vpn-helper.pagla.net Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://vpn-helper.pagla.net/
Submission: On September 07 via automatic, source certstream-suspicious (September 7th 2023, 10:02:58 am UTC) — Scanned from NL

Summary HTTP 31 Redirects Links 96 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 31 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is vpn-helper.pagla.net.
TLS certificate: Issued by E1 on August 14th 2023. Valid for: 3 months.

This is the only time vpn-helper.pagla.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
31	9

14 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

vpn-helper.pagla.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	pagla.net vpn-helper.pagla.net	163 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	216 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 53	5 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1180	601 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1977	258 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	83 KB
31	7

	Domain	Requested by
14	vpn-helper.pagla.net	vpn-helper.pagla.net
6	pagead2.googlesyndication.com	vpn-helper.pagla.net pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	vpn-helper.pagla.net
31	8

This site contains links to these domains. Also see Links.

Domain
whatismyipaddress.com
openvpn.net
www.vpngate.net

Subject Issuer	Validity	Valid
pagla.net E1	`2023-08-14` - `2023-11-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://vpn-helper.pagla.net/
Frame ID: 8EF18868F0834331DDAB5DA9CD69E316
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html
Frame ID: 9F5B398CB97A0E5AC3EDE471391E8C54
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6762133396783000&output=html&adk=4071428371&adf=3367429328&lmt=1694073765&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x810_r&format=0x0&url=https%3A%2F%2Fvpn-helper.pagla.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694080964687&bpp=14&bdt=531&idt=694&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5471845987310&frm=20&pv=2&ga_vid=1942365672.1694080965&ga_sid=1694080966&ga_hid=2138089257&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44801758&oid=2&pvsid=3148086037613672&tmod=1086618835&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=854
Frame ID: DADD1FB39E33DE047C0D1FB9A5BCE999
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8F3F2A7DE23568279EF98DD564C7A068
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 255156D13354AEE1032A8972BAC30A1B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VPN Helper

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

31
Requests

94 %
HTTPS

100 %
IPv6

7
Domains

8
Subdomains

9
IPs

2
Countries

468 kB
Transfer

1149 kB
Size

5
Cookies

96 Outgoing links

These are links going to different origins than the main page.

URL: https://whatismyipaddress.com/ip/59.94.158.255
Title: 59.94.158.255

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/219.100.37.119
Title: 219.100.37.119

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/219.100.37.110
Title: 219.100.37.110

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/219.100.37.89
Title: 219.100.37.89

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/219.100.37.87
Title: 219.100.37.87

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/219.100.37.175
Title: 219.100.37.175

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/219.100.37.163
Title: 219.100.37.163

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/219.100.37.165
Title: 219.100.37.165

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/219.100.37.98
Title: 219.100.37.98

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/219.100.37.58
Title: 219.100.37.58

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/219.100.37.212
Title: 219.100.37.212

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/219.100.37.52
Title: 219.100.37.52

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/219.100.37.145
Title: 219.100.37.145

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/219.100.37.189
Title: 219.100.37.189

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/219.100.37.137
Title: 219.100.37.137

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/219.100.37.155
Title: 219.100.37.155

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/124.219.197.64
Title: 124.219.197.64

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/180.199.171.39
Title: 180.199.171.39

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/219.100.37.209
Title: 219.100.37.209

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/121.83.48.74
Title: 121.83.48.74

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/114.18.77.21
Title: 114.18.77.21

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/27.92.131.166
Title: 27.92.131.166

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/219.100.37.22
Title: 219.100.37.22

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/221.118.9.81
Title: 221.118.9.81

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/115.36.105.229
Title: 115.36.105.229

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/60.91.183.25
Title: 60.91.183.25

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/106.176.166.126
Title: 106.176.166.126

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/222.12.207.193
Title: 222.12.207.193

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/153.170.146.22
Title: 153.170.146.22

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/183.77.249.120
Title: 183.77.249.120

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/138.64.236.223
Title: 138.64.236.223

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/126.51.199.239
Title: 126.51.199.239

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/119.106.142.137
Title: 119.106.142.137

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/153.221.160.204
Title: 153.221.160.204

