Submitted URL: http://www.disincorzu.com/2cs51mj9c/bncx479/?sub1=gfhgfhgfhghhjjhhjhjfhfgh_1f36678440fbd6f4&sub2=yp1f3%7Claecoaeypz5yqn==%...
Effective URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition...
Submission: On June 26 via api from US — Scanned from DE

Summary

This website contacted 24 IPs in 5 countries across 19 domains to perform 86 HTTP transactions. The main IP is 104.18.36.183, located in and belongs to CLOUDFLARENET, US. The main domain is www.privateinternetaccess.com. The Cisco Umbrella rank of the primary domain is 52935.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 5th 2024. Valid for: a year.
This is the only time www.privateinternetaccess.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 34.107.201.120 396982 (GOOGLE-CL...)
2 2 34.96.118.183 396982 (GOOGLE-CL...)
4 4 52.210.2.133 16509 (AMAZON-02)
5 19 104.18.36.183 13335 (CLOUDFLAR...)
3 52.218.91.83 16509 (AMAZON-02)
8 104.18.70.113 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
22 172.64.154.65 13335 (CLOUDFLAR...)
1 2a04:4e42:400... 54113 (FASTLY)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.18.72.113 13335 (CLOUDFLAR...)
7 52.92.20.224 16509 (AMAZON-02)
3 45.55.107.35 14061 (DIGITALOC...)
3 104.20.0.14 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.67 15169 (GOOGLE)
2 2600:1901:0:c... 396982 (GOOGLE-CL...)
3 104.16.53.111 13335 (CLOUDFLAR...)
4 35.241.3.184 396982 (GOOGLE-CL...)
1 2600:1901:0:5... 396982 (GOOGLE-CL...)
2 2600:1901:0:2... 15169 (GOOGLE)
2 2600:1901:0:7... 396982 (GOOGLE-CL...)
86 24
Apex Domain
Subdomains
Transfer
22 supreme.tools
lplandmedia.supreme.tools
4 MB
19 privateinternetaccess.com
www.privateinternetaccess.com — Cisco Umbrella Rank: 52935
assets-cms.privateinternetaccess.com — Cisco Umbrella Rank: 850082
291 KB
11 usercentrics.eu
api.usercentrics.eu — Cisco Umbrella Rank: 6958
app.usercentrics.eu — Cisco Umbrella Rank: 9433
aggregator.service.usercentrics.eu — Cisco Umbrella Rank: 7282
graphql.usercentrics.eu — Cisco Umbrella Rank: 16311
19 KB
10 amazonaws.com
s3.eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
1 MB
9 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2404
ekr.zdassets.com — Cisco Umbrella Rank: 2905
225 KB
4 cyberghostvpn.com
assets.cyberghostvpn.com
83 KB
4 go2cloud.org
chameleonads.go2cloud.org
5 KB
3 zendesk.com
piavpnsupport.zendesk.com
1 KB
3 kapetracking.com
kapetracking.com — Cisco Umbrella Rank: 908206
930 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
181 KB
2 thrusteriu.com
www.thrusteriu.com
1 KB
2 disincorzu.com
www.disincorzu.com
1 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 8088
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
255 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3125
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1073
7 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 816
31 KB
86 19
Domain Requested by
22 lplandmedia.supreme.tools www.privateinternetaccess.com
16 www.privateinternetaccess.com 5 redirects www.privateinternetaccess.com
static.cloudflareinsights.com
8 static.zdassets.com www.privateinternetaccess.com
static.zdassets.com
7 s3-eu-west-1.amazonaws.com www.privateinternetaccess.com
6 api.usercentrics.eu s3.eu-west-1.amazonaws.com
4 assets.cyberghostvpn.com www.privateinternetaccess.com
4 chameleonads.go2cloud.org 4 redirects
3 piavpnsupport.zendesk.com static.zdassets.com
3 kapetracking.com lplandmedia.supreme.tools
3 assets-cms.privateinternetaccess.com www.privateinternetaccess.com
3 s3.eu-west-1.amazonaws.com www.privateinternetaccess.com
s3.eu-west-1.amazonaws.com
2 graphql.usercentrics.eu s3.eu-west-1.amazonaws.com
2 aggregator.service.usercentrics.eu s3.eu-west-1.amazonaws.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com www.privateinternetaccess.com
www.googletagmanager.com
2 www.thrusteriu.com 2 redirects
2 www.disincorzu.com 2 redirects
1 app.usercentrics.eu
1 www.google.de www.privateinternetaccess.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 ekr.zdassets.com static.zdassets.com
1 static.cloudflareinsights.com www.privateinternetaccess.com
1 cdnjs.cloudflare.com www.privateinternetaccess.com
1 code.jquery.com www.privateinternetaccess.com
86 25

This site contains no links.

