www.privateinternetaccess.com Open in urlscan Pro
104.18.14.49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go.atk.media/winterpia.html?ref=techgisto
Effective URL:
https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Submission: On May 19 via api (May 19th 2023, 12:20:34 pm UTC) from US — Scanned from DE

Summary HTTP 54 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 16 IPs in 6 countries across 16 domains to perform 54 HTTP transactions. The main IP is 104.18.14.49, located in and belongs to CLOUDFLARENET, US. The main domain is www.privateinternetaccess.com. The Cisco Umbrella rank of the primary domain is 45681.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 19th 2022. Valid for: a year.

This is the only time www.privateinternetaccess.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a05:d014:275... 2a05:d014:275:cb01::c8	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:400... 2a04:4e42:400::396	54113 (FASTLY) (FASTLY)
2 14	104.18.14.49 104.18.14.49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
19	2606:4700::68... 2606:4700::6812:a0b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.5.69.127 3.5.69.127	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:10:... 2606:4700:10::6814:10e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
3	52.218.28.67 52.218.28.67	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
54	16

1 2a05:d014:275:cb01::c8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

go.atk.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.18.14.49 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.privateinternetaccess.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets-cms.privateinternetaccess.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700::6812:a0b (United States)

ASN13335 (CLOUDFLARENET, US)

lplandmedia.supreme.tools	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.69.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com

nitool.s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6814:10e (United States)

ASN13335 (CLOUDFLARENET, US)

assets.cyberghostvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.218.28.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	supreme.tools lplandmedia.supreme.tools	950 KB
14	privateinternetaccess.com 2 redirects www.privateinternetaccess.com — Cisco Umbrella Rank: 45681 assets-cms.privateinternetaccess.com — Cisco Umbrella Rank: 926240	172 KB
5	cyberghostvpn.com assets.cyberghostvpn.com	111 KB
4	amazonaws.com nitool.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com	402 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	91 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6080	408 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 76	358 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 875	7 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 199	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 696	30 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 885	46 KB
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1480	157 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1323	8 KB
1	atk.media go.atk.media	840 B
54	16

	Domain	Requested by
19	lplandmedia.supreme.tools	www.privateinternetaccess.com
12	www.privateinternetaccess.com	2 redirects www.privateinternetaccess.com static.cloudflareinsights.com
5	assets.cyberghostvpn.com	www.privateinternetaccess.com
3	s3-eu-west-1.amazonaws.com	www.privateinternetaccess.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	assets-cms.privateinternetaccess.com	www.privateinternetaccess.com
2	www.googletagmanager.com	www.privateinternetaccess.com www.googleoptimize.com
1	www.google.de	www.privateinternetaccess.com
1	www.google.com	www.privateinternetaccess.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.cloudflareinsights.com	www.privateinternetaccess.com
1	cdnjs.cloudflare.com	www.privateinternetaccess.com
1	code.jquery.com	www.privateinternetaccess.com
1	nitool.s3-eu-west-1.amazonaws.com	www.privateinternetaccess.com
1	www.googleoptimize.com	www.privateinternetaccess.com
1	alb.reddit.com	go.atk.media
1	www.redditstatic.com	go.atk.media
1	go.atk.media
54	18

This site contains links to these domains. Also see Links.

Domain
fra.privateinternetaccess.com
deu.privateinternetaccess.com
dnk.privateinternetaccess.com
ita.privateinternetaccess.com
jpn.privateinternetaccess.com
nld.privateinternetaccess.com
nor.privateinternetaccess.com
bra.privateinternetaccess.com
rus.privateinternetaccess.com
mex.privateinternetaccess.com
pol.privateinternetaccess.com
kor.privateinternetaccess.com
tur.privateinternetaccess.com
tha.privateinternetaccess.com
chi.privateinternetaccess.com
www.trustpilot.com

Subject Issuer	Validity	Valid
go.atk.media R3	`2023-05-06` - `2023-08-04`	3 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-12` - `2023-10-08`	6 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2023-10-15`	6 months	crt.sh
*.privateinternetaccess.com Go Daddy Secure Certificate Authority - G2	`2022-12-19` - `2024-01-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-04` - `2024-05-03`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2023-12-23`	8 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.cyberghostvpn.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-18` - `2024-01-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Frame ID: 54E806F4DC25DFEAABF38865902C32A7
Requests: 51 HTTP requests in this frame

Frame: https://www.privateinternetaccess.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
Frame ID: 557A3E03FA089912C137468CA5F7711F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Private Internet Access | Anonymous VPN Service Provider

Page URL History Show full URLs

https://go.atk.media/winterpia.html?ref=techgisto Page URL
https://www.privateinternetaccess.com/offer/bestvpn2023_ml01t8t HTTP 302
https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvp... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

54
Requests

98 %
HTTPS

81 %
IPv6

16
Domains

18
Subdomains

16
IPs

6
Countries

1840 kB
Transfer

2957 kB
Size

18
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://fra.privateinternetaccess.com/offer/save-now-savelift?&coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb&aff_sub4=2Y2M
Title: Français

Search URL Search Domain Scan URL

URL: https://deu.privateinternetaccess.com/offer/save-now-savelift?&coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb&aff_sub4=2Y2M
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://dnk.privateinternetaccess.com/offer/save-now-savelift?&coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb&aff_sub4=2Y2M
Title: Dansk

Search URL Search Domain Scan URL

URL: https://ita.privateinternetaccess.com/offer/save-now-savelift?&coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb&aff_sub4=2Y2M
Title: Italiano

Search URL Search Domain Scan URL

URL: https://jpn.privateinternetaccess.com/offer/save-now-savelift?&coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb&aff_sub4=2Y2M
Title: 日本語

Search URL Search Domain Scan URL

URL: https://nld.privateinternetaccess.com/offer/save-now-savelift?&coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb&aff_sub4=2Y2M
Title: Nederlands

Search URL Search Domain Scan URL

URL: https://nor.privateinternetaccess.com/offer/save-now-savelift?&coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb&aff_sub4=2Y2M
Title: Norsk

Search URL Search Domain Scan URL

URL: https://bra.privateinternetaccess.com/offer/save-now-savelift?&coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb&aff_sub4=2Y2M
Title: Português

Search URL Search Domain Scan URL

URL: https://rus.privateinternetaccess.com/offer/save-now-savelift?&coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb&aff_sub4=2Y2M
Title: Pусский

Search URL Search Domain Scan URL

URL: https://mex.privateinternetaccess.com/offer/save-now-savelift?&coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb&aff_sub4=2Y2M
Title: Español

Search URL Search Domain Scan URL

URL: https://pol.privateinternetaccess.com/offer/save-now-savelift?&coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb&aff_sub4=2Y2M
Title: Polski

Search URL Search Domain Scan URL

URL: https://kor.privateinternetaccess.com/offer/save-now-savelift?&coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb&aff_sub4=2Y2M
Title: 한국어

Search URL Search Domain Scan URL

URL: https://tur.privateinternetaccess.com/offer/save-now-savelift?&coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb&aff_sub4=2Y2M
Title: Türkçe

Search URL Search Domain Scan URL

URL: https://tha.privateinternetaccess.com/offer/save-now-savelift?&coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb&aff_sub4=2Y2M
Title: ไทย

Search URL Search Domain Scan URL

URL: https://chi.privateinternetaccess.com/offer/save-now-savelift?&coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb&aff_sub4=2Y2M
Title: 简体中文

Search URL Search Domain Scan URL

URL: https://www.trustpilot.com/review/privateinternetaccess.com?utm_medium=trustboxundefined
Title: Reviews 8,446 EXCELLENT

