d609083c274ea1cdecdbf1ecd2c84c2e322329ba4adbff381ed9
0f3ddfe69fc4b56e22639b5159b327592e9db7e394f9be71c022cfc8630b4e41
114021b482955189a09d4fc27bbd37b2a17713583088d9c0d73fc73eda33f498
11e968c6d89a11dba44b408c4b30bdd64f4f8c1397c51c92be3989a88fc5def7
1b3b05ad5e6ca9b3090c18ba035f9a4c81424582c5c2c3251e826e30eb586964
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
259e873337a013b4ee71810aa70e1af087908e9539977f7f8c0e1ab4dbd55fe4
361116b744686bc1d69d4b5a673a37e3bbba7f347ca1abb14707439e240cf3d8
3707b45935eaa92da89634aa2e2a340a2ebbd0f08035f7f93fba1c58966a8b3f
38d18d8c6ab204062eedcb2980b6bfe059578f042c81bd0a17599853a5dd9cc4
3a3789d87b04629a3296ef99f693037adbb8f5c8c76a0d3d76ed31a54babeb1f
3ac766f4460e894672f491e8d1f53a4059c737b46fe7b824b3eff848a90a8505
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4162231352f88f0904675cef19e9b395f0100dca5db6484ea76b3795f7c2a5af
428cf1a8dc0d1063a7576688d547bf7ebc70aee941fc033c659173da0d4293e4
42a4914076688cc439ac8dbf82ed794170e03ef887d68d999db2a712d5c8f1ec
432e384398cae3aef622db77136392188a31e6ca48e20606fdbc311716e07387
457caa203bc49edae6d08c326cf2d90d2357bb1f87da61794358f37e61d2e19b
46cbbe7bff0cbb2a5750d9065fbb8b66260a620f6d4fcd40b3617f7b10f55b8c
482ddb997d025e240b52669b92ab944d40d47532098602920bf636ab03412613
5984c8b7e3674d207f22af426806f597286042caf7ffab2c7fa070c4411374e2
59ac6cd177a06d562e967e9e8bfad4de347525143400b68c2cb59480719c6dc2
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
674b5cf8d02b7fcdf3274afd0363177c7a5016ad6820b53714fd886da97a38c2
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
691bf91f09ec6fd560a5d544358744a550dfbc8c0549861d1913aa88806c28c1
765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
7f919bb8db7a2fe7126380d85836c540c3fc883cc4dff3f44ae1ecc697027a6c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84f0bdd85fef21051f9a2592bf767ba112d745949315a860b8d9af9b12ed4e5c
8e5bd1ced33d690040f0556553785d721fe3dd8a441376c88f5f77e1026550ee
8fd79e6f23c0335e42a361c852d5c723ddf4caca13d043f8a37d506cfe2be52e
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9634a15bd7e7f25427f9b2b0437ec80a00c7398cfa4c5a592f525d5fb2f4092f
99c8a946f57acad2389e1e2955cd35e0d4cbb76cae99a77dc5288c0269c53dc1
9ad448d0d9672487a2d7821e7c12b092282eb14c395bfcda618d3bc671d9184b
9cd46bd882ff69696adb5cf7d4efba4fde6068e5265a58c019c1574751087a62
a453e0395b07040023cbfc111d724161c5a8f0776abfc1e094e655550f27d199
a6231bb7529593e2a2ae31067363878950393756a285fbc19b8a2f6b53a7d864
ac9b1a79aaf02d16bcb453ee8b61bd3cf9c2f985fd90be07b9876b0591ebabb5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b2ad7416559b58d169cafb789fa7bedec551ada44ccfe274e5bf638070b75366
b54315aa20706ade20a86f6e6e84fdc06e18f4aa8a61f0584a30b717c3cfad9f
b9cfed476eeaec69caae049fdd4eecb68372fab6907125e4412103e47ee8a8f0
c52dd7b64bd1d45ca8922242c85714561927c3c3b07cccdaeae3fdf66d8b01f5
c85348eb7216378cc2051aa4302df48f967770db741cbb66337aedc006b09f00
ca29399061d31aef72259df4ec495bf63e5a8b5bed86f83f1680934a46e97e25
cb31d9603375dc87cb940c5839ab131e7fe5a95fd01db82124e4a5a5f63904f4
ccdb7b0f4fda59e6ecc2534c3999f70fdca75693cbbd5a6d014bba187f7b7acb
d23cbff70dd4a68416bff0bb406a57ddfb40dbce28e2eb9baa9957d2a841c1a6
d3e9bc168bcafb793c1f88803b8d62bae049d099b4d59eb15117f060ecba8e44
d67566a6d059a005a910e6e8415111a3447eae999f78a42db5c42edbb83351d1
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dffbc95b244429f2e6ea25f86b5a4e05bf3592ae04ca6b3ae6a0cddbf7eeb6f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5338dc4e807bbe53f3e659ee50e4c7161bd90220f82075285a9792657860941
ed99f1be8e94c69733b9cfe19fb18d6072501f43b8ca3dde662eb05d27723d96
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f270f4fb19e26c1190c927ffe5a576d83682f655386e42774bb0ec6e1606ed6d
fddf3fc71000c1041d20cb2ae63264f7d94e2d00a48a0472f3d31ac2c25ab7fc
febc8786679a812f7134423f57e93d6b522d1c5ba43df80ab15fbd840c36dfec