Subject Issuer Validity Valid
*.privateinternetaccess.com
Go Daddy Secure Certificate Authority - G2
2024-01-05 -
2025-02-05
a year crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon RSA 2048 M01
2024-01-31 -
2025-01-15
a year crt.sh
zdassets.com
E1
2024-05-01 -
2024-07-30
3 months crt.sh
*.google-analytics.com
WR2
2024-06-13 -
2024-09-05
3 months crt.sh
supreme.tools
E1
2024-06-01 -
2024-08-30
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
cdnjs.cloudflare.com
E1
2024-06-02 -
2024-08-31
3 months crt.sh
*.cyberghostvpn.com
Go Daddy Secure Certificate Authority - G2
2024-01-08 -
2025-01-08
a year crt.sh
cloudflareinsights.com
GTS CA 1P5
2024-05-08 -
2024-08-06
3 months crt.sh
*.kapetracking.com
R11
2024-06-08 -
2024-09-06
3 months crt.sh
*.g.doubleclick.net
WR2
2024-06-03 -
2024-08-26
3 months crt.sh
*.google.de
WR2
2024-06-13 -
2024-09-05
3 months crt.sh
api.usercentrics.eu
WR3
2024-06-02 -
2024-08-31
3 months crt.sh
piavpnsupport.zendesk.com
Cloudflare Inc ECC CA-3
2023-08-04 -
2024-08-02
a year crt.sh
app.usercentrics.eu
GTS CA 1D4
2024-06-04 -
2024-09-02
3 months crt.sh
aggregator.service.usercentrics.eu
WR3
2024-05-14 -
2024-08-12
3 months crt.sh
graphql.usercentrics.eu
WR3
2024-05-20 -
2024-08-18
3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Frame ID: 236DD9426FCC839320007B5EA033BF8D
Requests: 70 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-67c35ac.js
Frame ID: 5455CE18B4175205EDF299CA054BFC12
Requests: 9 HTTP requests in this frame

Frame: https://www.privateinternetaccess.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
Frame ID: BF65FA07A10F5E1E67296E58A8737E28
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Private Internet Access | Anonymous VPN Service Provider

Page URL History Show full URLs

  1. http://www.disincorzu.com/2cs51mj9c/bncx479/?sub1=gfhgfhgfhghhjjhhjhjfhfgh_1f36678440fbd6f4&sub2=yp1f3... HTTP 307
    https://www.disincorzu.com/2cs51mj9c/bncx479/?sub1=gfhgfhgfhghhjjhhjhjfhfgh_1f36678440fbd6f4&sub2=yp1f3... HTTP 302
    https://www.thrusteriu.com/cmp/Q9C8LHWH/77G3B/?__rpt=0&__po=5472&__ptid=c41146c5d96745be82c1091b3a15179... HTTP 302
    https://chameleonads.go2cloud.org/aff_c?offer_id=6047&aff_id=5246&aff_click_id=2fc83d2e63044d02b26ef71ab61d34a... HTTP 302
    https://chameleonads.go2cloud.org/aff_r?offer_id=6047&aff_id=5246&url=https%3A%2F%2Fwww.privateinternetaccess.... HTTP 302
    https://www.privateinternetaccess.com/offer/gents_y3k0p0r?aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246 HTTP 302
    https://www.privateinternetaccess.com/en/offer/discount?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&af... HTTP 301
    https://www.privateinternetaccess.com/offer/discount?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_s... HTTP 307
    http://www.disincorzu.com/2cs51mj9c/bncx479/?sub1=gfhgfhgfhghhjjhhjhjfhfgh_1f36678440fbd6f4&sub2=yp1f3... HTTP 302
    https://www.thrusteriu.com/cmp/Q9C8LHWH/77G3B/?__rpt=0&__po=5472&__ptid=d82691e0412e4a7a838a2aa8409efa1... HTTP 302
    https://chameleonads.go2cloud.org/aff_c?offer_id=6047&aff_id=5246&aff_click_id=47c108b09d3440ac966ee71cbe9d9d1... HTTP 302
    https://chameleonads.go2cloud.org/aff_r?offer_id=6047&aff_id=5246&url=https%3A%2F%2Fwww.privateinternetaccess.... HTTP 302
    https://www.privateinternetaccess.com/offer/gents_y3k0p0r?aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246 HTTP 302
    https://www.privateinternetaccess.com/en/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_su... HTTP 301
    https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