Search URL Search Domain Scan URL

URL: https://www.trustpilot.com/review/privateinternetaccess.com?utm_medium=trustbox

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go.atk.media/winterpia.html?ref=techgisto Page URL
https://www.privateinternetaccess.com/offer/bestvpn2023_ml01t8t HTTP 302
https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://www.privateinternetaccess.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://www.privateinternetaccess.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 winterpia.html Show response
go.atk.media/ 644 B
840 B 337ms
21ms Document
text/html 2a05:d014:275:cb01::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://go.atk.media/winterpia.html?ref=techgisto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

db64cb47101c97a4fb5a7a45baf272b2dee2ad66ba8537603a37ca40e1d05b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 973
cache-control: public, max-age=0, must-revalidate
content-length: 644
content-type: text/html; charset=UTF-8
date: Fri, 19 May 2023 12:04:16 GMT
etag: "e897060ccf6b299d26755052ae94a4aa-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01H0SZ8M1VT61G7X7VZKAG7452

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 99ms
21ms Script
application/javascript 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: go.atk.media
URL: https://go.atk.media/winterpia.html?ref=techgisto
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.atk.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:29 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 23 Jan 2023 21:56:14 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "03d5db9dfd00a5719bb4c9261e6fa1bb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7356

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 164ms
114ms Image
image/gif 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1684498829524&id=t2_veu957ty&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=712ca60a-961f-4381-a487-947c7a6e0a71&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4
Requested by: Host: go.atk.media
URL: https://go.atk.media/winterpia.html?ref=techgisto
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.atk.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:29 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2

200

Primary Request save-now-savelift Show response
www.privateinternetaccess.com/offer/
Redirect Chain

https://www.privateinternetaccess.com/offer/bestvpn2023_ml01t8t
https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb

666 KB
87 KB

936ms
935ms

Document
text/html

104.18.14.49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.14.49 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PIA

Resource Hash

43d02e62bd986a56445e7008b4694f8519d8406380424a5f2af4e53b41c803dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://go.atk.media/winterpia.html?ref=techgisto
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Content-Type, X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7c9c4b584fda995c-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 19 May 2023 12:20:31 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN SAMEORIGIN
x-permitted-cross-domain-policies: none
x-powered-by: PIA
x-robots-tag: noindex, nofollow
x-xss-protection: 0

Redirect headers

access-control-allow-headers: Content-Type, X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7c9c4b560d58995c-FRA
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 19 May 2023 12:20:30 GMT
expect-ct: max-age=0
location: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN SAMEORIGIN
x-permitted-cross-domain-policies: none
x-powered-by: PIA
x-xss-protection: 0

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 117 KB
46 KB 87ms
34ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-KBFSF9H

Requested by

Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f79c5bc43e775b680d0497537192c2602ead813f31525bd2766558763d370766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46634
x-xss-protection: 0
last-modified: Fri, 19 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 May 2023 12:20:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 117 KB
46 KB 87ms
34ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-26585402-1

Requested by

Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dcc44027b209d2e15599772814ab95366dfc804a388c07f5df68046593a5e608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46568
x-xss-protection: 0
last-modified: Fri, 19 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 May 2023 12:20:31 GMT

GET
H3 200 bootstrap.min.js Show response
www.privateinternetaccess.com/offer/assets/scripts/bootstrap/ 77 KB
23 KB 43ms
40ms Script
application/javascript 104.18.14.49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.privateinternetaccess.com/offer/assets/scripts/bootstrap/bootstrap.min.js?v3

Requested by

Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.14.49 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PIA

Resource Hash

8f27c2a51f4f713efda3881de03697fdce7a5022874d94d5256e106e0322d598

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 3193419
x-powered-by: PIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 11 Apr 2023 11:34:58 GMT
server: cloudflare
etag: W/"13367-1877018fad0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
cf-ray: 7c9c4b5f9a62361d-FRA
access-control-allow-headers: Content-Type, X-Requested-With

GET
H3 200 navbar-hp.js Show response
www.privateinternetaccess.com/offer/assets/scripts/core/ 1 KB
596 B 64ms
61ms Script
application/javascript 104.18.14.49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.privateinternetaccess.com/offer/assets/scripts/core/navbar-hp.js?v1

Requested by

Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.14.49 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PIA

Resource Hash

73103b3afa34370fc2acf66db6c35771c75a34b33bc6effc3338543c7502fbb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 86937
cf-polished: origSize=1564
x-powered-by: PIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 18 May 2023 11:13:04 GMT
server: cloudflare
etag: W/"61c-1882e903a00"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
cf-ray: 7c9c4b5f9a63361d-FRA
access-control-allow-headers: Content-Type, X-Requested-With

GET
H2 200 pia_new_logo-desktop_dark_v2.svg
lplandmedia.supreme.tools/privateland/logos/pia/ 17 KB
6 KB 92ms
30ms Image
image/svg+xml 2606:4700::6812:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lplandmedia.supreme.tools/privateland/logos/pia/pia_new_logo-desktop_dark_v2.svg
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 358fe265580661382266638d2e3eed6f32b83742bcbc109e7502ea165eb09a76

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
x-amz-version-id: GzVCuPoY9CRU7jg.WubPzjb.DWUSkTiw
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: MH5Z3Q88RKX1RYGX
age: 1312
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: MpLWUn+6OeqIwyAQ2RfKQPCRzbIbQAwD7LI0CPd6UO+LiQaCOC+8wmmQgucgYDVAc1cTA5gDrFI=
last-modified: Tue, 25 Jan 2022 17:01:43 GMT
server: cloudflare
etag: W/"e04a4c5d912529fc13dbf83f00a56ac2"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7c9c4b5ff9bc363d-FRA
expires: Sat, 18 May 2024 12:20:31 GMT

GET
H2 200 pia_new_logo-desktop_white_v2.svg
lplandmedia.supreme.tools/privateland/logos/pia/ 17 KB
6 KB 91ms
29ms Image
image/svg+xml 2606:4700::6812:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lplandmedia.supreme.tools/privateland/logos/pia/pia_new_logo-desktop_white_v2.svg?v3
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8363aa35fa4e039e1a1cc71217d5136f4153bba974d1fca4bd2d742d990347d8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
x-amz-version-id: I_pdrAentdikhWOzMVMENG1S2Araa8z5
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: MH5X0SRMX5337BBX
age: 1312
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: VpYkAu0fNm6h5LxTe+OaTTmYj7+gt223AvNnlZS6FnFTUZJjjHLg+U88AOEkqnQh7F+dNntUC00=
last-modified: Wed, 30 Jun 2021 10:11:04 GMT
server: cloudflare
etag: W/"af9e9a8b449a2159329c1de4d801ebd7"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7c9c4b5ff9c1363d-FRA
expires: Sat, 18 May 2024 12:20:31 GMT

GET
H2 200 open_globe.svg
lplandmedia.supreme.tools/privateland/misc/ 971 B
772 B 102ms
40ms Image
image/svg+xml 2606:4700::6812:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lplandmedia.supreme.tools/privateland/misc/open_globe.svg
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f23c671e5a88e26fc666a274e43def2b2dca1acb2160f3a6321d43ca62a3049

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
x-amz-version-id: hDJOy4fXMXRuyoYFyr.TNgAv5WzDxM_U
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: MH5S1FKD1RMJGMZ1
age: 1311
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: HzEhnVQ55MAPaGH4BusxdnYwtNuX2N33PQngahRAV9FblWbX237kxD3a9YdIGgmY/UCvjhhL+ho=
last-modified: Tue, 28 Dec 2021 13:31:06 GMT
server: cloudflare
etag: W/"b6908245aa1f7d647e8fc627012d429e"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7c9c4b5ff9c2363d-FRA
expires: Sat, 18 May 2024 12:20:31 GMT

