tails.com Open in urlscan Pro
2606:4700:10::6816:3083 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://txt.monadre.com/cert.cfm?b425ed7d21W84T4Ci%2bhHewFornTuNnKS%2fi0cwoVlhKP2dntuBk54z6ePIlEvsgKtzJ5ugnlpHpmLT4W7pIm...
Effective URL:
https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1...
Submission: On April 16 via api (April 16th 2021, 9:37:04 am UTC) from BE

Summary HTTP 69 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 29 IPs in 5 countries across 27 domains to perform 69 HTTP transactions. The main IP is 2606:4700:10::6816:3083, located in United States and belongs to CLOUDFLARENET, US. The main domain is tails.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 12th 2020. Valid for: a year.

This is the only time tails.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	217.116.16.235 217.116.16.235	16371 (ACENS_AS ...) (ACENS_AS (Spain) Hosting)
1 1	217.116.16.234 217.116.16.234	16371 (ACENS_AS ...) (ACENS_AS (Spain) Hosting)
1 3	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1 16	2606:4700:10:... 2606:4700:10::6816:3083	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:aa24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
10	2a04:4e42:1b:... 2a04:4e42:1b::720	54113 (FASTLY) (FASTLY)
1	2a02:26f0:710... 2a02:26f0:7100:19a::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	99.84.156.98 99.84.156.98	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20e8:ae00:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	184.30.21.80 184.30.21.80	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	34.248.165.94 34.248.165.94	16509 (AMAZON-02) (AMAZON-02)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	65.9.76.192 65.9.76.192	16509 (AMAZON-02) (AMAZON-02)
1	99.84.156.56 99.84.156.56	16509 (AMAZON-02) (AMAZON-02)
2	34.251.104.84 34.251.104.84	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
2	64.202.112.191 64.202.112.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
3	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	52.1.89.209 52.1.89.209	14618 (AMAZON-AES) (AMAZON-AES)
2	23.23.127.240 23.23.127.240	14618 (AMAZON-AES) (AMAZON-AES)
2	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	3.88.94.204 3.88.94.204	14618 (AMAZON-AES) (AMAZON-AES)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
69	29

1 217.116.16.235 (Fuenlabrada, Spain) 1 redirects

ASN16371 (ACENS_AS (Spain) Hosting, housing and VPN services, ES)
PTR: 217-116-16-235.redes.acens.net

txt.monadre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.116.16.234 (Fuenlabrada, Spain) 1 redirects

ASN16371 (ACENS_AS (Spain) Hosting, housing and VPN services, ES)
PTR: 217-116-16-234.redes.acens.net

prs.arkeero.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:10::6816:3083 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tails.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:aa24 (United States)

ASN13335 (CLOUDFLARENET, US)

o8y.tails.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a04:4e42:1b::720 (United States)

ASN54113 (FASTLY, US)

images.prismic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:19a::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.156.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-98.txl52.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20e8:ae00:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.21.80 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-80.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.165.94 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-165-94.eu-west-1.compute.amazonaws.com

collector-1211.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.76.192 (United States)

ASN16509 (AMAZON-02, US)

d2oh4tlt9mrke9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.156.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-56.txl52.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.104.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-104-84.eu-west-1.compute.amazonaws.com

the.sciencebehindecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.1.89.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-89-209.compute-1.amazonaws.com

ws.sessioncam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.23.127.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-127-240.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.88.94.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-88-94-204.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	tails.com 1 redirects tails.com o8y.tails.com	264 KB
10	prismic.io images.prismic.io	217 KB
4	google-analytics.com www.google-analytics.com	19 KB
3	google.de www.google.de	234 B
3	google.com www.google.com	234 B
3	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	1 KB
3	heapanalytics.com cdn.heapanalytics.com heapanalytics.com	45 KB
3	outbrain.com amplify.outbrain.com tr.outbrain.com	4 KB
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	103 KB
2	facebook.com www.facebook.com	275 B
2	snapchat.com tr.snapchat.com	313 B
2	sciencebehindecommerce.com the.sciencebehindecommerce.com	5 KB
2	zenaps.com www.zenaps.com	997 B
2	tvsquared.com collector-1211.tvsquared.com	9 KB
2	facebook.net connect.facebook.net	96 KB
1	twitter.com analytics.twitter.com	285 B
1	sessioncam.com ws.sessioncam.com	420 B
1	t.co t.co	170 B
1	cloudfront.net d2oh4tlt9mrke9.cloudfront.net	60 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	dwin1.com www.dwin1.com	7 KB
1	sc-static.net sc-static.net	6 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	googletagmanager.com www.googletagmanager.com	71 KB
1	awin1.com 1 redirects www.awin1.com	874 B
1	arkeero.net 1 redirects prs.arkeero.net	797 B
1	monadre.com 1 redirects txt.monadre.com	40 B
69	27

	Domain	Requested by
16	tails.com	1 redirects tails.com
10	images.prismic.io	tails.com
4	www.google-analytics.com	www.googletagmanager.com tails.com
3	www.google.de	tails.com
3	www.google.com	tails.com
2	errors.client.optimizely.com	tails.com
2	www.facebook.com	tails.com connect.facebook.net
2	tr.snapchat.com	tails.com
2	heapanalytics.com	tails.com
2	tr.outbrain.com	amplify.outbrain.com tails.com
2	stats.g.doubleclick.net	tails.com
2	the.sciencebehindecommerce.com	www.dwin1.com tails.com
2	www.zenaps.com	www.dwin1.com www.zenaps.com
2	collector-1211.tvsquared.com	tails.com
2	connect.facebook.net	tails.com connect.facebook.net
1	analytics.twitter.com	static.ads-twitter.com
1	ws.sessioncam.com	tails.com
1	t.co	tails.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	cdn.heapanalytics.com	tails.com
1	d2oh4tlt9mrke9.cloudfront.net	tails.com
1	static.ads-twitter.com	tails.com
1	amplify.outbrain.com	www.googletagmanager.com
1	www.dwin1.com	www.googletagmanager.com
1	sc-static.net	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.optimizely.com	o8y.tails.com
1	www.googletagmanager.com	tails.com
1	o8y.tails.com	tails.com
1	www.awin1.com	1 redirects
1	prs.arkeero.net	1 redirects
1	txt.monadre.com	1 redirects
69	32

This site contains links to these domains. Also see Links.

Domain
be.trustpilot.com
help.tails.com
uk.trustpilot.com
www.facebook.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-12` - `2021-08-12`	a year	crt.sh
o8y.tails.com Cloudflare Inc ECC CA-3	`2020-08-24` - `2021-08-24`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
imgix5.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-16` - `2022-03-17`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2021-02-11` - `2022-02-15`	a year	crt.sh
*.dwin1.com Amazon	`2020-12-04` - `2022-01-02`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.tvsquared.com Amazon	`2020-09-29` - `2021-10-29`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
cdn.heapanalytics.com Amazon	`2020-09-24` - `2021-10-26`	a year	crt.sh
www.awin1.com DigiCert Secure Site ECC CA-1	`2020-04-21` - `2021-07-21`	a year	crt.sh
tag.device9.com Go Daddy Secure Certificate Authority - G2	`2020-08-06` - `2021-09-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
ws.sessioncam.com Amazon	`2021-03-18` - `2022-04-16`	a year	crt.sh
heapanalytics.com Amazon	`2020-12-24` - `2022-01-22`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-01-23`	a year	crt.sh
errors.client.optimizely.com Amazon	`2020-09-02` - `2021-10-02`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
Frame ID: CAC8D54F4BC82B7408601200B48EA87F
Requests: 65 HTTP requests in this frame

Frame: https://www.zenaps.com/alt.php?mid=21359&sv=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
Frame ID: C57812BB699560E21F8A8A34A2EE9EA9
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=77df5df5-9d6e-470d-994d-f55526a0b83b
Frame ID: 1E9A0F8D82E852A7A81C2D58674A53E9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://txt.monadre.com/cert.cfm?b425ed7d21W84T4Ci%2bhHewFornTuNnKS%2fi0cwoVlhKP2dntuBk54z6ePIlEvsgK... HTTP 302
https://prs.arkeero.net/aff_c?offer_id=15619&aff_id=1859&file_id=20805&url_id=36924&idpers=15619&idc... HTTP 302
https://www.awin1.com/cread.php?awinmid=21359&awinaffid=655073&clickref=7EF877D1EEE413455386BD09FA... HTTP 302
http://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affilia... HTTP 301
https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affilia... Page URL

Detected technologies

CFML (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.cfm(?:$|\?)/i

Adobe ColdFusion (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.cfm(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

69
Requests

100 %
HTTPS

42 %
IPv6

27
Domains

32
Subdomains

29
IPs

5
Countries

925 kB
Transfer

2477 kB
Size

18
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://be.trustpilot.com/review/tails.com
Title:

Search URL Search Domain Scan URL

URL: https://help.tails.com/hc/en-be
Title: Help

Search URL Search Domain Scan URL

URL: https://uk.trustpilot.com/review/tails.com
Title: Trustpilot

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tailsBE/

Search URL Search Domain Scan URL

URL: https://twitter.com/tailsdogfood

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tails.com_be/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://txt.monadre.com/cert.cfm?b425ed7d21W84T4Ci%2bhHewFornTuNnKS%2fi0cwoVlhKP2dntuBk54z6ePIlEvsgKtzJ5ugnlpHpmLT4W7pIm0XubZXVVA%2fM0OLjhMqW2qqxq%2fKhJ3%2bCzwHNb6tanM%2bP5JFN5Ti7NxiKa4qDYGJA9yAwFeFo%2fViBkqEdxZcidBp7MZk%2fRCeyDR0efgFCjAtgW8RdMyO2m%2bwVfWK8na1XSc9RcsJUjvTgEd30Sh0eyK7qy05qXFoG%2fxSGeTZ%2fkGJ3uAAPgoHMA8l9kNJbXgFP2C7Jxfqvo0AbKjYBJ457yn4haqjIFJgOZ9kLoFXT6H4hnxWeL95jeQX6idu6bcBGxbp%2biVLKc0%2bEYKnsMKq07uIC%2b8Q6WACY3QVsDBcl%2bIb8Mw%3d%3dd28a840221&hid=5 HTTP 302
https://prs.arkeero.net/aff_c?offer_id=15619&aff_id=1859&file_id=20805&url_id=36924&idpers=15619&idcal=647802&ipcosm=195.133.55.46&perm=2021-04-14&sub_id5=lucdegraeve@hotmail.com&sub_id6=2021-04-14&ips=REL_M367_E3_C2&sub_id8=1-94beacda0ea24ba98e7be50c6fe51a6e&id_vegas=-1&dom=hotmail.com&sub_id7=HOTMAIL.COM&idh=39574 HTTP 302
https://www.awin1.com/cread.php?awinmid=21359&awinaffid=655073&clickref=7EF877D1EEE413455386BD09FA06EEA7 HTTP 302
http://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1 HTTP 301
https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

69 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
tails.com/be/lp/2wf-dogfood-1euro/
Redirect Chain

https://txt.monadre.com/cert.cfm?b425ed7d21W84T4Ci%2bhHewFornTuNnKS%2fi0cwoVlhKP2dntuBk54z6ePIlEvsgKtzJ5ugnlpHpmLT4W7pIm0XubZXVVA%2fM0OLjhMqW2qqxq%2fKhJ3%2bCzwHNb6tanM%2bP5JFN5Ti7NxiKa4qDYGJA9yAwFe...
https://prs.arkeero.net/aff_c?offer_id=15619&aff_id=1859&file_id=20805&url_id=36924&idpers=15619&idcal=647802&ipcosm=195.133.55.46&perm=2021-04-14&sub_id5=lucdegraeve@hotmail.com&sub_id6=2021-04-14...
https://www.awin1.com/cread.php?awinmid=21359&awinaffid=655073&clickref=7EF877D1EEE413455386BD09FA06EEA7
http://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_16...
https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1...

28 KB
5 KB

87ms
86ms

Document
text/html

2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5565bddeccfc7febd4ae893f5032841cfe8804aaefd1a6ed1cdb394defdaf2ca

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tails.com
:scheme: https
:path: /be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d592dadc5a411fc003b64a932d355df201618565795
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
content-type: text/html; charset=utf-8
last-modified: Thu, 15 Apr 2021 16:26:18 GMT
etag: W/"6078692a-14f5"
expires: Fri, 16 Apr 2021 10:36:36 GMT
cache-control: max-age=3600
content-security-policy: manifest-src 'none'; frame-ancestors 'self'
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
link: </static/fonts/Montserrat/montserrat-regular.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/Montserrat/montserrat-semibold.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/Montserrat/montserrat-light.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/JeffScript/jeffscript.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous
cf-cache-status: MISS
cf-request-id: 097ba3287f00004e1f20026000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 640c6e20c82c4e1f-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Fri, 16 Apr 2021 09:36:35 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Set-Cookie: __cfduid=d592dadc5a411fc003b64a932d355df201618565795; expires=Sun, 16-May-21 09:36:35 GMT; path=/; domain=.tails.com; HttpOnly; SameSite=Lax
Location: https://tails.com:443/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
CF-Cache-Status: MISS
cf-request-id: 097ba3283b0000c29a46b2f000000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 640c6e205d55c29a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 montserrat-regular.woff2
tails.com/static/fonts/Montserrat/ 13 KB
14 KB 25ms
24ms Font
font/woff2 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tails.com/static/fonts/Montserrat/montserrat-regular.woff2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://tails.com
Referer: https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3343337
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13708
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 08 Mar 2021 16:33:19 GMT
server: cloudflare
x-frame-options: DENY
etag: "604651cf-358c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=315360000
content-security-policy: manifest-src 'none'; frame-ancestors 'none'
cf-request-id: 097ba328dd00004ddc3e37a000000001
accept-ranges: bytes
cf-ray: 640c6e2169754ddc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 montserrat-semibold.woff2
tails.com/static/fonts/Montserrat/ 13 KB
14 KB 25ms
24ms Font
font/woff2 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tails.com/static/fonts/Montserrat/montserrat-semibold.woff2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://tails.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __cfduid=d592dadc5a411fc003b64a932d355df201618565795
:path: /static/fonts/Montserrat/montserrat-semibold.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: tails.com
referer: https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://tails.com
Referer: https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3343337
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13464
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 08 Mar 2021 16:33:19 GMT
server: cloudflare
x-frame-options: DENY
etag: "604651cf-3498"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=315360000
content-security-policy: manifest-src 'none'; frame-ancestors 'none'
cf-request-id: 097ba328dd00004ddc56383000000001
accept-ranges: bytes
cf-ray: 640c6e2169794ddc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 montserrat-light.woff2
tails.com/static/fonts/Montserrat/ 13 KB
14 KB 22ms
21ms Font
font/woff2 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tails.com/static/fonts/Montserrat/montserrat-light.woff2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03b52a1594b643f27fdfc0ad86291bf36368dde44df9f07e1206b6fd3563bcab

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://tails.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __cfduid=d592dadc5a411fc003b64a932d355df201618565795
:path: /static/fonts/Montserrat/montserrat-light.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: tails.com
referer: https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://tails.com
Referer: https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3343337
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13560
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 08 Mar 2021 16:33:19 GMT
server: cloudflare
x-frame-options: DENY
etag: "604651cf-34f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=315360000
content-security-policy: manifest-src 'none'; frame-ancestors 'none'
cf-request-id: 097ba328dd00004ddc42318000000001
accept-ranges: bytes
cf-ray: 640c6e21697a4ddc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 jeffscript.woff2
tails.com/static/fonts/JeffScript/ 98 KB
99 KB 26ms
25ms Font
font/woff2 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tails.com/static/fonts/JeffScript/jeffscript.woff2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca23773dd4bf46922200e40b31cbedf7d237f19b320309f32e8e62f87086f420

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://tails.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __cfduid=d592dadc5a411fc003b64a932d355df201618565795
:path: /static/fonts/JeffScript/jeffscript.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: tails.com
referer: https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://tails.com
Referer: https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3343337
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 100588
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 08 Mar 2021 16:33:20 GMT
server: cloudflare
x-frame-options: DENY
etag: "604651d0-188ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=315360000
content-security-policy: manifest-src 'none'; frame-ancestors 'none'
cf-request-id: 097ba328dd00004ddcf63a4000000001
accept-ranges: bytes
cf-ray: 640c6e21697c4ddc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 main.e49563d5ed4fb7539503.css
tails.com/discovery/css/ 77 KB
11 KB 47ms
46ms Stylesheet
text/css 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tails.com/discovery/css/main.e49563d5ed4fb7539503.css

Requested by

Host: tails.com
URL: https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d51ad19c3d412835c6ddfe7b51c5a45077513cf94d0f113dc78aeb37353d0115

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /discovery/css/main.e49563d5ed4fb7539503.css
pragma: no-cache
cookie: __cfduid=d592dadc5a411fc003b64a932d355df201618565795
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tails.com
referer: https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1987327
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Wed, 24 Mar 2021 09:31:55 GMT
server: cloudflare
etag: W/"605b070b-2ac7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
content-security-policy: manifest-src 'none'; frame-ancestors 'self'
cf-request-id: 097ba328de00004ddc46852000000001
cf-ray: 640c6e2169854ddc-FRA
link: </static/fonts/Montserrat/montserrat-regular.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/Montserrat/montserrat-semibold.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/Montserrat/montserrat-light.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/JeffScript/jeffscript.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 vendor.e49563d5ed4fb7539503.js Show response
tails.com/discovery/js/ 299 KB
81 KB 36ms
35ms Script
application/javascript 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tails.com/discovery/js/vendor.e49563d5ed4fb7539503.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bfbbee718f8105165c2270290f298a58aa7fa91fc8a0f20621ca24d1e9eea66