86
Requests

99 %
HTTPS

42 %
IPv6

19
Domains

25
Subdomains

24
IPs

5
Countries

5749 kB
Transfer

9216 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.disincorzu.com/2cs51mj9c/bncx479/?sub1=gfhgfhgfhghhjjhhjhjfhfgh_1f36678440fbd6f4&sub2=yp1f3%7Claecoaeypz5yqn==%7Cfsiv7%7Cljn48%7C2petr5u%7C94356%7C0000rfsiv7%7Cc%7Cdzy6pts0ns9ihj==%7Cpc%7C1b9rqbo&sub3=p3yjawl3bqd0ztmvbtsvai92os9if18jzkmfkmszz20= HTTP 307
    https://www.disincorzu.com/2cs51mj9c/bncx479/?sub1=gfhgfhgfhghhjjhhjhjfhfgh_1f36678440fbd6f4&sub2=yp1f3%7Claecoaeypz5yqn==%7Cfsiv7%7Cljn48%7C2petr5u%7C94356%7C0000rfsiv7%7Cc%7Cdzy6pts0ns9ihj==%7Cpc%7C1b9rqbo&sub3=p3yjawl3bqd0ztmvbtsvai92os9if18jzkmfkmszz20= HTTP 302
    https://www.thrusteriu.com/cmp/Q9C8LHWH/77G3B/?__rpt=0&__po=5472&__ptid=c41146c5d96745be82c1091b3a151794&__rpa=0&__rc=1&sub1=gfhgfhgfhghhjjhhjhjfhfgh_1f36678440fbd6f4&sub2=yp1f3%7Claecoaeypz5yqn%3D%3D%7Cfsiv7%7Cljn48%7C2petr5u%7C94356%7C0000rfsiv7%7Cc%7Cdzy6pts0ns9ihj%3D%3D%7Cpc%7C1b9rqbo&sub3=p3yjawl3bqd0ztmvbtsvai92os9if18jzkmfkmszz20%3D&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
    https://chameleonads.go2cloud.org/aff_c?offer_id=6047&aff_id=5246&aff_click_id=2fc83d2e63044d02b26ef71ab61d34aa&source=670490&aff_sub=gfhgfhgfhghhjjhhjhjfhfgh_1f36678440fbd6f4&aff_sub2=yp1f3%7Claecoaeypz5yqn%3D%3D%7Cfsiv7%7Cljn48%7C2petr5u%7C94356%7C0000rfsiv7%7Cc%7Cdzy6pts0ns9ihj%3D%3D%7Cpc%7C1b9rqbo HTTP 302
    https://chameleonads.go2cloud.org/aff_r?offer_id=6047&aff_id=5246&url=https%3A%2F%2Fwww.privateinternetaccess.com%2Foffer%2Fgents_y3k0p0r%3Faff_click_id%3D10243016f64af26e0944522bdc6bb6%26aff_sub%3D5246&urlauth=423330715281998335119522031048 HTTP 302
    https://www.privateinternetaccess.com/offer/gents_y3k0p0r?aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246 HTTP 302
    https://www.privateinternetaccess.com/en/offer/discount?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen HTTP 301
    https://www.privateinternetaccess.com/offer/discount?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen HTTP 307
    http://www.disincorzu.com/2cs51mj9c/bncx479/?sub1=gfhgfhgfhghhjjhhjhjfhfgh_1f36678440fbd6f4&sub2=yp1f3%7Claecoaeypz5yqn==%7Cfsiv7%7Cljn48%7C2petr5u%7C94356%7C0000rfsiv7%7Cc%7Cdzy6pts0ns9ihj==%7Cpc%7C1b9rqbo&sub3=p3yjawl3bqd0ztmvbtsvai92os9if18jzkmfkmszz20= HTTP 302
    https://www.thrusteriu.com/cmp/Q9C8LHWH/77G3B/?__rpt=0&__po=5472&__ptid=d82691e0412e4a7a838a2aa8409efa12&__rpa=0&__rc=1&sub1=gfhgfhgfhghhjjhhjhjfhfgh_1f36678440fbd6f4&sub2=yp1f3%7Claecoaeypz5yqn%3D%3D%7Cfsiv7%7Cljn48%7C2petr5u%7C94356%7C0000rfsiv7%7Cc%7Cdzy6pts0ns9ihj%3D%3D%7Cpc%7C1b9rqbo&sub3=p3yjawl3bqd0ztmvbtsvai92os9if18jzkmfkmszz20%3D&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
    https://chameleonads.go2cloud.org/aff_c?offer_id=6047&aff_id=5246&aff_click_id=47c108b09d3440ac966ee71cbe9d9d17&source=670490&aff_sub=gfhgfhgfhghhjjhhjhjfhfgh_1f36678440fbd6f4&aff_sub2=yp1f3%7Claecoaeypz5yqn%3D%3D%7Cfsiv7%7Cljn48%7C2petr5u%7C94356%7C0000rfsiv7%7Cc%7Cdzy6pts0ns9ihj%3D%3D%7Cpc%7C1b9rqbo HTTP 302
    https://chameleonads.go2cloud.org/aff_r?offer_id=6047&aff_id=5246&url=https%3A%2F%2Fwww.privateinternetaccess.com%2Foffer%2Fgents_y3k0p0r%3Faff_click_id%3D10243016f64af26e0944522bdc6bb6%26aff_sub%3D5246&urlauth=423330715281998335119522031048 HTTP 302
    https://www.privateinternetaccess.com/offer/gents_y3k0p0r?aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246 HTTP 302
    https://www.privateinternetaccess.com/en/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen HTTP 301
    https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://www.privateinternetaccess.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.privateinternetaccess.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js