GET
H2 200 wave.svg
lplandmedia.supreme.tools/privateland/landing-pages/save-lift/ 738 B
677 B 179ms
117ms Image
image/svg+xml 2606:4700::6812:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lplandmedia.supreme.tools/privateland/landing-pages/save-lift/wave.svg
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da374f21f8c504261635d7fd4757cf184188383112e720415b5f3a8630fd4f9f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
x-amz-version-id: PFWsLGMvqtHOfkivbEj607Atpp6trmD8
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 18 Oct 2022 14:02:23 GMT
server: cloudflare
x-amz-request-id: X565A9QC6VQB2HXA
etag: W/"f14362f83bd5a49383f451a23a81cdf4"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7c9c4b5ff9c4363d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: p4j6idQPF0RnaDJHOnHZOu1Fa2hr1Y62S+VfmO/FQWfwLia1f/Jm/LQGr6Qgaizsrr3wzDJy0VA=
expires: Sat, 18 May 2024 12:20:31 GMT

GET
H/1.1 200
OK TGwhite.png
nitool.s3-eu-west-1.amazonaws.com/logos/ 6 KB
6 KB 189ms
61ms Image
application/octet-stream 3.5.69.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nitool.s3-eu-west-1.amazonaws.com/logos/TGwhite.png
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.69.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 912d6e520934cc64fdde1390d555018a704b82406edde9de73c9b54a5fb297c9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 12:20:32 GMT
x-amz-version-id: fS_gFHCSebnYQzFvVel4H7orqJoDueFM
Last-Modified: Thu, 09 Mar 2023 14:05:10 GMT
Server: AmazonS3
x-amz-request-id: X56164H35JAFQ3JK
ETag: "bbf8295c153f52917f74c3f2519a03a4"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 5789
x-amz-id-2: uFLQodGj5YLggxIZInk5TaqnjbyunL7NcWfRtsP/pVbmoBnU/Ri3j34a0BrZIiF+59vnRpj+sZGhf8WjvaCKIQ==

GET
H2 200 checkmark-lock.svg
lplandmedia.supreme.tools/privateland/misc/ 1 KB
794 B 92ms
31ms Image
image/svg+xml 2606:4700::6812:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lplandmedia.supreme.tools/privateland/misc/checkmark-lock.svg
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5485da762d2da5f778ed1b68e24ac82a2cbf189a4697f51e175d03ccb2b31412

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
x-amz-version-id: QGjzAb5GD.M7OWNiI.yiLf4voOxMO91V
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 300A30HCYDTEPTST
age: 2013
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 5KMOCvFarLSmKm+/JRUBeH2Aol7EO6/3g25H1Nmt8i2szLeErVxtD4mNmjSyNgNgpow/cc9FQW4=
last-modified: Sun, 20 Jun 2021 08:46:39 GMT
server: cloudflare
etag: W/"6a9e6c73e1fb37aba34893d69d7bc642"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7c9c4b5ff9c6363d-FRA
expires: Sat, 18 May 2024 12:20:31 GMT

GET
H2 200 devices-symbols.svg
lplandmedia.supreme.tools/privateland/body/hp-body/ 7 KB
3 KB 93ms
32ms Image
image/svg+xml 2606:4700::6812:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lplandmedia.supreme.tools/privateland/body/hp-body/devices-symbols.svg
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9592ac2e43fe2ad62bb08a9138da8bd85a50356a32378d54199bcf2b9d3231c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
x-amz-version-id: DfJv3TY98W2u9yqfHnaXNFdNodG0RewO
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 7820S3RWB719WQ9G
age: 1311
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: NQnBPlB0eQk0RV8wgvR79JMgv8afQMPrglRJXWg5tdiXKAi+0zZF8zHbDc30JNH0uZEYqFVAVkw=
last-modified: Mon, 31 May 2021 14:26:00 GMT
server: cloudflare
etag: W/"b6539a60d98f4e9def6d719d437e2ab1"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7c9c4b5ff9c5363d-FRA
expires: Sat, 18 May 2024 12:20:31 GMT

GET
H2 200 image.webp
lplandmedia.supreme.tools/privateland/misc/audit/ 224 KB
225 KB 206ms
204ms Image
image/webp 2606:4700::6812:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lplandmedia.supreme.tools/privateland/misc/audit/image.webp?
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5d1d1de59ac56e609ab717d98693f212a8674b6f462b9434203a6ed148bd01b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
x-amz-version-id: 0Bov2cDBjm9IpDwNueJ6GL2W2XLKr5Df
cf-cache-status: MISS
x-amz-request-id: X56EE3DC1BPN96ED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 229750
x-amz-id-2: mOTLuVCvgZG2fYHPWCy6/NZ5E4fkcNdBDZ+zphIzyYV3sfO/s0XVr604dUITmJx8z7/o7sP2ryw=
last-modified: Mon, 29 Aug 2022 14:08:12 GMT
server: cloudflare
etag: "c5ee4aa399df711a4179bf8d1d45dc4b"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c9c4b6009ca363d-FRA
expires: Sat, 18 May 2024 12:20:31 GMT

GET
H2 200 image.webp
lplandmedia.supreme.tools/privateland/misc/audit/ 224 KB
225 KB 227ms
226ms Image
image/webp 2606:4700::6812:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lplandmedia.supreme.tools/privateland/misc/audit/image.webp?v2
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5d1d1de59ac56e609ab717d98693f212a8674b6f462b9434203a6ed148bd01b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
x-amz-version-id: 0Bov2cDBjm9IpDwNueJ6GL2W2XLKr5Df
cf-cache-status: MISS
x-amz-request-id: X5619E2AWP4V8BDJ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 229750
x-amz-id-2: oRInwxUKRG1KHdkXPzyMHWXmA1+cu8wbI5x5Z7UtDUOwJ1OAxD/JyeII+Xjdks9cd0idYrIsUYM=
last-modified: Mon, 29 Aug 2022 14:08:12 GMT
server: cloudflare
etag: "c5ee4aa399df711a4179bf8d1d45dc4b"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c9c4b6009cb363d-FRA
expires: Sat, 18 May 2024 12:20:31 GMT

GET
H2 200 5_stars_logo.svg
lplandmedia.supreme.tools/privateland/trustpilot/ 816 B
529 B 41ms
40ms Image
image/svg+xml 2606:4700::6812:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lplandmedia.supreme.tools/privateland/trustpilot/5_stars_logo.svg
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 701914ca1420ee606163469259dda514df62ad5d849a8a95a805320f70bbbfab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
x-amz-version-id: FfXwNHD4PWEmLaJ2qkEwzGVnVphBD2n8
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: HHHM9ZA5DXNKA3GJ
age: 1311
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: WXIQqOdlGup7C0CWwijwH1vMFN/xRp+vBFXB5ENMbgvCnud57A49EHNwLeNtvrOHjpEjXWYqgQk=
last-modified: Tue, 01 Jun 2021 11:24:05 GMT
server: cloudflare
etag: W/"db09ee68dfbeac4ddb613d40607d049d"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7c9c4b6019e8363d-FRA
expires: Sat, 18 May 2024 12:20:31 GMT

GET
H2 200 trustpilot_logo.svg
lplandmedia.supreme.tools/privateland/trustpilot/ 4 KB
2 KB 42ms
41ms Image
image/svg+xml 2606:4700::6812:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lplandmedia.supreme.tools/privateland/trustpilot/trustpilot_logo.svg
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d481ab28534bc2f72a31f951bf67e9cef033d8c8f7c7b06cc26950eef73a9644