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /discovery/js/vendor.e49563d5ed4fb7539503.js
pragma: no-cache
cookie: __cfduid=d592dadc5a411fc003b64a932d355df201618565795
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tails.com
referer: https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1987327
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Wed, 24 Mar 2021 09:31:55 GMT
server: cloudflare
etag: W/"605b070b-1530e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
content-security-policy: manifest-src 'none'; frame-ancestors 'self'
cf-request-id: 097ba328df00004ddc063fc000000001
cf-ray: 640c6e2169864ddc-FRA
link: </static/fonts/Montserrat/montserrat-regular.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/Montserrat/montserrat-semibold.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/Montserrat/montserrat-light.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/JeffScript/jeffscript.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 main.e49563d5ed4fb7539503.js Show response
tails.com/discovery/js/ 22 KB
7 KB 18ms
17ms Script
application/javascript 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tails.com/discovery/js/main.e49563d5ed4fb7539503.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ca26861e1fc3466685ab6de61861ec7928387f0a625eecd87a47d08266d0d0e

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /discovery/js/main.e49563d5ed4fb7539503.js
pragma: no-cache
cookie: __cfduid=d592dadc5a411fc003b64a932d355df201618565795
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tails.com
referer: https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1987327
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Wed, 24 Mar 2021 09:31:55 GMT
server: cloudflare
etag: W/"605b070b-186f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
content-security-policy: manifest-src 'none'; frame-ancestors 'self'
cf-request-id: 097ba328df00004ddc0e218000000001
cf-ray: 640c6e2169874ddc-FRA
link: </static/fonts/Montserrat/montserrat-regular.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/Montserrat/montserrat-semibold.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/Montserrat/montserrat-light.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/JeffScript/jeffscript.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 18649652273 Show response
o8y.tails.com/edge-client/v1/18131751344/ 29 KB
10 KB 36ms
36ms Script
application/javascript 2606:4700::6811:aa24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://o8y.tails.com/edge-client/v1/18131751344/18649652273
Requested by: Host: tails.com
URL: https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:aa24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18cffc6df1f70cee9adde63e7d762e56d54520b1baa13400397bdfbc0e2a1630

Request headers

Referer: https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
cf-ray: 640c6e2169834e97-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 097ba328df00004e97d418b000000001

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 378 KB
71 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5ZNT7J

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6304ee07e8d09be451e94f15671364c037ab2cadee9dce36b7e40309abfb21a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72610
x-xss-protection: 0
last-modified: Fri, 16 Apr 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Apr 2021 09:36:36 GMT

GET
H3-29 200 logo-tm.svg
tails.com/static/images/svgs/logos/ 8 KB
4 KB 16ms
16ms Image
image/svg+xml 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tails.com/static/images/svgs/logos/logo-tm.svg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0264d9ad44f32f05534a6ba89ef11366da56f7c1a3ecfb91e01df2daf1b0471b

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /static/images/svgs/logos/logo-tm.svg
pragma: no-cache
cookie: __cfduid=d592dadc5a411fc003b64a932d355df201618565795
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tails.com
referer: https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3343336
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 08 Mar 2021 16:33:20 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"604651d0-1e0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
content-security-policy: manifest-src 'none'; frame-ancestors 'none'
cf-request-id: 097ba3291400004ddc3b874000000001
cf-ray: 640c6e21ba504ddc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 BE-square.png
tails.com/static/images/country-flags/ 222 B
664 B 23ms
21ms Image
image/png 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tails.com/static/images/country-flags/BE-square.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a0f4c9ec280e401b5de9a94e26a5150072324dd1d187a950e3dfe14cf37b281

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /static/images/country-flags/BE-square.png
pragma: no-cache
cookie: __cfduid=d592dadc5a411fc003b64a932d355df201618565795; discovery=8c8c86b4-8a9f-43be-8fa1-9de986509fb2; optimizelyEndUserId=oeu1618565796068r0.5026209238896833
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tails.com
referer: https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1321123
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 222
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 08 Mar 2021 16:33:20 GMT
server: cloudflare
x-frame-options: DENY
etag: "604651d0-de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
content-security-policy: manifest-src 'none'; frame-ancestors 'none'
cf-request-id: 097ba3295d00004ddc568c2000000001
accept-ranges: bytes
cf-ray: 640c6e222b474ddc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 00faa962-8df6-4d34-b3fc-96288394ede2_trustpilot.png
images.prismic.io/tails/ 23 KB
23 KB 9ms
7ms Image
image/png 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/tails/00faa962-8df6-4d34-b3fc-96288394ede2_trustpilot.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

4612edea704ad5c7ee1fb610a0a4edf8e2187c6b2da27c29c591946a20fd719f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Nov 2020 15:21:41 GMT
server: imgix
age: 4303596
x-cache: HIT, HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: 7e8eb2b97a7ad079f69a08146c78db3cafc11d6a
accept-ranges: bytes
content-length: 23450
x-served-by: cache-sjc10048-SJC, cache-hhn4037-HHN

GET
H2 200 tails%2Ff46b7076-5459-4045-9e9a-0995b7c5ffd2_1.png
images.prismic.io/ 2 KB
2 KB 8ms
6ms Image
image/webp 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/tails%2Ff46b7076-5459-4045-9e9a-0995b7c5ffd2_1.png?auto=compress,format

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

99a2ff9bfd20d0001989afba39ff03b2d137cfd8450ef71db2e9c3385df62f3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 02:29:55 GMT
server: imgix
age: 1840000
vary: Accept, User-Agent
x-cache: MISS, HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: 72df0403b3373d91c4d54b6c3d164eb09c5fdad5
accept-ranges: bytes
content-length: 1736
x-served-by: cache-sjc10041-SJC, cache-hhn4037-HHN

GET
H2 200 tails%2Fde85f971-b34d-4ee4-89e0-350cf0d25081_2.png
images.prismic.io/ 2 KB
2 KB 11ms
9ms Image
image/webp 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/tails%2Fde85f971-b34d-4ee4-89e0-350cf0d25081_2.png?auto=compress,format

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

d9c27e5090a6b9afca63d09efe6f5d07be1e0b3cbb64b5268ee0742071955656

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
x-content-type-options: nosniff
fastly-restarts: 1
last-modified: Thu, 15 Apr 2021 02:36:59 GMT
server: imgix
age: 111574
vary: Accept, User-Agent
x-cache: MISS, HIT, HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: 3ea1bea042fd4c0b1e737c45ef46e53b667f4138
accept-ranges: bytes
content-length: 1890
x-served-by: cache-sjc10036-SJC, cache-sjc10065-SJC, cache-hhn4037-HHN

GET
H2 200 tails%2Fb170e21e-e9d2-4ec2-b7b1-14799ddbd0d4_3.png
images.prismic.io/ 2 KB
2 KB 11ms
9ms Image
image/webp 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/tails%2Fb170e21e-e9d2-4ec2-b7b1-14799ddbd0d4_3.png?auto=compress,format

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

7c55744b07e3d84bcb25c3ce67567cdac0f19a2adc9a1a5f9074389a8b024124

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 19:17:33 GMT
server: imgix
age: 1865943
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: 2d5a5a61cdbf99a3e32a40d3698d4f3f1c9467f3
accept-ranges: bytes
content-length: 1944
x-served-by: cache-sjc10026-SJC, cache-hhn4037-HHN

GET
H2 200 tails%2F11006674-a056-4592-959f-7e6b960c5209_body_05.jpg
images.prismic.io/ 12 KB
12 KB 10ms
8ms Image
image/webp 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/tails%2F11006674-a056-4592-959f-7e6b960c5209_body_05.jpg?auto=compress,format&rect=0,0,400,400&w=400&h=400

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

6721044c5beb0370a1eb21ff558e3f35f8e83be5c1bdcefab8f343fe711ef3b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
x-content-type-options: nosniff
last-modified: Sat, 10 Apr 2021 18:34:04 GMT
server: imgix
age: 486151
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: ac878dd96741868bc87e248ba0c79dfd42071082
accept-ranges: bytes
content-length: 12408
x-served-by: cache-sjc10044-SJC, cache-hhn4037-HHN

GET
H2 200 tails%2F90e56465-7293-4f45-bab0-3d3d3c19c340_homepage+options+-+mobile+-+01.jpg
images.prismic.io/ 20 KB
20 KB 8ms
7ms Image
image/webp 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/tails%2F90e56465-7293-4f45-bab0-3d3d3c19c340_homepage+options+-+mobile+-+01.jpg?auto=compress,format&rect=100,0,400,400&w=400&h=400

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

a9b14a6e93188ab4af14d6c1e1dfe3cac4ae2c4cd91d585a69123fc8b9e09789

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 22:30:49 GMT
server: imgix
age: 1335947
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: 2a4aec02069727c04ee7a919dc54b02e27910df7
accept-ranges: bytes
content-length: 20520
x-served-by: cache-sjc10040-SJC, cache-hhn4037-HHN