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/126.79.168.122
Title: 126.79.168.122

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/14.192.119.148
Title: 14.192.119.148

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/210.194.234.138
Title: 210.194.234.138

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/194.223.240.68
Title: 194.223.240.68

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/119.192.225.36
Title: 119.192.225.36

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/219.250.61.2
Title: 219.250.61.2

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/1.241.90.38
Title: 1.241.90.38

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/222.98.29.140
Title: 222.98.29.140

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/121.125.136.55
Title: 121.125.136.55

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/123.215.249.146
Title: 123.215.249.146

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/61.254.117.48
Title: 61.254.117.48

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/211.109.106.115
Title: 211.109.106.115

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/121.131.201.83
Title: 121.131.201.83

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/175.196.244.82
Title: 175.196.244.82

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/118.223.129.103
Title: 118.223.129.103

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/1.212.13.22
Title: 1.212.13.22

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/221.148.56.54
Title: 221.148.56.54

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/116.47.93.104
Title: 116.47.93.104

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/211.222.128.42
Title: 211.222.128.42

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/211.211.47.159
Title: 211.211.47.159

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/14.53.156.97
Title: 14.53.156.97

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/112.161.199.162
Title: 112.161.199.162

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/14.55.249.71
Title: 14.55.249.71

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/118.41.109.46
Title: 118.41.109.46

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/58.225.140.219
Title: 58.225.140.219

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/61.105.102.249
Title: 61.105.102.249

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/58.124.3.35
Title: 58.124.3.35

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/39.112.18.241
Title: 39.112.18.241

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/218.158.51.10
Title: 218.158.51.10

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/219.240.7.54
Title: 219.240.7.54

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/125.132.101.174
Title: 125.132.101.174

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/121.170.232.142
Title: 121.170.232.142

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/222.111.174.53
Title: 222.111.174.53

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/61.82.93.235
Title: 61.82.93.235

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/211.211.227.196
Title: 211.211.227.196

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/121.171.120.147
Title: 121.171.120.147

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/218.50.89.243
Title: 218.50.89.243

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/106.245.216.54
Title: 106.245.216.54

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/118.37.242.174
Title: 118.37.242.174

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/121.129.46.105
Title: 121.129.46.105

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/211.46.22.50
Title: 211.46.22.50

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/175.205.171.16
Title: 175.205.171.16

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/121.142.59.100
Title: 121.142.59.100

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/218.39.203.180
Title: 218.39.203.180

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/121.139.204.226
Title: 121.139.204.226

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/61.42.208.181
Title: 61.42.208.181

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/121.157.175.207
Title: 121.157.175.207

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/77.34.42.73
Title: 77.34.42.73

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/49.228.100.103
Title: 49.228.100.103

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/184.22.14.166
Title: 184.22.14.166

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/171.6.14.214
Title: 171.6.14.214

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/49.228.164.214
Title: 49.228.164.214

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/163.182.174.159
Title: 163.182.174.159

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/76.158.137.201
Title: 76.158.137.201

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/47.149.185.207
Title: 47.149.185.207

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/45.67.97.44
Title: 45.67.97.44

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/97.70.177.112
Title: 97.70.177.112

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/73.145.135.40
Title: 73.145.135.40

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/115.73.161.206
Title: 115.73.161.206

Search URL Search Domain Scan URL

URL: https://whatismyipaddress.com/ip/42.119.10.122
Title: 42.119.10.122

Search URL Search Domain Scan URL

URL: https://openvpn.net/client-connect-vpn-for-windows/
Title: OpenVPN Connect

Search URL Search Domain Scan URL

URL: https://www.vpngate.net/en/
Title: found here

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
vpn-helper.pagla.net/ 150 KB
9 KB 1165ms
643ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vpn-helper.pagla.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d467f56f4c8354be95b19e685c3b79669f1402f25073d632c02980d493f59c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 802e1e260aef1c78-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 10:02:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ld9Lt%2FxfhTbY%2Be86qo5ngGG0RBoU0FoIhoh5P38%2BmlYb0UkbH8FPp1EP3KTw63KqgnjnFMYRStLN%2BiGYOA7F7a7K263UHb1ID94ghJ%2Fvv9Fl6O0CGQwiIqHwbrB4%2BBsU4Wth2qz5VoEPSt8WzNxoFmChzA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: HIT from Backend
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 shortcut-instruction.png
vpn-helper.pagla.net/image/ 21 KB
21 KB 721ms
683ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vpn-helper.pagla.net/image/shortcut-instruction.png