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
x-amz-version-id: fN2jzQxkoOwrDUhufM1X9EOU1D0RxrY0
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: VFSE4XE66R8R0BFS
age: 9265730
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: dl+HNGFA54XSh07hiojKUOYo2xJe8v/bK8LS+66rPplfje/rwcOY4k3ClSpARvxu9AhlrjEGcvQ=
last-modified: Wed, 28 Apr 2021 06:49:18 GMT
server: cloudflare
etag: W/"3984e87702d28336c164aa50189a2707"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31622400
cf-ray: 7c9c4b6019e9363d-FRA
expires: Sun, 19 May 2024 12:20:31 GMT

GET
H2 200 trustpilot_logo_white.svg
lplandmedia.supreme.tools/privateland/trustpilot/ 4 KB
2 KB 43ms
42ms Image
image/svg+xml 2606:4700::6812:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lplandmedia.supreme.tools/privateland/trustpilot/trustpilot_logo_white.svg
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fdef46dc1bc1603e4569a5095199090523e7235f42abb44b55316576684cf8e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
x-amz-version-id: rNBCipO8g6ZYXIuc2OtET0MCaoQdl3.Y
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: HHHTEQ5G69WB78FN
age: 1311
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: pvy1mOKd6A2o6o9C61qmbTSY1Flevj+BRjKYvr70mo2caqCz19m8AJf1Gv5QcYkQM3nuIVOVXRY=
last-modified: Wed, 19 Oct 2022 20:35:47 GMT
server: cloudflare
etag: W/"b2290662004141e935e8f742a036a7cf"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7c9c4b6019eb363d-FRA
expires: Sat, 18 May 2024 12:20:31 GMT

GET
H2 200 profile.svg
lplandmedia.supreme.tools/privateland/trustpilot/ 830 B
613 B 42ms
41ms Image
image/svg+xml 2606:4700::6812:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lplandmedia.supreme.tools/privateland/trustpilot/profile.svg
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf8ae6e584e047445f5c419d09c59d3fbcc59ae70385860daacc5fd711717773

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
x-amz-version-id: VZVnvHMrrAIlb.W27EUXkAAH7edGvmgn
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: VFS7X05B8MK3Z37J
age: 1311
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: XyXZLiUspK1QdwUQEx7KMJ+sk95kGPuLaR3/pghgeuA1Xv2XERNLpOT+pfCMW34Wt4EsT7v2XAM=
last-modified: Tue, 01 Jun 2021 11:25:19 GMT
server: cloudflare
etag: W/"01a9a0b73bda906c016beb112ab30159"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7c9c4b6019ec363d-FRA
expires: Sat, 18 May 2024 12:20:31 GMT

GET
H2 200 Trustpilot_ratings_5star-RGB.svg
lplandmedia.supreme.tools/privateland/trustpilot/ 2 KB
737 B 144ms
143ms Image
image/svg+xml 2606:4700::6812:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lplandmedia.supreme.tools/privateland/trustpilot/Trustpilot_ratings_5star-RGB.svg
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7bc7f3672ae13ab9977002d798baf4bfb2f918953d1d66ea99124a2c764a55c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
x-amz-version-id: 2oTaPAxGrlo1Fgj3kirjLA88vnkx3v3S
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 26 Oct 2022 12:58:14 GMT
server: cloudflare
x-amz-request-id: X563JW6JAY3KD6RZ
etag: W/"2e6e188ab3fdd309e98915e634deb0cb"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7c9c4b6019ed363d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: BKuqKg9N5b6CeQy6M1maZRxmy4A7/88XxrbjDFsbcnHl4MdUxlOIPgwjciUrbwd1T3lUjtSPCy8=
expires: Sat, 18 May 2024 12:20:31 GMT

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ 88 KB
30 KB 86ms
24ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer
Origin: https://www.privateinternetaccess.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
content-encoding: gzip
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
server: nginx
etag: W/"63090485-15e40"
vary: Accept-Encoding
x-hw: 1684498831.dop202.fr8.t,1684498831.cds167.fr8.hn,1684498831.cds258.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30957

GET
H2 200 ouibounce.min.js Show response
cdnjs.cloudflare.com/ajax/libs/ouibounce/0.0.12/ 2 KB
1 KB 82ms
30ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ouibounce/0.0.12/ouibounce.min.js

Requested by

Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b74c3b8c5f786bcc4aa29f55ca0b178a0e2b5fcc6da3057a121bececc1b572ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 726895
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 665
last-modified: Mon, 04 May 2020 16:13:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f3f-658"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jxycbwISsrbOVXNixgsfKa5s%2B04Bctswayt4CD%2BYQVAlm2gXazkjEZNiQe0kudtj8A1b0OyrBR24nwlk2q7l9UPXZKBBEDDmSLG6xHKwQQfzNBqDOnlfp0l6Z8y3DI5VSZHCa1WGy2fdD9JMqORcT7%2Fg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c9c4b5fdacd18e0-FRA
expires: Wed, 08 May 2024 12:20:31 GMT

GET
H2 200 countdown.js Show response
assets.cyberghostvpn.com/js/front/blocks/ 5 KB
2 KB 114ms
47ms Script
application/javascript 2606:4700:10::6814:10e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.cyberghostvpn.com/js/front/blocks/countdown.js
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:10e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16f8dd6a39fbabc9e4d3ce898c7a23eae961924e23a30a758545a96b8a9bac9a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
x-amz-version-id: uUo0JknV9oehYXmWzrQwfHae.wcMnv.Q
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 46A5ET67XBKAQCRB
age: 3475
cf-polished: origSize=7568
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: pvIIIBsLuLw76l7kPlJM/GPiYn37SV/RNGdd/iEHC7BThoY94Pnc7D8GNIclkd70IxwGHoNW1Tk=
cf-bgj: minify
last-modified: Thu, 15 Dec 2022 10:49:03 GMT
server: cloudflare
etag: W/"a5646c07d0370d39f18d06fe094bb03a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7c9c4b600b5a2beb-FRA
expires: Sat, 18 May 2024 12:20:31 GMT

GET
H2 200 icon-lock.svg
assets-cms.privateinternetaccess.com/photos/shares/campaigns/valentine2023/exit-intent/ 1 KB
901 B 46ms
36ms Image
image/svg+xml 104.18.14.49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets-cms.privateinternetaccess.com/photos/shares/campaigns/valentine2023/exit-intent/icon-lock.svg

Requested by

Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.14.49 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b8e93f69ae6fca1b4c604b45881695f92187f378579859fdf86f4cf694ef483

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
x-amz-version-id: 5nqzMEuJy38fTFTAMGOvH22pXbHeudIP
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
x-amz-request-id: 3P8C0BX2C30EHAHN
age: 15353
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: +gD7z5y6fGp5ru3xSWGuLpxpqeHeJrsxbNjUOw4/d62phOkLSXGHSEwjH5qWQKnIKEAdhiVvx/c=
last-modified: Fri, 03 Feb 2023 09:11:55 GMT
server: cloudflare
etag: W/"23edaad4a7ac6602177f77cfe279ed63"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7c9c4b60193a995c-FRA
expires: Sat, 18 May 2024 12:20:31 GMT

GET
H2 200 icon-shield.svg
assets-cms.privateinternetaccess.com/photos/shares/campaigns/valentine2023/exit-intent/ 503 B
507 B 36ms
34ms Image
image/svg+xml 104.18.14.49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets-cms.privateinternetaccess.com/photos/shares/campaigns/valentine2023/exit-intent/icon-shield.svg