GET
H2 200 tails%2Fa663b83b-98c1-434b-bf72-da0f1409f724_home_feature_3.jpg
images.prismic.io/ 9 KB
9 KB 11ms
6ms Image
image/webp 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/tails%2Fa663b83b-98c1-434b-bf72-da0f1409f724_home_feature_3.jpg?auto=compress,format&rect=74,0,620,620&w=400&h=400

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

de9fc9399e0e4333282a6209e25003350e11ce0273eddf471819e37c9a3c7106

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 10:21:51 GMT
server: imgix
age: 3712484
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: 82e05ab64dd144f6dcbd519d83ef7a8067d03df0
accept-ranges: bytes
content-length: 9274
x-served-by: cache-sjc10024-SJC, cache-hhn4037-HHN

GET
H2 200 tails%2Fc8cac127-5eb9-43e6-b2d6-e8e28e8e96b0_body_image02.jpg
images.prismic.io/ 13 KB
13 KB 12ms
7ms Image
image/webp 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/tails%2Fc8cac127-5eb9-43e6-b2d6-e8e28e8e96b0_body_image02.jpg?auto=compress,format&rect=479,0,3192,3192&w=400&h=400

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

610082e2b690d27cb6d828943a4fbfbe1cc06a2009caee8f295bee6213761618

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Mar 2021 15:51:11 GMT
server: imgix
age: 3779124
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: fa3c2a5cc4cf11e264abe53882821a37e91e98ce
accept-ranges: bytes
content-length: 12888
x-served-by: cache-sjc10040-SJC, cache-hhn4037-HHN

GET
H2 200 tails%2Fef04afc5-1a01-477d-847e-df313d462966_home_feature_5.jpg
images.prismic.io/ 30 KB
30 KB 9ms
6ms Image
image/webp 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/tails%2Fef04afc5-1a01-477d-847e-df313d462966_home_feature_5.jpg?auto=compress,format&rect=90,0,620,620&w=400&h=400

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

8fcc972a6b87ce2e2d4c3ad00178f47673b91f09aa5eeae5b78b69f27e8bbf1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
x-content-type-options: nosniff
last-modified: Sat, 20 Mar 2021 11:45:37 GMT
server: imgix
age: 2325057
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: 28e850698c3c6f218f1adee2b17340244fc43e63
accept-ranges: bytes
content-length: 30770
x-served-by: cache-sjc10024-SJC, cache-hhn4037-HHN

GET
H2 200 2665_89f46943fbc3412f51bf876da496fd590c24f41b2f02805ec1df0231e533e1dd_edge_helper.js Show response
cdn.optimizely.com/public/18131751344/18649652273/ 389 KB
102 KB 8ms
7ms Script
text/javascript 2a02:26f0:7100:19a::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/public/18131751344/18649652273/2665_89f46943fbc3412f51bf876da496fd590c24f41b2f02805ec1df0231e533e1dd_edge_helper.js

Requested by

Host: o8y.tails.com
URL: https://o8y.tails.com/edge-client/v1/18131751344/18649652273

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:19a::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

89f46943fbc3412f51bf876da496fd590c24f41b2f02805ec1df0231e533e1dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: uf9FRgfFasurskFMJFif5crkcyIApeDT
content-encoding: gzip
etag: "e5662deb046a4ae64b5f82a0bc2e82b6"
x-amz-request-id: THN64DQFNYSG2BYJ
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 2665
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:7100:19a::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 103850
x-amz-id-2: 6ztAZ98ipK8rrmShG9QvZgtUsvLq+e/vST6s+1oRZ0Go1zd9QNk3Og2C3zx9L7J3p/Tebb6CoWo=
last-modified: Wed, 14 Apr 2021 13:16:12 GMT
server: AmazonS3
date: Fri, 16 Apr 2021 09:36:36 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H3-29 200 281057528d658da4a053e049d747b3e6.svg
tails.com/discovery/ 269 B
966 B 17ms
16ms Image
image/svg+xml 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tails.com/discovery/281057528d658da4a053e049d747b3e6.svg

Requested by

Host: tails.com
URL: https://tails.com/discovery/css/main.e49563d5ed4fb7539503.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c588ddd2e651f26c524dee025c5028d8b971295d2750e7ceb7c4707cc27cde16

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /discovery/281057528d658da4a053e049d747b3e6.svg
pragma: no-cache
cookie: __cfduid=d592dadc5a411fc003b64a932d355df201618565795; discovery=8c8c86b4-8a9f-43be-8fa1-9de986509fb2; optimizelyEndUserId=oeu1618565796068r0.5026209238896833; pc=DISCOUNTBE; awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tails.com
referer: https://tails.com/discovery/css/main.e49563d5ed4fb7539503.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tails.com/discovery/css/main.e49563d5ed4fb7539503.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3343336
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 08 Mar 2021 16:43:36 GMT
server: cloudflare
etag: W/"60465438-10d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
content-security-policy: manifest-src 'none'; frame-ancestors 'self'
cf-request-id: 097ba3296e00004ddc258e2000000001
cf-ray: 640c6e224b734ddc-FRA
link: </static/fonts/Montserrat/montserrat-regular.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/Montserrat/montserrat-semibold.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/Montserrat/montserrat-light.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/JeffScript/jeffscript.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 04887503e83d32010f218a2eb74f34d3.svg
tails.com/discovery/ 961 B
1 KB 15ms
15ms Image
image/svg+xml 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tails.com/discovery/04887503e83d32010f218a2eb74f34d3.svg

Requested by

Host: tails.com
URL: https://tails.com/discovery/css/main.e49563d5ed4fb7539503.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cadadbf2ee4c9781a863be276eebbc56b4c5e158c9e546c0ce32ca90bc4bc93f

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /discovery/04887503e83d32010f218a2eb74f34d3.svg
pragma: no-cache
cookie: __cfduid=d592dadc5a411fc003b64a932d355df201618565795; discovery=8c8c86b4-8a9f-43be-8fa1-9de986509fb2; optimizelyEndUserId=oeu1618565796068r0.5026209238896833; pc=DISCOUNTBE; awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tails.com
referer: https://tails.com/discovery/css/main.e49563d5ed4fb7539503.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tails.com/discovery/css/main.e49563d5ed4fb7539503.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3343336
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 08 Mar 2021 16:43:36 GMT
server: cloudflare
etag: W/"60465438-236"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
content-security-policy: manifest-src 'none'; frame-ancestors 'self'
cf-request-id: 097ba3296e00004ddc0e225000000001
cf-ray: 640c6e224b754ddc-FRA
link: </static/fonts/Montserrat/montserrat-regular.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/Montserrat/montserrat-semibold.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/Montserrat/montserrat-light.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/JeffScript/jeffscript.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tails%2F2dda68a8-b46e-4f68-929b-601275765e06_190626_tails_landingpage%28walter%2Bbag%2Bbowl%29desktop.jpg
images.prismic.io/ 103 KB
103 KB 7ms
6ms Image
image/webp 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/tails%2F2dda68a8-b46e-4f68-929b-601275765e06_190626_tails_landingpage%28walter%2Bbag%2Bbowl%29desktop.jpg?auto=compress,format&rect=142,0,2275,1422&w=2560&h=1600

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

768bb5d81a1aa63bca4dfa8f45bccf4ca967238fdbdc8e60fbb3c5dc4c164133

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
x-content-type-options: nosniff
last-modified: Sat, 03 Apr 2021 08:04:40 GMT
server: imgix
age: 1128715
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: e7aea6981d08321d20e656f4d070ef47f5e3c877
accept-ranges: bytes
content-length: 105678
x-served-by: cache-sjc10024-SJC, cache-hhn4037-HHN

GET
H3-29 200 fda1f7c095f4168feda5668e8526b582.svg
tails.com/discovery/ 410 B
1 KB 26ms
25ms Image
image/svg+xml 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tails.com/discovery/fda1f7c095f4168feda5668e8526b582.svg

Requested by

Host: tails.com
URL: https://tails.com/discovery/css/main.e49563d5ed4fb7539503.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c84b7a707cbda77b0b30740e191da1e711820fe40203866d2e7e2e5074e0ce45

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /discovery/fda1f7c095f4168feda5668e8526b582.svg
pragma: no-cache
cookie: __cfduid=d592dadc5a411fc003b64a932d355df201618565795; discovery=8c8c86b4-8a9f-43be-8fa1-9de986509fb2; optimizelyEndUserId=oeu1618565796068r0.5026209238896833; pc=DISCOUNTBE; awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tails.com
referer: https://tails.com/discovery/css/main.e49563d5ed4fb7539503.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tails.com/discovery/css/main.e49563d5ed4fb7539503.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3343178
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 08 Mar 2021 16:43:37 GMT
server: cloudflare
etag: W/"60465439-131"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
content-security-policy: manifest-src 'none'; frame-ancestors 'self'
cf-request-id: 097ba3297100004ddc6dac6000000001
cf-ray: 640c6e224b814ddc-FRA
link: </static/fonts/Montserrat/montserrat-regular.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/Montserrat/montserrat-semibold.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/Montserrat/montserrat-light.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/JeffScript/jeffscript.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 9ed02d5cc1f763cae209ef4d6935f857.svg
tails.com/discovery/ 816 B
1 KB 41ms
38ms Image
image/svg+xml 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tails.com/discovery/9ed02d5cc1f763cae209ef4d6935f857.svg