Requested by

Host: vpn-helper.pagla.net
URL: https://vpn-helper.pagla.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd53d0d783d9c121a741846978c5fed32bb8578cbfa3365d4bf71dc294446300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpn-helper.pagla.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 10:02:44 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 14 Jul 2021 20:46:04 GMT
server: cloudflare
etag: W/"60ef4d0c-531f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uvHjzY9c6%2B%2Bx3eekpV7MO91OyB%2FGFSV2ECllydF23pWK80yXkiEcIZzAI4fIBuBXvfgfPTt99hErvjBJySFeQtHDe3YaFpghIxgKOHcZ%2FiIXD2xH2EPpNMQGx5My7WCtNn%2BK8RI3%2FLGDvSLaIYxFhMPGjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
cf-ray: 802e1e2a8f881c78-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 shortcut-credential.png
vpn-helper.pagla.net/image/ 50 KB
50 KB 757ms
721ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vpn-helper.pagla.net/image/shortcut-credential.png

Requested by

Host: vpn-helper.pagla.net
URL: https://vpn-helper.pagla.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5401e1fc2a91536ee16fcbdf4870eb3384a34b8ddc850154bba6aa28d2d27d07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpn-helper.pagla.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 10:02:44 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 14 Jul 2021 20:49:28 GMT
server: cloudflare
etag: W/"60ef4dd8-c84e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2BJdGXgRDtFESi%2BXnDgRe%2BD%2FAzw4r6I1ohIaFAscbHZOHh59RKfP%2FD80TKtEneL5ROYi4rOJbk8pmeMUZ8APCy4gJfjogX20652AhW9MsFd8eCbdOIOm7WZcqakhDfSABtRLWA7%2FKpAuw0ad1UDkUw16lA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
cf-ray: 802e1e2a8f8a1c78-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 shortcut-disclaimer.png
vpn-helper.pagla.net/image/ 4 KB
5 KB 500ms
465ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vpn-helper.pagla.net/image/shortcut-disclaimer.png

Requested by

Host: vpn-helper.pagla.net
URL: https://vpn-helper.pagla.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a25316294c4953385eaa31b3944f74ea59cd2890a4e45d34b5661eb7a5954342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpn-helper.pagla.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 10:02:44 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 14 Jul 2021 20:47:38 GMT
server: cloudflare
etag: W/"60ef4d6a-11a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fv5wzrKq%2FvTSZFPOCEDQXivbPt2qrk9V7BW%2BiUxKO9AJQxhS77ylu3zeABEkZmPoIg3gEwKOYA5mnB4DP4J7%2FBwtYywozL6Kmnf66CDfbOlYX%2FHx9eh3pAsqAcyEImP5kShcItt57Rp4amr3OhbWC6QZfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
cf-ray: 802e1e2a8f8c1c78-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 reload.png
vpn-helper.pagla.net/image/icon/ 26 KB
27 KB 734ms
702ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vpn-helper.pagla.net/image/icon/reload.png

Requested by

Host: vpn-helper.pagla.net
URL: https://vpn-helper.pagla.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbb4312b6f8a53e1dd6502992f8848881cf087301484e9ff1de33a86c0678358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpn-helper.pagla.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 10:02:44 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 13 Jul 2021 10:36:20 GMT
server: cloudflare
etag: W/"60ed6ca4-69c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63ufxoYopevFSlr5tJtIByfcpN8BRdwX3kfB%2FGrXJOFUCSAi1iOva9OWwhMXZpVeInMrrKdxLNg3co48mkdrTeSu8we5xQcogj19L2jQ9Go7zk7YwS94idV4VbelbmKA4wszmeXPbml2Ud9xvxFSDONUKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
cf-ray: 802e1e2a8f8d1c78-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 india.png
vpn-helper.pagla.net/image/icon/flag/ 1 KB
1 KB 553ms
523ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vpn-helper.pagla.net/image/icon/flag/india.png