Requested by

Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.14.49 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f40ce9fae50dd8d862a4d2869f82ec6e4bd45c620641bf74b616cb85a851a57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
x-amz-version-id: g9XmRHY61xc2er8QyYLYKHfNXBzZnLfh
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
x-amz-request-id: 3P86M1BQHD1MR3MG
age: 15353
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 49E/N4s0IoJWrGX/IZ77zeD2+ZycwrV4glondLV1pTYQdTMbqtAmnYOTplcAUBiEBeCQz1QXi9k=
last-modified: Fri, 03 Feb 2023 09:11:55 GMT
server: cloudflare
etag: W/"2e8d5715f2eb29290156b1178226ec1b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7c9c4b603950995c-FRA
expires: Sat, 18 May 2024 12:20:31 GMT

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 129ms
72ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer
Origin: https://www.privateinternetaccess.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7c9c4b608cc43733-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 117 KB
46 KB 37ms
35ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-26585402-1&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-KBFSF9H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a6bb752c240a613d9040dc6f666bb25cb1f07189377c4f7aa2bedeb8bdadc28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46572
x-xss-protection: 0
last-modified: Fri, 19 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 May 2023 12:20:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 76ms
21ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26585402-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 May 2023 10:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6292
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 19 May 2023 12:35:39 GMT

GET
H2 206 bg_dark.mp4
lplandmedia.supreme.tools/privateland/landing-pages/save-lift/ 28 KB
29 KB 139ms
137ms Media
video/mp4 2606:4700::6812:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lplandmedia.supreme.tools/privateland/landing-pages/save-lift/bg_dark.mp4
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7443e506e31394eba6955b914407fe5e38728126176d4d7fee01a3df89cd29de

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
x-amz-version-id: CKwiYmRvHaHa2F29r75pCOh7.omJnAK8
cf-cache-status: MISS
x-amz-request-id: X56A1MC2DJHTK8RK
Content-Range: bytes 0-29083/29084
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 29084
x-amz-id-2: BOIbSFMW6B4DevH71bO+XVfCKA+kDa1c4NCzcEu7wfO9jyqSaTdhYX6LIdRl37EsKArUyUmqzjY=
last-modified: Tue, 18 Oct 2022 14:02:24 GMT
server: cloudflare
etag: "9bf7150a17f064f8405a530a08fa0f2a"
vary: Accept-Encoding
content-type: video/mp4
cache-control: public, max-age=31536000
cf-ray: 7c9c4b603a0b363d-FRA
expires: Sat, 18 May 2024 12:20:31 GMT

GET
H2 206 hero_dark.mp4
lplandmedia.supreme.tools/privateland/landing-pages/save-lift/ 394 KB
395 KB 201ms
200ms Media
video/mp4 2606:4700::6812:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lplandmedia.supreme.tools/privateland/landing-pages/save-lift/hero_dark.mp4
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f67aac087af7bada07c2b2e7febc7d264c4c55931e6772a70328e93ff0880e07

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
x-amz-version-id: sVIDSIEyF_nmmZBw6DeG3Ykj7E7kB2f4
cf-cache-status: MISS
x-amz-request-id: X56C8HPSWTY88EBK
Content-Range: bytes 0-403684/403685
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 403685
x-amz-id-2: 1D3HjfAU4fyOGiInYbS2LX7RXd6aimiGu+E2WNSATjbv5xDKARTpibKbnPzsTVGiU2snttPX460=
last-modified: Tue, 18 Oct 2022 14:02:21 GMT
server: cloudflare
etag: "968f31e9472e09d22ea188259908e81d"
vary: Accept-Encoding
content-type: video/mp4
cache-control: public, max-age=31536000
cf-ray: 7c9c4b603a0c363d-FRA
expires: Sat, 18 May 2024 12:20:31 GMT

GET
H/1.1 200
OK BalooTamma2-Regular.woff2
s3-eu-west-1.amazonaws.com/lplandmedia.supreme.tools/privateland/fonts/BalooTamma2/ 126 KB
126 KB 166ms
66ms Font
binary/octet-stream 52.218.28.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-eu-west-1.amazonaws.com/lplandmedia.supreme.tools/privateland/fonts/BalooTamma2/BalooTamma2-Regular.woff2
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.28.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7e5c036f7618b33fdf3515463d35c4767a03c31e31f2fb8c6db40bb753248359

Request headers

Referer: https://www.privateinternetaccess.com/
Origin: https://www.privateinternetaccess.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 12:20:32 GMT
x-amz-version-id: u7a0kwwuAa7DJts20XHe9U5AEalQ8cFw
Last-Modified: Mon, 14 Jun 2021 08:25:55 GMT
Server: AmazonS3
x-amz-request-id: X5658G04E9TS3P5M
ETag: "8ec3bec1d70191aac78a13b1c99b51a5"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 128516
x-amz-id-2: JNGh966K1XPc/i4wYQaiOk59UsEl9d9suOAoMSIKbAkFgZ/bgSrg2/8tyIMhEwwENpvsY9rlXOw=

GET
H/1.1 200
OK BalooTamma2-Medium.woff2
s3-eu-west-1.amazonaws.com/lplandmedia.supreme.tools/privateland/fonts/BalooTamma2/ 131 KB
132 KB 167ms
67ms Font
binary/octet-stream 52.218.28.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-eu-west-1.amazonaws.com/lplandmedia.supreme.tools/privateland/fonts/BalooTamma2/BalooTamma2-Medium.woff2
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.28.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9c65ae055ca38279199860272550858f891db0fa22c3e47b42878e94f524dfa3

Request headers

Referer: https://www.privateinternetaccess.com/
Origin: https://www.privateinternetaccess.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 12:20:32 GMT
x-amz-version-id: aKtgbYi6PhPx3jSreX1In1KFvpbvMf2s
Last-Modified: Mon, 14 Jun 2021 08:25:57 GMT
Server: AmazonS3
x-amz-request-id: X564B92F83HSXZY3
ETag: "14e49685f2059cfba218f09a08472251"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 134600
x-amz-id-2: /Bo0d7vkcKmI+ftanF4na1r8WTp/AK5IEmChjUItpkFLzFtNMAQ4GskPM2qbhAa+enBemsvo8NY=

GET
H/1.1 200
OK BalooTamma2-SemiBold.woff2
s3-eu-west-1.amazonaws.com/lplandmedia.supreme.tools/privateland/fonts/BalooTamma2/ 137 KB
137 KB 176ms
74ms Font
binary/octet-stream 52.218.28.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-eu-west-1.amazonaws.com/lplandmedia.supreme.tools/privateland/fonts/BalooTamma2/BalooTamma2-SemiBold.woff2
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.28.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0042b39f17016ced3c706b3239483b7b2350efc5c8b9aaf93422ff1f3f40cd0a

Request headers

Referer: https://www.privateinternetaccess.com/
Origin: https://www.privateinternetaccess.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 12:20:32 GMT
x-amz-version-id: HcW_KesI.IVg1VrSPy9K6wf3yD4_e7Ss
Last-Modified: Mon, 14 Jun 2021 08:26:22 GMT
Server: AmazonS3
x-amz-request-id: X56AWQ9Q78YBCXVP
ETag: "3998fe0bd286c51cb4028bd96cb4af81"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 140232
x-amz-id-2: JHfdNBp5jxnzAFi5x91+YFHiGBK94yQaiotxRvZopAjvME4yOHNwz1ib5cLyI8xK+Su63APA1Zc=