Requested by

Host: tails.com
URL: https://tails.com/discovery/css/main.e49563d5ed4fb7539503.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f187087b6282aad1cf02583b9379c8a4a68a8d542a143e6a7da70aa796ddb848

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /discovery/9ed02d5cc1f763cae209ef4d6935f857.svg
pragma: no-cache
cookie: __cfduid=d592dadc5a411fc003b64a932d355df201618565795; discovery=8c8c86b4-8a9f-43be-8fa1-9de986509fb2; optimizelyEndUserId=oeu1618565796068r0.5026209238896833; pc=DISCOUNTBE; awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tails.com
referer: https://tails.com/discovery/css/main.e49563d5ed4fb7539503.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tails.com/discovery/css/main.e49563d5ed4fb7539503.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3343178
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 08 Mar 2021 16:43:36 GMT
server: cloudflare
etag: W/"60465438-202"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
content-security-policy: manifest-src 'none'; frame-ancestors 'self'
cf-request-id: 097ba3297300004ddcfb205000000001
cf-ray: 640c6e225b834ddc-FRA
link: </static/fonts/Montserrat/montserrat-regular.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/Montserrat/montserrat-semibold.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/Montserrat/montserrat-light.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/JeffScript/jeffscript.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 705859c6519ea08b794cbadfe9f4bdf2.svg
tails.com/discovery/ 2 KB
2 KB 22ms
19ms Image
image/svg+xml 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tails.com/discovery/705859c6519ea08b794cbadfe9f4bdf2.svg

Requested by

Host: tails.com
URL: https://tails.com/discovery/css/main.e49563d5ed4fb7539503.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3edd00c505d5e871db5fd345c815e47ae5c3e5798fec9b6d8b67b405ab8d166

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /discovery/705859c6519ea08b794cbadfe9f4bdf2.svg
pragma: no-cache
cookie: __cfduid=d592dadc5a411fc003b64a932d355df201618565795; discovery=8c8c86b4-8a9f-43be-8fa1-9de986509fb2; optimizelyEndUserId=oeu1618565796068r0.5026209238896833; pc=DISCOUNTBE; awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tails.com
referer: https://tails.com/discovery/css/main.e49563d5ed4fb7539503.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tails.com/discovery/css/main.e49563d5ed4fb7539503.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3343178
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 08 Mar 2021 16:43:37 GMT
server: cloudflare
etag: W/"60465439-35a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
content-security-policy: manifest-src 'none'; frame-ancestors 'self'
cf-request-id: 097ba3297400004ddc1f8fe000000001
cf-ray: 640c6e225b864ddc-FRA
link: </static/fonts/Montserrat/montserrat-regular.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/Montserrat/montserrat-semibold.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/Montserrat/montserrat-light.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/JeffScript/jeffscript.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZNT7J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 6187
date: Fri, 16 Apr 2021 07:53:29 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Fri, 16 Apr 2021 09:53:29 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 35ms
35ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZNT7J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

bc9d705ee6c02fde87c2069b74221c2172f27d659282a53756f9b3634fab4f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13879
x-xss-protection: 0
server: cafe
etag: 4168474919333271250
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 09:36:36 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 14 KB
6 KB 70ms
66ms Script
application/javascript 99.84.156.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZNT7J
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.156.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-156-98.txl52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 023e64b862c4d75dd3390eda64f830ce73e3d8c689d30fff89dec507ccabb780

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: TXL52-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 5720
via: 1.1 fe14b43a6dfec5fc809a25185c7fce43.cloudfront.net (CloudFront)
x-amz-cf-id: gD1hdtaqkUfWmKROdp0cmgkKVETrOqeuPLazttbTBtJ8EFteULre0g==

GET
H2 200 21359.js Show response
www.dwin1.com/ 21 KB
7 KB 18ms
15ms Script
application/javascript 2600:9000:20e8:ae00:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/21359.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZNT7J
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:ae00:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 022054038e16030a29a946fa15ce8599cbf035308b56893843a5d7ea7bd6b293

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: K1cX15_8QgkA60x0Y.eDedSS7MWivx2h
content-encoding: gzip
etag: W/"9679c7ebbc9f4e5164c77dcf1603a36f"
age: 24
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Tue, 13 Apr 2021 13:55:54 GMT
server: AmazonS3
date: Fri, 16 Apr 2021 09:36:13 GMT
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
via: 1.1 41232b1248b5064ae14550b383a46695.cloudfront.net (CloudFront)
cache-control: max-age=600, s-maxage=600
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: mn4WAy2nCVkjzbFGynxHaaT_OMPuD3RK6ZzUrMKuXxPLvFH7ZJD6Ug==

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 7 KB
3 KB 46ms
41ms Script
application/x-javascript 184.30.21.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZNT7J
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e15eca5878352d8972f4e93b9aed80e34860514c23bfe9ee0a01767a291cf28a

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 09:36:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Mar 2021 12:03:44 GMT
Server: AkamaiNetStorage
ETag: "c43e7f1b0459d05cce32768dd16af59b:1616414624.063318"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2864
Expires: Fri, 16 Apr 2021 09:56:36 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9ddca568ff519cd935a816baec6f7bfce459656ec5022ec2ba6a6225891022eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23960
x-fb-rlafr: 0
pragma: public
x-fb-debug: IAoYs4T5/yR1udIIU1I+XKjBCTG1LcSXFTJWVWQdsZXmCvDaRarUarHexkUwdQnDsgm+Inbg4qw/RNg1R2X4JA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 16 Apr 2021 09:36:36 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK tv2track.js Show response
collector-1211.tvsquared.com/ 20 KB
9 KB 41ms
39ms Script
application/javascript 34.248.165.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-1211.tvsquared.com/tv2track.js
Requested by: Host: tails.com
URL: https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.165.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-165-94.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 09:36:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Mar 2021 11:09:16 GMT
Server: nginx
ETag: "604b4bdc-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Fri, 16 Apr 2021 09:46:36 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 24ms
21ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: tails.com
URL: https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 31509
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1618565796.349357,VS0,VE0
x-served-by: cache-hhn11583-HHN

GET
H/1.1 200
OK sessioncam.recorder.js Show response
d2oh4tlt9mrke9.cloudfront.net/Record/js/ 265 KB
60 KB 24ms
22ms Script
text/javascript 65.9.76.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js
Requested by: Host: tails.com
URL: https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.76.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a814c74e56b667b815cb2e5e660d742921dfe114201d1f7b82fdf935a0929abc

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: CGbteLpbbwjs_EHUAU7OLwZu1sGzfW7d
Content-Encoding: gzip
ETag: "ae638b37a143047a103c0ed33efcb749"
Age: 2309
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 60768
Last-Modified: Tue, 30 Mar 2021 13:01:15 GMT
Server: AmazonS3
Date: Fri, 16 Apr 2021 08:58:08 GMT
Content-Type: text/javascript
Via: 1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront)
Cache-Control: max-age=14400
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: DP0BhFn5LWCcelNsg1OAq3k5e41SdeIOrOLqdqSqhZymyDhiERy2zA==

GET
H2 200 heap-1810697393.js Show response
cdn.heapanalytics.com/js/ 115 KB
44 KB 38ms
38ms Script
application/javascript 99.84.156.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1810697393.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.156.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-156-56.txl52.r.cloudfront.net

Software

nginx /

Resource Hash

3464e60dcf4485dd320e0b101970c4e9c6de1d996710958c7b7a57e8a70398b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:34:40 GMT
content-encoding: gzip
server: nginx
age: 116
etag: W/"1cae1-Rsd2Q2ACvAInfQAkpWmpDw"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 fe14b43a6dfec5fc809a25185c7fce43.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: TXL52-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: fH1yIakR-Ngqg_lydXVJt9So3PdKBM4KOzTb-IdvEAvPN26SXN2V9w==

GET
H/1.1 200
OK alt.php Show response
www.zenaps.com/ Frame C578 155 B
509 B 59ms
58ms Document
text/html 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zenaps.com/alt.php?mid=21359&sv=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1

Requested by

Host: www.dwin1.com
URL: https://www.dwin1.com/21359.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

e6737e3f5f522bac2448209aaf935a8d02b3abb6ad8a2a0defe3d9228ddd2502

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Host: www.zenaps.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://tails.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tails.com/

Response headers

Content-Type: text/html
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 16 Apr 2021 09:36:36 GMT
Content-Length: 141
Connection: keep-alive
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
H/1.1 200 d9core Show response
the.sciencebehindecommerce.com/ 11 KB
4 KB 38ms
37ms Script
application/javascript 34.251.104.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://the.sciencebehindecommerce.com/d9core
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/21359.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.104.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-104-84.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: 455387980b67d9db826feaab9a764351e9791e15cada8249a83bcf39489232d8