Requested by

Host: vpn-helper.pagla.net
URL: https://vpn-helper.pagla.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17d403c9117caa9f3cd8f083b86648a5b1cfb7dd1bc80273afa5e6024a3f0745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpn-helper.pagla.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 10:02:44 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 20 Dec 2009 01:32:42 GMT
server: cloudflare
etag: W/"4b2d7eba-437"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5CRgqI4rA%2FVytHGI6FqtfWWKceddKooqgV3wBFRRTpqcNjVJNmhCjrUhMwGSoV66kDY0VeZj2Hi5lEIrb4ocUhgSGCxU8AWhs1P%2F4yf9mTpyurwOmoUII2blc%2FI5GQMEwV4mYgCBHe1Modq8cl2SJL1CfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
cf-ray: 802e1e2a8f8e1c78-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 download.png
vpn-helper.pagla.net/image/icon/ 11 KB
11 KB 495ms
479ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vpn-helper.pagla.net/image/icon/download.png

Requested by

Host: vpn-helper.pagla.net
URL: https://vpn-helper.pagla.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e4aa20d12f72b6f7793d7e1a7e35bbf62d79f070cd6747ad8d99e0cdd76264b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpn-helper.pagla.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 10:02:44 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 13 Jul 2021 10:35:40 GMT
server: cloudflare
etag: W/"60ed6c7c-2a73"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4aD1Fk7Z5E61H5HhO8J%2BAtaNWOuOjbQnlfRQjZhzyhUrLH9kn%2BEl1hUCadWtx5yCe%2FjdCmn1%2BKVHwf9ci%2FnvdetlO0rRUZ08fAse2oW9I6uohAhTYFlCG3Q5Grdg8XCYo1KoBX1n05BXiHTUlFvmgcEv0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
cf-ray: 802e1e2a8f901c78-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 japan.png
vpn-helper.pagla.net/image/icon/flag/ 875 B
1 KB 488ms
472ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vpn-helper.pagla.net/image/icon/flag/japan.png

Requested by

Host: vpn-helper.pagla.net
URL: https://vpn-helper.pagla.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

344df330450132db4fe8210679df09f55edb83186d4dcae5395224fa7e4a6c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpn-helper.pagla.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 10:02:44 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 20 Dec 2009 01:33:44 GMT
server: cloudflare
etag: W/"4b2d7ef8-36b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r3P%2FkSAtBp0jc3jSkK%2FlLojYP6Ql4lCd7eMs8dP8mKW4ydFH4cVCwrWtToeeAV4murVqv1ZI0oYHMex7EfwbXI69jLCj8pihXj6fh%2FwDuqHxyb67u0PNBDjqJx%2FXDFZwc%2BYjEbvVWutj7tQIsy2LQn31GA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
cf-ray: 802e1e2a8f931c78-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 republic_of_korea.png
vpn-helper.pagla.net/image/icon/flag/ 1 KB
2 KB 530ms
515ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vpn-helper.pagla.net/image/icon/flag/republic_of_korea.png

Requested by

Host: vpn-helper.pagla.net
URL: https://vpn-helper.pagla.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fba3c4d4aa5d0d069697d3ec27fe84ac45988cad4f2368b7545defbb94edcb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpn-helper.pagla.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 10:02:44 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Feb 2010 02:17:08 GMT
server: cloudflare
etag: W/"4b81e924-500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DpjgvfDksHVqwvHVVcH6IxfTT5ywXsgGfiYpx2RlBdkRNYCeZXMf1t8jnubIN1jCKpvJAFGcXPwEFFH4jHW5RP6%2BwBdzNrH%2FUA6HrmaEMSnj%2BqeEFdgMNzEFDNvqeoIaeUl2Ikqlo6DeIaqZRQftDZj3cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
cf-ray: 802e1e2a8f951c78-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET main.css
vpn-helper.pagla.net/style/ 0
0