GET
H2 200 no-logs.webp
lplandmedia.supreme.tools/privateland/body/hp-body/why/ 10 KB
10 KB 101ms
100ms Image
image/webp 2606:4700::6812:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lplandmedia.supreme.tools/privateland/body/hp-body/why/no-logs.webp?
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d979376c173dff20f6cd75860136168fce814e2389b399a78016c9edb15729a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
x-amz-version-id: 7tZx6tapnG5GazmOBUU19JCbyuZe8EY7
cf-cache-status: REVALIDATED
x-amz-request-id: R3AQGQ6BMAWHWZ0Z
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9744
x-amz-id-2: SIlr+lg5ZtrWwRpocDin9e5tjs2slbAk7Jt4ELkfHBr0UhibBAWr4sep752f8vrSxzfbp+wHxs8=
last-modified: Mon, 31 May 2021 15:53:12 GMT
server: cloudflare
etag: "2dd4feffa09f6061abf38823a3532381"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c9c4b604a3d363d-FRA
expires: Sat, 18 May 2024 12:20:31 GMT

GET
H2 200 open.webp
lplandmedia.supreme.tools/privateland/landing-pages/os-pages/ 13 KB
13 KB 151ms
151ms Image
image/webp 2606:4700::6812:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lplandmedia.supreme.tools/privateland/landing-pages/os-pages/open.webp?
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8751b3fb82bc39db8ca7b337030c34a3481f10bca705ff4fef6bb265acb929d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
x-amz-version-id: fYn1xEgycatwwy3PjLb4YQmc.thmTDJ1
cf-cache-status: MISS
x-amz-request-id: X56CR12B48NMAGA3
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13464
x-amz-id-2: 0dQRr/Lc6nkxasFRFFQEWEbTEM24rteiy1ZVhKTbXPdwJ5qUMnasmxZ5JS/dE8+uA379IeswLGo=
last-modified: Sun, 11 Jul 2021 13:04:23 GMT
server: cloudflare
etag: "afdb2a11768c1a2f5c6426753732e7c7"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c9c4b604a3f363d-FRA
expires: Sat, 18 May 2024 12:20:31 GMT

GET
H2 200 malware.webp
lplandmedia.supreme.tools/privateland/landing-pages/os-pages/ 15 KB
15 KB 106ms
106ms Image
image/webp 2606:4700::6812:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lplandmedia.supreme.tools/privateland/landing-pages/os-pages/malware.webp?
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ed6a24a16c9fb6de4c16daa2c6e471d601ed7d700089a008d31613eda7247ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
x-amz-version-id: DrXnE_HZLvQb9qDsfv0z2r9ACd6Cktwr
cf-cache-status: REVALIDATED
x-amz-request-id: DVQ9TBE0GSD5V5B6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15176
x-amz-id-2: 1TaQ3Jrmg0+zQEjQ4JEl4m6DOfgcZTbeuHnSgfVfvIJEpe8DloYWIxZ0+aOxSI55MT0ZZrlk3iI=
last-modified: Sun, 11 Jul 2021 13:04:23 GMT
server: cloudflare
etag: "3a7b5460d07b9f4c34f22dea26aefb5a"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c9c4b604a41363d-FRA
expires: Sat, 18 May 2024 12:20:31 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
216 B 29ms
29ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=788156844&t=pageview&_s=1&dl=https%3A%2F%2Fwww.privateinternetaccess.com%2Foffer%2Fsave-now-savelift%3Fcoupon%3D2Y2M%26brand%3Dtgwhite%26aff_id%3D13187%26source%3Dbestvpn2023feb&ul=en-us&de=UTF-8&dt=Private%20Internet%20Access%20%7C%20Anonymous%20VPN%20Service%20Provider&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=725328368&gjid=1776022999&cid=252182084.1684498831&tid=UA-26585402-1&_gid=2006921226.1684498831&_r=1&gtm=457e35h0&jsscut=1&z=1692953571

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 May 2023 12:20:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.privateinternetaccess.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 baloo-tamma-2-v2-latin-regular.woff2
assets.cyberghostvpn.com/fonts/pia/ 26 KB
27 KB 101ms
52ms Font
application/octet-stream 2606:4700:10::6814:10e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.cyberghostvpn.com/fonts/pia/baloo-tamma-2-v2-latin-regular.woff2
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:10e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fb92dda108173f231da629cb244f327692909bd3d10987c52c09b9486d73272

Request headers

Referer: https://www.privateinternetaccess.com/
Origin: https://www.privateinternetaccess.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
x-amz-version-id: dAPbM5e8lxpajkNK0ErlhAlL41RevyYI
cf-cache-status: HIT
x-amz-request-id: FW851CQZMM5GJFTT
age: 714
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26800
x-amz-id-2: fovIBbqgp3u+211IJP3ma4LAh1sCcOWYw3RpcIw1IxO5eA4PFx/zCcNf1z1+CwHAD4FcNO3hUSg=
last-modified: Thu, 16 Mar 2023 14:50:37 GMT
server: cloudflare
etag: "ed110c63f2108f645c07e850957d3052"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c9c4b60fa74903d-FRA
expires: Sat, 18 May 2024 12:20:31 GMT

GET
H3 200 baloo-tamma-2-v2-latin-500.woff2
assets.cyberghostvpn.com/fonts/pia/ 26 KB
27 KB 80ms
33ms Font
application/octet-stream 2606:4700:10::6814:10e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.cyberghostvpn.com/fonts/pia/baloo-tamma-2-v2-latin-500.woff2
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:10e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9596c49497f1d334c467fa9d6bde8f2aa3e05f72ae6aeec4db7b6c45704889da

Request headers

Referer: https://www.privateinternetaccess.com/
Origin: https://www.privateinternetaccess.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
x-amz-version-id: RZNMhqNjY92Ex9lu1INV.i8ZaUTQr14h
cf-cache-status: HIT
x-amz-request-id: FW82CR4HXEF8PNAH
age: 714
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27072
x-amz-id-2: zKNTVUKP/JK79jgxpd1qFZ/dMdD2gOIvoMLnDTjxOrmUmzUhU32OJvruDPwkF43IOZa0y1WdBb4=
last-modified: Thu, 16 Mar 2023 14:50:37 GMT
server: cloudflare
etag: "b261b5155c8cfcca32f1cbc270a5dace"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c9c4b60fa71903d-FRA
expires: Sat, 18 May 2024 12:20:31 GMT

GET
H3 200 baloo-tamma-2-v2-latin-700.woff2
assets.cyberghostvpn.com/fonts/pia/ 28 KB
28 KB 207ms
165ms Font
application/octet-stream 2606:4700:10::6814:10e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.cyberghostvpn.com/fonts/pia/baloo-tamma-2-v2-latin-700.woff2
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:10e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: debe22a485fd3614c19c135a3ac212872d3ab7da766007c9dbb0d04d750e1a24

Request headers

Referer: https://www.privateinternetaccess.com/
Origin: https://www.privateinternetaccess.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
x-amz-version-id: m8dPfxeVN8FeZC8l5keIJ9Zj9HARipU0
cf-cache-status: REVALIDATED
x-amz-request-id: DK41ERGTZ8CQYW16
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28216
x-amz-id-2: V8ve7FY7ttN8wShwT7WFcHpR3aDK1iM7S3frzM+FYaLmZEGkr59y4C9vgtdgvtT4KAkK3dbfmVM=
last-modified: Thu, 27 Apr 2023 10:32:15 GMT
server: cloudflare
etag: "c88123b7b555528fffdf68187d65db4e"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c9c4b60fa72903d-FRA
expires: Sat, 18 May 2024 12:20:31 GMT