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 09:36:36 GMT
Content-Encoding: gzip
Server: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
ETag: 5081bddacaee651b68e0a4f07183080d
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: the.sciencebehindecommerce.com
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Content-Length: 3601

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-52363535-1&cid=206782851.1618565796&jid=538553095&gjid=2027084149&_gid=1078923517.1618565796&_u=YGBAgEABAAAAAE~&z=1132774454

Requested by

Host: tails.com
URL: https://tails.com/discovery/js/vendor.e49563d5ed4fb7539503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 16 Apr 2021 09:36:36 GMT
content-type: text/plain
access-control-allow-origin: https://tails.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=1676643167&t=pageview&_s=1&dl=https%3A%2F%2Ftails.com%2Fbe%2Flp%2F2wf-dogfood-1euro%2F%3Fpc%3DDISCOUNTBE%26utm_source%3Darkeero%26utm_medium%3Daffiliate%26utm_campaign%3D2WF1%26pc%3DDEF50%26utm_source%3Ddefault%26utm_medium%3Daffiliate%26utm_campaign%3D50off1st%26awc%3D21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1&ul=en-us&de=UTF-8&dt=tails.com%20%7C%202%20Weeks%20Free%20%7C%20tails.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=538553095&gjid=2027084149&cid=206782851.1618565796&tid=UA-52363535-1&_gid=1078923517.1618565796&gtm=2wg4725ZNT7J&cg1=%2Fbe%2Flp%2F2wf-dogfood-1euro%2F&z=1088226921

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 10:05:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84671
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 372ms
95ms Script
application/javascript 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00ed65814a24de0af6fa7ef101affc24ae
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 09:36:36 GMT
content-encoding: gzip
X-TraceId: 31a35334b3a86be5f713f4b2ae4aaaba
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 394ms
99ms Image
image/gif 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00ed65814a24de0af6fa7ef101affc24ae&obApiVersion=1.0-gtm&obtpVersion=1.4.1&name=PAGE_VIEW&dl=https%3A%2F%2Ftails.com%2Fbe%2Flp%2F2wf-dogfood-1euro%2F%3Fpc%3DDISCOUNTBE%26utm_source%3Darkeero%26utm_medium%3Daffiliate%26utm_campaign%3D2WF1%26pc%3DDEF50%26utm_source%3Ddefault%26utm_medium%3Daffiliate%26utm_campaign%3D50off1st%26awc%3D21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1&optOut=false&bust=09883617859734106
Requested by: Host: tails.com
URL: https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 09:36:36 GMT
Cache-Control: no-cache
X-TraceId: 3f855be12d1a82a65e4e7e2d2db90f91
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/966987607/ 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966987607/?random=1618565796409&cv=9&fst=1618565796409&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg472&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ftails.com%2Fbe%2Flp%2F2wf-dogfood-1euro%2F%3Fpc%3DDISCOUNTBE%26utm_source%3Darkeero%26utm_medium%3Daffiliate%26utm_campaign%3D2WF1%26pc%3DDEF50%26utm_source%3Ddefault%26utm_medium%3Daffiliate%26utm_campaign%3D50off1st%26awc%3D21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1&tiba=tails.com%20%7C%202%20Weeks%20Free%20%7C%20tails.com&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06a1cc451d04454387a43e590d8e19718cf0a6de86ab9b322043b04083e95917

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 09:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1152
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tv2track.php
collector-1211.tvsquared.com/ 42 B
361 B 36ms
36ms Image
image/gif 34.248.165.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-1211.tvsquared.com/tv2track.php?action_name=tails.com%20%7C%202%20Weeks%20Free%20%7C%20tails.com&idsite=TV-81728181-1&rec=1&r=977524&h=11&m=36&s=36&url=https%3A%2F%2Ftails.com%2Fbe%2Flp%2F2wf-dogfood-1euro%2F%3Fpc%3DDISCOUNTBE%26utm_source%3Darkeero%26utm_medium%3Daffiliate%26utm_campaign%3D2WF1%26pc%3DDEF50%26utm_source%3Ddefault%26utm_medium%3Daffiliate%26utm_campaign%3D50off1st%26awc%3D21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1&_id=c1ff50e982ac267b&_idts=1618565796&_idvc=0&_idn=1&_viewts=&cookie=1&res=1600x1200&gt_ms=87
Requested by: Host: tails.com
URL: https://tails.com/be/lp/2wf-dogfood-1euro/?pc=DISCOUNTBE&utm_source=arkeero&utm_medium=affiliate&utm_campaign=2WF1&pc=DEF50&utm_source=default&utm_medium=affiliate&utm_campaign=50off1st&awc=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.165.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-165-94.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 09:36:36 GMT
Server: nginx
Connection: keep-alive
Request-Id: 3c28a326-1764-4a27-8b93-3566f1bd13a9
P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Content-Length: 42
Content-Type: image/gif

GET
H3-29 200 318797374943753 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/318797374943753?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6f5eb521e7232eed8400d6669959747ea13ac36637f8d21fd0c7e2fd6358477b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74124
x-fb-rlafr: 0
pragma: public
x-fb-debug: n1l4vqWqS4iqB7XxtytPPi/Enk5jFT4LJzzmB4KDmtydb2gH6WF6TXc4pWoxWTI/lG3BG0x+M60eLNb/EhsLLg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Fri, 16 Apr 2021 09:36:36 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
170 B 136ms
135ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nyges&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Ftails.com%2Fbe%2Flp%2F2wf-dogfood-1euro%2F%3Fpc%3DDISCOUNTBE%26utm_source%3Darkeero%26utm_medium%3Daffiliate%26utm_campaign%3D2WF1%26pc%3DDEF50%26utm_source%3Ddefault%26utm_medium%3Daffiliate%26utm_campaign%3D50off1st%26awc%3D21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 111
pragma: no-cache
last-modified: Fri, 16 Apr 2021 09:36:36 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 16624ced2c90370b8793d24bc6bd3854
x-transaction: 00f0837d002de127
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 21ms
17ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-52363535-1&cid=206782851.1618565796&jid=538553095&_u=YGBAgEABAAAAAE~&z=330286162

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 09:36:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 29ms
24ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-52363535-1&cid=206782851.1618565796&jid=538553095&_u=YGBAgEABAAAAAE~&z=330286162

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 09:36:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK config.aspx Show response
ws.sessioncam.com/Record/ 38 B
420 B 105ms
105ms XHR
text/javascript 52.1.89.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sessioncam.com/Record/config.aspx?url=https%3A%2F%2Ftails.com%2Fbe%2Flp%2F2wf-dogfood-1euro%2F%3Fpc%3DDISCOUNTBE%26utm_source%3Darkeero%26utm_medium%3Daffiliate%26utm_campaign%3D2WF1%26pc%3DDEF50%26utm_source%3Ddefault%26utm_medium%3Daffiliate%26utm_campaign%3D50off1st%26awc%3D21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1&jsver=588&originalUrl=https://tails.com&sse=1618565796449&inTg=a&acr=0
Requested by: Host: tails.com
URL: https://tails.com/discovery/js/vendor.e49563d5ed4fb7539503.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.89.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-89-209.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 2830867807021a4db8d48ee9b8600cc327446ae435c0df30a2701fe4bb93dd77

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 09:36:36 GMT
Server: Kestrel
Content-Type: text/javascript
Access-Control-Allow-Origin: https://tails.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 38
Expires: -1

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 102ms
102ms Image
image/gif 23.23.127.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1810697393&u=6888686698898920&v=5896733776338948&s=3870758651834384&b=web&tv=4.0&z=0&h=%2Fbe%2Flp%2F2wf-dogfood-1euro%2F&q=%3Fpc%3DDISCOUNTBE%26utm_source%3Darkeero%26utm_medium%3Daffiliate%26utm_campaign%3D2WF1%26pc%3DDEF50%26utm_source%3Ddefault%26utm_medium%3Daffiliate%26utm_campaign%3D50off1st%26awc%3D21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1&d=tails.com&t=tails.com%20%7C%202%20Weeks%20Free%20%7C%20tails.com&us=arkeero&um=affiliate&ua=2WF1&ts=1618565796476&st=1618565796478