GET phone.css
vpn-helper.pagla.net/style/ 0
0

GET
H2 200 russian_federation.png
vpn-helper.pagla.net/image/icon/flag/ 968 B
1 KB 466ms
464ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vpn-helper.pagla.net/image/icon/flag/russian_federation.png

Requested by

Host: vpn-helper.pagla.net
URL: https://vpn-helper.pagla.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c61a451e8f40ac648d47643c24a594d5e1057cac75b1788ee0e5e22ef3e205d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpn-helper.pagla.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 10:02:44 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 20 Dec 2009 12:04:30 GMT
server: cloudflare
etag: W/"4b2e12ce-3c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bj2azKmRDuGBafeahfeEcAc%2FA3kvXovoOlODHw6Z5DpdGxxYhy7NfChzhmyWSQTdg%2FUCxpd6%2Bdy06Je4Dgc1EZ4PXRdK%2BIRGPfEhwQaev9mN%2Bef%2FZgUXGrlfq2Ogaf1VIh4XOcBYT6FBi00EfAMhdxyHAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
cf-ray: 802e1e2aafb61c78-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 thailand.png
vpn-helper.pagla.net/image/icon/flag/ 662 B
989 B 459ms
458ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vpn-helper.pagla.net/image/icon/flag/thailand.png

Requested by

Host: vpn-helper.pagla.net
URL: https://vpn-helper.pagla.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7938c1142ee0dbcf2ceb25a95cee5fd14cdadf9097b38ea7ef51c3b1d6a45450

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpn-helper.pagla.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 10:02:44 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 22 Apr 2010 01:56:06 GMT
server: cloudflare
etag: W/"4bcfacb6-296"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2MUJrrEL9YW0yF5LW%2BbEntLhquFcuOU1K5dSexqyyaQaDj1gi2F3AcwfeTV55Ci4jGVxXOjaUwV8NdtPM1z7%2BrG4Uj3L9iZf8l6BFXrsZcmtKpf77JgrlubB%2BfAh1qIUq5cyJkJTlsEwCp1lhJe1zKmpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
cf-ray: 802e1e2aafb81c78-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 united_states_of_america.png
vpn-helper.pagla.net/image/icon/flag/ 1 KB
2 KB 472ms
471ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vpn-helper.pagla.net/image/icon/flag/united_states_of_america.png

Requested by

Host: vpn-helper.pagla.net
URL: https://vpn-helper.pagla.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cf28d1f1ba550ba142a7216575be1b50cb07ea76e5d712c1c7c64f3656efa39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpn-helper.pagla.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 10:02:44 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 20 Dec 2009 01:26:34 GMT
server: cloudflare
etag: W/"4b2d7d4a-525"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKfXJpDSqEBCCibDUwkUFUVRq%2Bm7MX82ybQTn%2Fp9CwqDN2MRUiTkOI7prgY0amlLJjwrUpwSJMa%2Bydfhce4xpvkA6as6duvH04d60I%2BJ0QGpTvE%2BVYUfDr2hAuJ9OfY2IFzmt2IuCTivoeDgLyac5HnO9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
cf-ray: 802e1e2abfbf1c78-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 viet_nam.png
vpn-helper.pagla.net/image/icon/flag/ 904 B
1 KB 509ms
508ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vpn-helper.pagla.net/image/icon/flag/viet_nam.png

Requested by

Host: vpn-helper.pagla.net
URL: https://vpn-helper.pagla.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

378ff60858ded9df6527a92c273bd10cec16e46d184be843f21d6784e3846e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpn-helper.pagla.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 10:02:44 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Apr 2010 21:12:10 GMT
server: cloudflare
etag: W/"4bdb47aa-388"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iql%2Fgrz9zYSdbMJQPEpU2trcC7fLTPyJYGwVrjXOYeQMm8tehehrOExBMCxoAAmKO1DxIX0gIiCvOKPgbILXeIPpjbLwgBWuyx7PfNsej18c1V%2FPF1%2FJiQiQ%2BSgs0t4o1llEHSNy85vj9xuk%2BEvCxYcPfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
cf-ray: 802e1e2abfc11c78-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 openvpn.png
vpn-helper.pagla.net/image/icon/ 30 KB
30 KB 714ms
713ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vpn-helper.pagla.net/image/icon/openvpn.png