GET
H3 200 baloo-tamma-2-v2-latin-600.woff2
assets.cyberghostvpn.com/fonts/pia/ 27 KB
28 KB 118ms
77ms Font
application/octet-stream 2606:4700:10::6814:10e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.cyberghostvpn.com/fonts/pia/baloo-tamma-2-v2-latin-600.woff2
Requested by: Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:10e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 896c08e4b8cba9335b9ccce3a76a954b0ccc579004ee0067df717e7d948f9ba6

Request headers

Referer: https://www.privateinternetaccess.com/
Origin: https://www.privateinternetaccess.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
x-amz-version-id: RwKgU6YJ4mjyUMD5w2ySlOUSChahr5hb
cf-cache-status: HIT
x-amz-request-id: H8AVEVAY5KT8VYGG
age: 714
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27672
x-amz-id-2: Y6PlTFiZqcnLAq+8hheaDfxUnbt57SFIn+tc0vBicgmvka7dcT+lfK8trTEy/B/l061259aJRJteo1GFZU5iJw==
last-modified: Thu, 20 Apr 2023 11:47:32 GMT
server: cloudflare
etag: "253788680d352b84ea419c57a658379f"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c9c4b60fa6f903d-FRA
expires: Sat, 18 May 2024 12:20:31 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
358 B 92ms
28ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-26585402-1&cid=252182084.1684498831&jid=725328368&gjid=1776022999&_gid=2006921226.1684498831&_u=YEBAAUAAAAAAACAAI~&z=1755308372

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 19 May 2023 12:20:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.privateinternetaccess.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

invisible.js Show response
www.privateinternetaccess.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/ Frame 557A
Redirect Chain

https://www.privateinternetaccess.com/cdn-cgi/challenge-platform/scripts/invisible.js
https://www.privateinternetaccess.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js

26 KB
12 KB

33ms
32ms

Script
application/javascript

104.18.14.49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.privateinternetaccess.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js

Requested by

Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb

Protocol

Server

104.18.14.49 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df5c545f62cc90578b7b896d8386c3ae1475f5a37b6f71680639bc5097b84f8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7c9c4b613c8d361d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Fri, 19 May 2023 12:20:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7c9c4b610c4b361d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 115ms
58ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-26585402-1&cid=252182084.1684498831&jid=725328368&_u=YEBAAUAAAAAAACAAI~&z=780195423

Requested by

Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 12:20:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 115ms
58ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-26585402-1&cid=252182084.1684498831&jid=725328368&_u=YEBAAUAAAAAAACAAI~&z=780195423

Requested by

Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 12:20:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pica.js
www.privateinternetaccess.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 557A 6 KB
3 KB 28ms
28ms Other
application/javascript 104.18.14.49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.privateinternetaccess.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Requested by

Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.14.49 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a15b45378940f905f6778764390b2055675218a86b770aafd8b39c7f9f0e83d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7c9c4b61fd67361d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 204 rum Show response
www.privateinternetaccess.com/cdn-cgi/ 0
150 B 27ms
27ms XHR
text/plain 104.18.14.49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.privateinternetaccess.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.14.49 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

date: Fri, 19 May 2023 12:20:31 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.privateinternetaccess.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7c9c4b626dea361d-FRA

POST
H3 200 7c9c4b584fda995c Show response
www.privateinternetaccess.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 557A 2 B
387 B 48ms
47ms XHR
text/plain 104.18.14.49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.privateinternetaccess.com/cdn-cgi/challenge-platform/h/g/cv/result/7c9c4b584fda995c

Requested by

Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/cdn-cgi/challenge-platform/scripts/invisible.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.14.49 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 May 2023 12:20:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
server: cloudflare
cf-ray: 7c9c4b63f814361d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 devices-umbrella.webp
lplandmedia.supreme.tools/privateland/landing-pages/best-vpn/ 15 KB
15 KB 141ms
141ms Image
image/webp 2606:4700::6812:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lplandmedia.supreme.tools/privateland/landing-pages/best-vpn/devices-umbrella.webp?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6732ff35ea794f5cf09bbe8fc9941ef9eeea3b477847a6fa87f3b7148515459a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:32 GMT
x-amz-version-id: lS08HaxR3BN9u9UtTHiH4Bvts0PWrm4P
cf-cache-status: REVALIDATED
x-amz-request-id: 65KP1N142QS5FC0P
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15132
x-amz-id-2: WpLSzJ6rM/l7DPUXYd+6+KcRn6IFrWA9nnJ7R1MdIKnXeBilUZ2TMmXp7rxL1sPKO5KFL/OpROE=
last-modified: Tue, 31 Aug 2021 14:30:57 GMT
server: cloudflare
etag: "0386658cac9f5ec7f6b4247c663081ab"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c9c4b640bca193c-FRA
expires: Sat, 18 May 2024 12:20:32 GMT

GET
H3 200 swiper.css
www.privateinternetaccess.com/offer/assets/styles/core/ 13 KB
4 KB 43ms
42ms Stylesheet
text/css 104.18.14.49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.privateinternetaccess.com/offer/assets/styles/core/swiper.css

Requested by

Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.14.49 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PIA

Resource Hash

fcfe496a5b7c920adac406084ed42f863908ed0db3fa0d6d219850a8ce14f54f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 3192455
cf-polished: origSize=13872
x-powered-by: PIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 11:34:58 GMT
server: cloudflare
etag: W/"3630-1877018fad0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
cf-ray: 7c9c4b725bee361d-FRA
access-control-allow-headers: Content-Type, X-Requested-With

GET
H3 200 swiper.js Show response
www.privateinternetaccess.com/offer/assets/scripts/core/carousel/ 141 KB
38 KB 44ms
44ms Script
application/javascript 104.18.14.49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.privateinternetaccess.com/offer/assets/scripts/core/carousel/swiper.js

Requested by

Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.14.49 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PIA

Resource Hash

e615c14354c18360a357120fee850734f18383fe49b6e303264e24cde3d7db93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 3192453
cf-polished: origSize=144275
x-powered-by: PIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 11:34:58 GMT
server: cloudflare
etag: W/"23393-1877018fad0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
cf-ray: 7c9c4b725bf0361d-FRA
access-control-allow-headers: Content-Type, X-Requested-With

GET
H3 200 carousel-hp.js Show response
www.privateinternetaccess.com/offer/assets/scripts/core/carousel/ 378 B
537 B 42ms
42ms Script
application/javascript 104.18.14.49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.privateinternetaccess.com/offer/assets/scripts/core/carousel/carousel-hp.js?v2

Requested by

Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/save-now-savelift?coupon=2Y2M&brand=tgwhite&aff_id=13187&source=bestvpn2023feb

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.14.49 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PIA

Resource Hash

2d4922e970fe8a57922c7a0fa0f199f17336ff5d4a901814c2aa2fda47ae1e4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:20:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 2007954
cf-polished: origSize=683
x-powered-by: PIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 12 Apr 2023 08:51:13 GMT
server: cloudflare
etag: W/"2ab-18774a96be8"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
cf-ray: 7c9c4b72dc88361d-FRA
access-control-allow-headers: Content-Type, X-Requested-With