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.127.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-127-240.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 09:36:36 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 telemetry
heapanalytics.com/api/ 37 B
258 B 103ms
102ms Image
image/gif 23.23.127.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=1810697393&te=type&te=data&te=cm&te=addUserProperties%20-%20no%20valid%20props&st=1618565796478&hv=4.14.0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.127.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-127-240.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 09:36:36 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H/1.1 200 lgc Show response
the.sciencebehindecommerce.com/ 0
564 B 60ms
60ms XHR
text/plain 34.251.104.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://the.sciencebehindecommerce.com/lgc
Requested by: Host: tails.com
URL: https://tails.com/discovery/js/vendor.e49563d5ed4fb7539503.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.104.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-104-84.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 16 Apr 2021 09:36:35 GMT
Server: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: https://tails.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/966987607/ 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/966987607/?random=1618565796409&cv=9&fst=1618563600000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg472&sendb=1&frm=0&url=https%3A%2F%2Ftails.com%2Fbe%2Flp%2F2wf-dogfood-1euro%2F%3Fpc%3DDISCOUNTBE%26utm_source%3Darkeero%26utm_medium%3Daffiliate%26utm_campaign%3D2WF1%26pc%3DDEF50%26utm_source%3Ddefault%26utm_medium%3Daffiliate%26utm_campaign%3D50off1st%26awc%3D21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1&tiba=tails.com%20%7C%202%20Weeks%20Free%20%7C%20tails.com&async=1&fmt=3&is_vtc=1&random=2612372538&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 09:36:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/966987607/ 42 B
64 B 23ms
23ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/966987607/?random=1618565796409&cv=9&fst=1618563600000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg472&sendb=1&frm=0&url=https%3A%2F%2Ftails.com%2Fbe%2Flp%2F2wf-dogfood-1euro%2F%3Fpc%3DDISCOUNTBE%26utm_source%3Darkeero%26utm_medium%3Daffiliate%26utm_campaign%3D2WF1%26pc%3DDEF50%26utm_source%3Ddefault%26utm_medium%3Daffiliate%26utm_campaign%3D50off1st%26awc%3D21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1&tiba=tails.com%20%7C%202%20Weeks%20Free%20%7C%20tails.com&async=1&fmt=3&is_vtc=1&random=2612372538&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 09:36:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 1E9A 0
41 B 27ms
26ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=77df5df5-9d6e-470d-994d-f55526a0b83b

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: tr.snapchat.com
:scheme: https
:path: /cm/i?pid=77df5df5-9d6e-470d-994d-f55526a0b83b
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tails.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tails.com/

Response headers

server: nginx/1.17.3
date: Fri, 16 Apr 2021 09:36:36 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
260 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=318797374943753&ev=PageView&dl=https%3A%2F%2Ftails.com%2Fbe%2Flp%2F2wf-dogfood-1euro%2F%3Fpc%3DDISCOUNTBE%26utm_source%3Darkeero%26utm_medium%3Daffiliate%26utm_campaign%3D2WF1%26pc%3DDEF50%26utm_source%3Ddefault%26utm_medium%3Daffiliate%26utm_campaign%3D50off1st%26awc%3D21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1&rl=&if=false&ts=1618565796501&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1618565796499.55240579&it=1618565796426&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 16 Apr 2021 09:36:36 GMT

GET
H/1.1 200
OK 21359.gif
www.zenaps.com/m/ Frame C578 43 B
488 B 60ms
60ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zenaps.com/m/21359.gif

Requested by

Host: www.zenaps.com
URL: https://www.zenaps.com/alt.php?mid=21359&sv=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.zenaps.com/alt.php?mid=21359&sv=21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 09:36:36 GMT
Allow: GET
ETag: 21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: max-age=0
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 p
tr.snapchat.com/ 68 B
272 B 54ms
53ms Image
image/png 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=77df5df5-9d6e-470d-994d-f55526a0b83b&ev=PAGE_VIEW&pl=https%3A%2F%2Ftails.com%2Fbe%2Flp%2F2wf-dogfood-1euro%2F%3Fpc%3DDISCOUNTBE%26utm_source%3Darkeero%26utm_medium%3Daffiliate%26utm_campaign%3D2WF1%26pc%3DDEF50%26utm_source%3Ddefault%26utm_medium%3Daffiliate%26utm_campaign%3D50off1st%26awc%3D21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1&ts=1618565796507&rf=&v=1.5&if=false&bt=__LIVE__&intg=gtm&u_c1=272d9aca-dcde-4ef6-b218-ef28b7fa0d4e&m_sl=886&m_rd=933&m_pi=612&m_ic=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
via: 1.1 google
server: nginx/1.17.3
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
235 B 102ms
101ms XHR
text/plain 3.88.94.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: tails.com
URL: https://tails.com/discovery/js/vendor.e49563d5ed4fb7539503.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.94.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-88-94-204.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://tails.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Fri, 16 Apr 2021 09:36:36 GMT
Content-Type: text/plain

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
285 B 147ms
147ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nyges&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Ftails.com%2Fbe%2Flp%2F2wf-dogfood-1euro%2F%3Fpc%3DDISCOUNTBE%26utm_source%3Darkeero%26utm_medium%3Daffiliate%26utm_campaign%3D2WF1%26pc%3DDEF50%26utm_source%3Ddefault%26utm_medium%3Daffiliate%26utm_campaign%3D50off1st%26awc%3D21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 119
pragma: no-cache
last-modified: Fri, 16 Apr 2021 09:36:36 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 0bc06e1edca80a97b3b60dd3a48c1fa0
x-transaction: 0078b7d8000fb794
expires: Tue, 31 Mar 1981 05:00:00 GMT

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ Frame 0
0 105ms
105ms Preflight
text/plain 3.88.94.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Server: 3.88.94.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-88-94-204.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://tails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://tails.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Content-Type: text/plain
Date: Fri, 16 Apr 2021 09:36:36 GMT
Content-Length: 13
Connection: keep-alive

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
12ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1676643167&t=event&ni=1&_s=1&dl=https%3A%2F%2Ftails.com%2Fbe%2Flp%2F2wf-dogfood-1euro%2F%3Fpc%3DDISCOUNTBE%26utm_source%3Darkeero%26utm_medium%3Daffiliate%26utm_campaign%3D2WF1%26pc%3DDEF50%26utm_source%3Ddefault%26utm_medium%3Daffiliate%26utm_campaign%3D50off1st%26awc%3D21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1&ul=en-us&de=UTF-8&dt=tails.com%20%7C%202%20Weeks%20Free%20%7C%20tails.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scrolling&ea=percentage&el=scrolled-10-percent&_u=aGDAAEABAAAAAG~&jid=355584202&gjid=776359568&cid=206782851.1618565796&tid=UA-52363535-1&_gid=1078923517.1618565796&_r=1&gtm=2wg4725ZNT7J&z=1471547401

Requested by

Host: tails.com
URL: https://tails.com/discovery/js/vendor.e49563d5ed4fb7539503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 09:36:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tails.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=1676643167&t=event&ni=1&_s=1&dl=https%3A%2F%2Ftails.com%2Fbe%2Flp%2F2wf-dogfood-1euro%2F%3Fpc%3DDISCOUNTBE%26utm_source%3Darkeero%26utm_medium%3Daffiliate%26utm_campaign%3D2WF1%26pc%3DDEF50%26utm_source%3Ddefault%26utm_medium%3Daffiliate%26utm_campaign%3D50off1st%26awc%3D21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1&ul=en-us&de=UTF-8&dt=tails.com%20%7C%202%20Weeks%20Free%20%7C%20tails.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scrolling&ea=percentage&el=scrolled-25-percent&_u=aGDAAEABAAAAAG~&jid=&gjid=&cid=206782851.1618565796&tid=UA-52363535-1&_gid=1078923517.1618565796&gtm=2wg4725ZNT7J&z=493515730

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 10:05:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84671
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-52363535-1&cid=206782851.1618565796&jid=355584202&gjid=776359568&_gid=1078923517.1618565796&_u=aGDAAEABAAAAAG~&z=1962248862

Requested by

Host: tails.com
URL: https://tails.com/discovery/js/vendor.e49563d5ed4fb7539503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 16 Apr 2021 09:36:36 GMT
content-type: text/plain
access-control-allow-origin: https://tails.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 18ms
17ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-52363535-1&cid=206782851.1618565796&jid=355584202&_u=aGDAAEABAAAAAG~&z=508306314

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 09:36:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 16ms
16ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-52363535-1&cid=206782851.1618565796&jid=355584202&_u=aGDAAEABAAAAAG~&z=508306314

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 09:36:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryKX6trKZFN2RhYHO3