Requested by

Host: vpn-helper.pagla.net
URL: https://vpn-helper.pagla.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f86c1d67e316f8d69b65ad8eb1a2320815bb00a9cd7aa56c99dd95fa4f33e00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpn-helper.pagla.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 10:02:44 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 13 Jul 2021 10:48:38 GMT
server: cloudflare
etag: W/"60ed6f86-76b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etQOsOoLqVAkQWFuZOL49bkb%2BI2oQpiGz76U%2BijxC5jNfX96BR0Z16cy59iWF8qIrz9U5SYmnefX9iBOL%2Fekw7d3lgl9xmIkuxl8pilqeSm%2FHennENpBlrlmalhdp64y%2F8ekvPIkPE10mEKyv39ogqbcEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
cf-ray: 802e1e2abfc21c78-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
83 KB 252ms
102ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CBL3J3SB2G

Requested by

Host: vpn-helper.pagla.net
URL: https://vpn-helper.pagla.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea399ad1ffdc6b059b0577a0005c26bfc421a6fa3ebf87d2eb528682cd75a897

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpn-helper.pagla.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 10:02:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Sep 2023 10:02:44 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 280ms
126ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: vpn-helper.pagla.net
URL: https://vpn-helper.pagla.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

377be9ee3161594590eaa630ff4d4f0b524120065df9e0bbbd453cc36512524e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vpn-helper.pagla.net/
Origin: https://vpn-helper.pagla.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 10:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50400
x-xss-protection: 0
server: cafe
etag: 16417274565728462047
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 10:02:44 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/ 377 KB
128 KB 259ms
160ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6762133396783000&plah=vpn-helper.pagla.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35cbe9f93b4e1213cae521045bc2447ebbb622ca1029b20977d747d06c524b3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpn-helper.pagla.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 10:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131260
x-xss-protection: 0
server: cafe
etag: 430202420211464283
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 10:02:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/ Frame 9F5B 10 KB
5 KB 152ms
46ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vpn-helper.pagla.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 41071
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 22:38:13 GMT
etag: 8554266389219770021
expires: Wed, 20 Sep 2023 22:38:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 98ms
32ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CBL3J3SB2G&gtm=45je3960h2&_p=2138089257&cid=1942365672.1694080965&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694080964&sct=1&seg=0&dl=https%3A%2F%2Fvpn-helper.pagla.net%2F&dt=VPN%20Helper&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBL3J3SB2G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpn-helper.pagla.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 10:02:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vpn-helper.pagla.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
601 B 138ms
51ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=vpn-helper.pagla.net&callback=_gfp_s_&client=ca-pub-6762133396783000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6762133396783000&plah=vpn-helper.pagla.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cc5f7b928095c43e9703f46d4d8eeec48bc0872df69c2067c4d30f60367114b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpn-helper.pagla.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 10:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DADD 603 B
245 B 239ms
207ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6762133396783000&output=html&adk=4071428371&adf=3367429328&lmt=1694073765&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x810_r&format=0x0&url=https%3A%2F%2Fvpn-helper.pagla.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694080964687&bpp=14&bdt=531&idt=694&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5471845987310&frm=20&pv=2&ga_vid=1942365672.1694080965&ga_sid=1694080966&ga_hid=2138089257&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44801758&oid=2&pvsid=3148086037613672&tmod=1086618835&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=854