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.atk.media/	1970-01-20 14:04:34	Name: _rdt_uuid Value: 1684498829518.712ca60a-961f-4381-a487-947c7a6e0a71
.privateinternetaccess.com/	1970-01-20 20:42:01	Name: locale Value: en
.privateinternetaccess.com/	1970-01-20 12:38:10	Name: session Value: 1
.privateinternetaccess.com/	1970-01-20 12:38:10	Name: di Value: FAED4DD3-98BB-37C7-1BA9-53B259ED4D5E
.privateinternetaccess.com/	1970-01-20 12:38:10	Name: media_source Value: ia
.privateinternetaccess.com/	1970-01-20 12:38:10	Name: initial_media_source Value: ia
.privateinternetaccess.com/	1970-01-20 12:38:10	Name: affiliate Value: 13187
.privateinternetaccess.com/	1970-01-20 12:38:10	Name: coupon Value: 2Y2M
.privateinternetaccess.com/	1970-01-20 12:38:10	Name: offer_id Value: 2047
.privateinternetaccess.com/	1970-01-20 12:38:10	Name: lp Value: offer_save-now-savelift
.privateinternetaccess.com/	1970-01-20 12:38:10	Name: assisting_media Value: ia
.privateinternetaccess.com/	1970-01-20 12:38:10	Name: brand Value: TGwhite
.privateinternetaccess.com/	1970-01-20 21:30:58	Name: _ga Value: GA1.2.252182084.1684498831
.privateinternetaccess.com/	1970-01-20 11:56:25	Name: _gid Value: GA1.2.2006921226.1684498831
.privateinternetaccess.com/	1970-01-20 11:54:58	Name: _gat_gtag_UA_26585402_1 Value: 1
.privateinternetaccess.com/	1970-01-20 12:38:10	Name: pia_pp Value: offer_save-now-savelift
.privateinternetaccess.com/	1970-01-20 12:38:10	Name: scroll_depth_prev_page Value: 0
.privateinternetaccess.com/	1970-01-20 11:55:00	Name: __cf_bm Value: XD5NAlS4Xv2RLEePBcMzuYC1FRW8DkPWxtaCdffjVVk-1684498832-0-Adox0FuoEdyev3ECS3JP4B25hFpMqwZcqpTahCjAvv3HdxMnRI1qHSuDpra4+41ren0gejlpiCLhLN347SBPb7t0XBECh7G7K0ZFLtgBjpdM

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
assets-cms.privateinternetaccess.com
assets.cyberghostvpn.com
cdnjs.cloudflare.com
code.jquery.com
go.atk.media
lplandmedia.supreme.tools
nitool.s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
static.cloudflareinsights.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.privateinternetaccess.com
www.redditstatic.com
104.18.14.49
2001:4de0:ac18::1:a:3b
2606:4700:10::6814:10e
2606:4700::6810:3965
2606:4700::6811:180e
2606:4700::6812:a0b
2a00:1450:4001:800::200e
2a00:1450:4001:801::2004
2a00:1450:4001:809::200e
2a00:1450:4001:813::2003
2a00:1450:4001:813::2008
2a00:1450:400c:c07::9a
2a04:4e42:400::396
2a05:d014:275:cb01::c8
3.5.69.127
52.218.28.67
0042b39f17016ced3c706b3239483b7b2350efc5c8b9aaf93422ff1f3f40cd0a
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
16f8dd6a39fbabc9e4d3ce898c7a23eae961924e23a30a758545a96b8a9bac9a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2d4922e970fe8a57922c7a0fa0f199f17336ff5d4a901814c2aa2fda47ae1e4b
358fe265580661382266638d2e3eed6f32b83742bcbc109e7502ea165eb09a76
3ed6a24a16c9fb6de4c16daa2c6e471d601ed7d700089a008d31613eda7247ee
43d02e62bd986a56445e7008b4694f8519d8406380424a5f2af4e53b41c803dc
4f23c671e5a88e26fc666a274e43def2b2dca1acb2160f3a6321d43ca62a3049
5485da762d2da5f778ed1b68e24ac82a2cbf189a4697f51e175d03ccb2b31412
5f40ce9fae50dd8d862a4d2869f82ec6e4bd45c620641bf74b616cb85a851a57
6732ff35ea794f5cf09bbe8fc9941ef9eeea3b477847a6fa87f3b7148515459a
6a15b45378940f905f6778764390b2055675218a86b770aafd8b39c7f9f0e83d
6b8e93f69ae6fca1b4c604b45881695f92187f378579859fdf86f4cf694ef483
701914ca1420ee606163469259dda514df62ad5d849a8a95a805320f70bbbfab
73103b3afa34370fc2acf66db6c35771c75a34b33bc6effc3338543c7502fbb6
7443e506e31394eba6955b914407fe5e38728126176d4d7fee01a3df89cd29de
7e5c036f7618b33fdf3515463d35c4767a03c31e31f2fb8c6db40bb753248359
7fdef46dc1bc1603e4569a5095199090523e7235f42abb44b55316576684cf8e
8363aa35fa4e039e1a1cc71217d5136f4153bba974d1fca4bd2d742d990347d8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8751b3fb82bc39db8ca7b337030c34a3481f10bca705ff4fef6bb265acb929d1
896c08e4b8cba9335b9ccce3a76a954b0ccc579004ee0067df717e7d948f9ba6
8f27c2a51f4f713efda3881de03697fdce7a5022874d94d5256e106e0322d598
8fb92dda108173f231da629cb244f327692909bd3d10987c52c09b9486d73272
912d6e520934cc64fdde1390d555018a704b82406edde9de73c9b54a5fb297c9
9596c49497f1d334c467fa9d6bde8f2aa3e05f72ae6aeec4db7b6c45704889da
9c65ae055ca38279199860272550858f891db0fa22c3e47b42878e94f524dfa3
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a6bb752c240a613d9040dc6f666bb25cb1f07189377c4f7aa2bedeb8bdadc28f
b74c3b8c5f786bcc4aa29f55ca0b178a0e2b5fcc6da3057a121bececc1b572ea
c5d1d1de59ac56e609ab717d98693f212a8674b6f462b9434203a6ed148bd01b
c7bc7f3672ae13ab9977002d798baf4bfb2f918953d1d66ea99124a2c764a55c
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a
cf8ae6e584e047445f5c419d09c59d3fbcc59ae70385860daacc5fd711717773
d481ab28534bc2f72a31f951bf67e9cef033d8c8f7c7b06cc26950eef73a9644
d979376c173dff20f6cd75860136168fce814e2389b399a78016c9edb15729a7
da374f21f8c504261635d7fd4757cf184188383112e720415b5f3a8630fd4f9f
db64cb47101c97a4fb5a7a45baf272b2dee2ad66ba8537603a37ca40e1d05b2b
dcc44027b209d2e15599772814ab95366dfc804a388c07f5df68046593a5e608
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
debe22a485fd3614c19c135a3ac212872d3ab7da766007c9dbb0d04d750e1a24
df5c545f62cc90578b7b896d8386c3ae1475f5a37b6f71680639bc5097b84f8f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e615c14354c18360a357120fee850734f18383fe49b6e303264e24cde3d7db93
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f67aac087af7bada07c2b2e7febc7d264c4c55931e6772a70328e93ff0880e07
f79c5bc43e775b680d0497537192c2602ead813f31525bd2766558763d370766
f9592ac2e43fe2ad62bb08a9138da8bd85a50356a32378d54199bcf2b9d3231c
fcfe496a5b7c920adac406084ed42f863908ed0db3fa0d6d219850a8ce14f54f

www.privateinternetaccess.com Open in urlscan Pro 104.18.14.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

98 %HTTPS

81 %IPv6

16 Domains

18 Subdomains

16 IPs

6 Countries

1840 kBTransfer

2957 kBSize

18 Cookies

17 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.privateinternetaccess.com Open in urlscan Pro
104.18.14.49 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

98 %
HTTPS

81 %
IPv6

16
Domains

18
Subdomains

16
IPs

6
Countries

1840 kB
Transfer

2957 kB
Size

18
Cookies

54 HTTP transactions
0 data transactions