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 16 Apr 2021 09:36:37 GMT
content-type: text/plain
access-control-allow-origin: https://tails.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.snapchat.com/	1970-01-20 02:57:41	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIAgDsItIIMqc5wjiFRxvq8lIzxTFCpkXQ1in5Hkxxoah2G0wOnxttH4SKF8oMgAAAA==
.tails.com/	1970-01-19 17:36:07	Name: _hp2_ses_props.1810697393 Value: %7B%22us%22%3A%22arkeero%22%2C%22um%22%3A%22affiliate%22%2C%22ua%22%3A%222WF1%22%2C%22ts%22%3A1618565796476%2C%22d%22%3A%22tails.com%22%2C%22h%22%3A%22%2Fbe%2Flp%2F2wf-dogfood-1euro%2F%22%2C%22q%22%3A%22%3Fpc%3DDISCOUNTBE%26utm_source%3Darkeero%26utm_medium%3Daffiliate%26utm_campaign%3D2WF1%26pc%3DDEF50%26utm_source%3Ddefault%26utm_medium%3Daffiliate%26utm_campaign%3D50off1st%26awc%3D21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1%22%7D
tails.com/	1969-12-31 23:59:59	Name: sc.ASP.NET_SESSIONID Value: nyf1uecb2mxbhsir1xqnssft
.tails.com/	1970-01-19 19:45:41	Name: _fbp Value: fb.1.1618565796499.55240579
.tails.com/	1970-01-20 03:04:03	Name: _hp2_id.1810697393 Value: %7B%22userId%22%3A%226888686698898920%22%2C%22pageviewId%22%3A%225896733776338948%22%2C%22sessionId%22%3A%223870758651834384%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.tails.com/	1970-01-20 03:05:52	Name: _scid Value: 272d9aca-dcde-4ef6-b218-ef28b7fa0d4e
tails.com/	1970-01-20 11:07:17	Name: _tq_id.TV-81728181-1.e219 Value: c1ff50e982ac267b.1618565796.0.1618565796..
.tails.com/	1970-01-19 19:45:41	Name: _gcl_au Value: 1.1.1964576651.1618565796
.tails.com/	1969-12-31 23:59:59	Name: awc Value: 21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
.tails.com/	1970-01-19 17:36:05	Name: _dc_gtm_UA-52363535-1 Value: 1
.tails.com/	1970-01-20 02:21:41	Name: _aw_m_21359 Value: 21359_1618565795_2deae7d4434fbe0848c20f6838e48ce1
.tails.com/	1970-01-19 21:55:17	Name: optimizelyEndUserId Value: oeu1618565796068r0.5026209238896833
.tails.com/	1970-01-19 17:37:32	Name: _gid Value: GA1.2.1078923517.1618565796
.tails.com/	1970-01-20 11:07:17	Name: _ga Value: GA1.2.206782851.1618565796
.tails.com/	1970-01-19 18:19:17	Name: __cfduid Value: d592dadc5a411fc003b64a932d355df201618565795
tails.com/	1970-01-20 02:21:41	Name: discovery Value: 8c8c86b4-8a9f-43be-8fa1-9de986509fb2
tails.com/	1970-01-19 17:36:06	Name: outbrain_cid_fetch Value: true
.tails.com/	1969-12-31 23:59:59	Name: pc Value: DISCOUNTBE

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://tails.com/discovery/js/vendor.e49563d5ed4fb7539503.js(Line 43) Message: _ +----------------------------------------------+ ,:'/ _..._ \| We are hiring! https://tails.com/gb/careers/ \| // ( `""-.._.' +----------------------------------------------+ \\| / 6\___ / \| 6 4 \| / \_ .--' (_'---'`) / `'---`() ,' \| , .'` \| ) _.-' ; / \| .'` _ / /' / .' '. , \| / / / \ ; \| \| \| \ \| \| .\| \| \| \ `"\| /.-' \| \| \| '-..-\ _.;.._ \| \|.;-. \ <`.._ )) \| .;-. )) (__. ` ))-' \_ ))' `'--"` `"""`

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
analytics.twitter.com
cdn.heapanalytics.com
cdn.optimizely.com
collector-1211.tvsquared.com
connect.facebook.net
d2oh4tlt9mrke9.cloudfront.net
errors.client.optimizely.com
googleads.g.doubleclick.net
heapanalytics.com
images.prismic.io
o8y.tails.com
prs.arkeero.net
sc-static.net
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tails.com
the.sciencebehindecommerce.com
tr.outbrain.com
tr.snapchat.com
txt.monadre.com
ws.sessioncam.com
www.awin1.com
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.zenaps.com
104.111.239.217
104.244.42.195
104.244.42.197
142.250.185.98
184.30.21.80
199.232.136.157
217.116.16.234
217.116.16.235
23.23.127.240
2600:9000:20e8:ae00:f:8ce2:fb80:93a1
2606:4700:10::6816:3083
2606:4700::6811:aa24
2a00:1450:4001:802::2004
2a00:1450:4001:809::200e
2a00:1450:4001:810::2002
2a00:1450:4001:813::2003
2a00:1450:4001:82b::2008
2a00:1450:400c:c0c::9a
2a02:26f0:7100:19a::13b8
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::720
3.88.94.204
34.248.165.94
34.251.104.84
35.186.226.184
52.1.89.209
64.202.112.191
65.9.76.192
99.84.156.56
99.84.156.98
022054038e16030a29a946fa15ce8599cbf035308b56893843a5d7ea7bd6b293
023e64b862c4d75dd3390eda64f830ce73e3d8c689d30fff89dec507ccabb780
0264d9ad44f32f05534a6ba89ef11366da56f7c1a3ecfb91e01df2daf1b0471b
03b52a1594b643f27fdfc0ad86291bf36368dde44df9f07e1206b6fd3563bcab
06a1cc451d04454387a43e590d8e19718cf0a6de86ab9b322043b04083e95917
0a0f4c9ec280e401b5de9a94e26a5150072324dd1d187a950e3dfe14cf37b281
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
18cffc6df1f70cee9adde63e7d762e56d54520b1baa13400397bdfbc0e2a1630
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
2830867807021a4db8d48ee9b8600cc327446ae435c0df30a2701fe4bb93dd77
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ca26861e1fc3466685ab6de61861ec7928387f0a625eecd87a47d08266d0d0e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3464e60dcf4485dd320e0b101970c4e9c6de1d996710958c7b7a57e8a70398b7
455387980b67d9db826feaab9a764351e9791e15cada8249a83bcf39489232d8
4612edea704ad5c7ee1fb610a0a4edf8e2187c6b2da27c29c591946a20fd719f
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
5565bddeccfc7febd4ae893f5032841cfe8804aaefd1a6ed1cdb394defdaf2ca
5bfbbee718f8105165c2270290f298a58aa7fa91fc8a0f20621ca24d1e9eea66
610082e2b690d27cb6d828943a4fbfbe1cc06a2009caee8f295bee6213761618
6304ee07e8d09be451e94f15671364c037ab2cadee9dce36b7e40309abfb21a7
6721044c5beb0370a1eb21ff558e3f35f8e83be5c1bdcefab8f343fe711ef3b8
6f5eb521e7232eed8400d6669959747ea13ac36637f8d21fd0c7e2fd6358477b
768bb5d81a1aa63bca4dfa8f45bccf4ca967238fdbdc8e60fbb3c5dc4c164133
7c55744b07e3d84bcb25c3ce67567cdac0f19a2adc9a1a5f9074389a8b024124
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89f46943fbc3412f51bf876da496fd590c24f41b2f02805ec1df0231e533e1dd
8fcc972a6b87ce2e2d4c3ad00178f47673b91f09aa5eeae5b78b69f27e8bbf1a
99a2ff9bfd20d0001989afba39ff03b2d137cfd8450ef71db2e9c3385df62f3b
9ddca568ff519cd935a816baec6f7bfce459656ec5022ec2ba6a6225891022eb
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
a814c74e56b667b815cb2e5e660d742921dfe114201d1f7b82fdf935a0929abc
a9b14a6e93188ab4af14d6c1e1dfe3cac4ae2c4cd91d585a69123fc8b9e09789
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc9d705ee6c02fde87c2069b74221c2172f27d659282a53756f9b3634fab4f27
c588ddd2e651f26c524dee025c5028d8b971295d2750e7ceb7c4707cc27cde16
c84b7a707cbda77b0b30740e191da1e711820fe40203866d2e7e2e5074e0ce45
ca23773dd4bf46922200e40b31cbedf7d237f19b320309f32e8e62f87086f420
cadadbf2ee4c9781a863be276eebbc56b4c5e158c9e546c0ce32ca90bc4bc93f
d51ad19c3d412835c6ddfe7b51c5a45077513cf94d0f113dc78aeb37353d0115
d9c27e5090a6b9afca63d09efe6f5d07be1e0b3cbb64b5268ee0742071955656
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9fc9399e0e4333282a6209e25003350e11ce0273eddf471819e37c9a3c7106
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e15eca5878352d8972f4e93b9aed80e34860514c23bfe9ee0a01767a291cf28a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3edd00c505d5e871db5fd345c815e47ae5c3e5798fec9b6d8b67b405ab8d166
e6737e3f5f522bac2448209aaf935a8d02b3abb6ad8a2a0defe3d9228ddd2502
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f187087b6282aad1cf02583b9379c8a4a68a8d542a143e6a7da70aa796ddb848
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

tails.com Open in urlscan Pro 2606:4700:10::6816:3083 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

100 %HTTPS

42 %IPv6

27 Domains

32 Subdomains

29 IPs

5 Countries

925 kBTransfer

2477 kBSize

18 Cookies

6 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tails.com Open in urlscan Pro
2606:4700:10::6816:3083 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

100 %
HTTPS

42 %
IPv6

27
Domains

32
Subdomains

29
IPs

5
Countries

925 kB
Transfer

2477 kB
Size

18
Cookies

69 HTTP transactions
0 data transactions