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vpn-helper.pagla.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 10:02:45 GMT
expires: Thu, 07 Sep 2023 10:02:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 116ms
94ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230906&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05783c9e6b6b9e59e0e97f02d52e84712096fc2d772956fefbf6f06fa304ef23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpn-helper.pagla.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 10:02:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11687
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 704ms
234ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpn-helper.pagla.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 10:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 10:02:46 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8F3F 13 KB
5 KB 394ms
78ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vpn-helper.pagla.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 2300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 09:24:28 GMT
expires: Fri, 06 Sep 2024 09:24:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2551 829 B
1 KB 395ms
82ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ce2a4b14da01a84e65b53bc2148f55064c252487d3286daa2ea9a0fed611cfbb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hzHow7JKVLsdCY_Y7MfEzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vpn-helper.pagla.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-hzHow7JKVLsdCY_Y7MfEzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 10:02:48 GMT
expires: Thu, 07 Sep 2023 10:02:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2551 0
0 155ms
155ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230906&jk=3148086037613672&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 200 Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js Show response
pagead2.googlesyndication.com/bg/ Frame 8F3F 37 KB
14 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 09:24:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Sep 2024 09:24:27 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8F3F 0
10 B 104ms
103ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mM81Ug
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 10:02:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 249ms
152ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230906&jk=3148086037613672&bg=!6eql6qXNAAa6D61Rmg87ADQBe5WfOH5UIOng9qoXXCoAlKbaVd3BPYF3DCn8OsMJnEn7ambOB74cRiq9k652ir-1socbAgAAAjRSAAAANWgBBwoAXS5m1Wfst2S8W-xCFcn3HGKfj3sgEofLdwk_jBWJGLLoO6omCeTn0hXnWgL2d377XWjvKFGysotQez8fnmZFj1DZmh1to1h4bcF8tHlYH2BskV9ojtElUgOC-SX7XJkCwIuuQr1oLz1BSjsZBVA2-wKDtDu_d1Pxj-bI5F225VGXXagfHa94agERv0DANMpntKSujnbmti73sjkQM8wbRwim6KGn9nB8duvVzSNPLzpFD49-Re52uKjpF9q-vLbiYUBBHZkwLPtF_nSXN3lkQkqvqQJin3mgeajNLUSmV9Wiri7w-paGJ-iFHrFN41m5tet0PkgOxUzdLawpVOuZ0oE6n3XdM47i6BBNL-AAOyp4zakC7yJQCoZxMQRC7_WgvMlB_P7bzCNBAgXrInDdPDE93ftkKePY1-9saPmTH5C-NiT9ANMaluJaV-qaPgd1CaQx3MmCd1Ta_WvOx48OVajEleXRpEG__wFfYpiSsD_seIyKwrHS3NOMw_fdf3gW6KoO_NiTU0ageWtYwirAlaHcjll3d6xwXJXdzd_ZjH7GBgfaXbjdm0wbepLCbCQCea3pAtBNyiIhvdqkyHd1g7szrvp4CnvbVNcwUB0vDMV3dSHVv-lnQD4hm9EKiqU1tVzzixJ0QN-JeG1GK-r6zKG-AiCgbmIoi4Z1lABC6Krb076povw89EGjYdRpU24JrjV6-EIE8rO4HYM-ahL0N7mW4JL-eLZmtOmWZvKexSDrUpHwlAqe9ebw-OQnzgwdP8r_LogpTS8CnKOWCmuQCVp6gFgjUQ7yoklvxpDVnqNBE-e-nntlCCAvYFkd9yPmNkAdncFtBSBD-Q-uRGvkzO9j3Rq_snDldSfw9Yrtn9vhUqgbFGvQQRFwx9_TadAli10t6q4MF4_0HrGv9rRotBQEeNUMU8Fim5ORAuwFsD3HrTrCrg4gJ9vu49fkdOPH2HiDKjQfaLWlEXI15f_xcChxXf-bOdro6Ibl2bVk6b3TQOBibCX0jfBBtj7IA7P3a1WupciomT5s7sEnfY01VzYXzaGOtMBIQKi7T77IXc3T
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpn-helper.pagla.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vpn-helper.pagla.net
URL: http://vpn-helper.pagla.net/style/main.css

Domain: vpn-helper.pagla.net
URL: http://vpn-helper.pagla.net/style/phone.css

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pagla.net/	1970-01-21 00:10:40	Name: _ga_CBL3J3SB2G Value: GS1.1.1694080964.1.0.1694080964.0.0.0
.pagla.net/	1970-01-21 00:10:40	Name: _ga Value: GA1.1.1942365672.1694080965
.pagla.net/	1970-01-20 23:56:16	Name: __gads Value: ID=403fb99179d2b735-22e3df766ade0053:T=1694080965:RT=1694080965:S=ALNI_MZBDuPMDu0kLnCuS2KlwhlGcszVqA
.pagla.net/	1970-01-20 23:56:16	Name: __gpi Value: UID=00000d90a8cbce49:T=1694080965:RT=1694080965:S=ALNI_MY_Qo2KvVxD-8VdVa-2VnViNQvpDA
.doubleclick.net/	1970-01-20 14:34:41	Name: test_cookie Value: CheckForPermission

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://vpn-helper.pagla.net/(Line 24) Message: Mixed Content: The page at 'https://vpn-helper.pagla.net/' was loaded over HTTPS, but requested an insecure stylesheet 'http://vpn-helper.pagla.net/style/main.css'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://vpn-helper.pagla.net/(Line 25) Message: Mixed Content: The page at 'https://vpn-helper.pagla.net/' was loaded over HTTPS, but requested an insecure stylesheet 'http://vpn-helper.pagla.net/style/phone.css'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://vpn-helper.pagla.net/(Line 34) Message: Mixed Content: The page at 'https://vpn-helper.pagla.net/' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://vpn-helper.pagla.net/?Mode=HTML&Order=S.Country%20ASC,%20S.Speed&OrderBy=DESC'. This endpoint should be made available over a secure connection.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
tpc.googlesyndication.com
vpn-helper.pagla.net
www.google.com
www.googletagmanager.com
vpn-helper.pagla.net
2001:4860:4802:34::36
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2008
2a06:98c1:3120::3
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
05783c9e6b6b9e59e0e97f02d52e84712096fc2d772956fefbf6f06fa304ef23
0c61a451e8f40ac648d47643c24a594d5e1057cac75b1788ee0e5e22ef3e205d
0e4aa20d12f72b6f7793d7e1a7e35bbf62d79f070cd6747ad8d99e0cdd76264b
17d403c9117caa9f3cd8f083b86648a5b1cfb7dd1bc80273afa5e6024a3f0745
344df330450132db4fe8210679df09f55edb83186d4dcae5395224fa7e4a6c9e
35cbe9f93b4e1213cae521045bc2447ebbb622ca1029b20977d747d06c524b3c
377be9ee3161594590eaa630ff4d4f0b524120065df9e0bbbd453cc36512524e
378ff60858ded9df6527a92c273bd10cec16e46d184be843f21d6784e3846e77
3d467f56f4c8354be95b19e685c3b79669f1402f25073d632c02980d493f59c3
530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797
5401e1fc2a91536ee16fcbdf4870eb3384a34b8ddc850154bba6aa28d2d27d07
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5cc5f7b928095c43e9703f46d4d8eeec48bc0872df69c2067c4d30f60367114b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7938c1142ee0dbcf2ceb25a95cee5fd14cdadf9097b38ea7ef51c3b1d6a45450
8f86c1d67e316f8d69b65ad8eb1a2320815bb00a9cd7aa56c99dd95fa4f33e00
9cf28d1f1ba550ba142a7216575be1b50cb07ea76e5d712c1c7c64f3656efa39
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a25316294c4953385eaa31b3944f74ea59cd2890a4e45d34b5661eb7a5954342
bbb4312b6f8a53e1dd6502992f8848881cf087301484e9ff1de33a86c0678358
bd53d0d783d9c121a741846978c5fed32bb8578cbfa3365d4bf71dc294446300
ce2a4b14da01a84e65b53bc2148f55064c252487d3286daa2ea9a0fed611cfbb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea399ad1ffdc6b059b0577a0005c26bfc421a6fa3ebf87d2eb528682cd75a897
fba3c4d4aa5d0d069697d3ec27fe84ac45988cad4f2368b7545defbb94edcb0c

vpn-helper.pagla.net Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

31 Requests

94 %HTTPS

100 %IPv6

7 Domains

8 Subdomains

9 IPs

2 Countries

468 kBTransfer

1149 kBSize

5 Cookies

96 Outgoing links

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

vpn-helper.pagla.net Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

94 %
HTTPS

100 %
IPv6

7
Domains

8
Subdomains

9
IPs

2
Countries

468 kB
Transfer

1149 kB
Size

5
Cookies

31 HTTP transactions
0 data transactions