86 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request best
www.privateinternetaccess.com/offer/
Redirect Chain
  • http://www.disincorzu.com/2cs51mj9c/bncx479/?sub1=gfhgfhgfhghhjjhhjhjfhfgh_1f36678440fbd6f4&sub2=yp1f3%7Claecoaeypz5yqn==%7Cfsiv7%7Cljn48%7C2petr5u%7C94356%7C0000rfsiv7%7Cc%7Cdzy6pts0ns9ihj==%7Cpc%...
  • https://www.disincorzu.com/2cs51mj9c/bncx479/?sub1=gfhgfhgfhghhjjhhjhjfhfgh_1f36678440fbd6f4&sub2=yp1f3%7Claecoaeypz5yqn==%7Cfsiv7%7Cljn48%7C2petr5u%7C94356%7C0000rfsiv7%7Cc%7Cdzy6pts0ns9ihj==%7Cpc...
  • https://www.thrusteriu.com/cmp/Q9C8LHWH/77G3B/?__rpt=0&__po=5472&__ptid=c41146c5d96745be82c1091b3a151794&__rpa=0&__rc=1&sub1=gfhgfhgfhghhjjhhjhjfhfgh_1f36678440fbd6f4&sub2=yp1f3%7Claecoaeypz5yqn%3D...
  • https://chameleonads.go2cloud.org/aff_c?offer_id=6047&aff_id=5246&aff_click_id=2fc83d2e63044d02b26ef71ab61d34aa&source=670490&aff_sub=gfhgfhgfhghhjjhhjhjfhfgh_1f36678440fbd6f4&aff_sub2=yp1f3%7Claec...
  • https://chameleonads.go2cloud.org/aff_r?offer_id=6047&aff_id=5246&url=https%3A%2F%2Fwww.privateinternetaccess.com%2Foffer%2Fgents_y3k0p0r%3Faff_click_id%3D10243016f64af26e0944522bdc6bb6%26aff_sub%3...
  • https://www.privateinternetaccess.com/offer/gents_y3k0p0r?aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246
  • https://www.privateinternetaccess.com/en/offer/discount?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
  • https://www.privateinternetaccess.com/offer/discount?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
  • http://www.disincorzu.com/2cs51mj9c/bncx479/?sub1=gfhgfhgfhghhjjhhjhjfhfgh_1f36678440fbd6f4&sub2=yp1f3%7Claecoaeypz5yqn==%7Cfsiv7%7Cljn48%7C2petr5u%7C94356%7C0000rfsiv7%7Cc%7Cdzy6pts0ns9ihj==%7Cpc%...
  • https://www.thrusteriu.com/cmp/Q9C8LHWH/77G3B/?__rpt=0&__po=5472&__ptid=d82691e0412e4a7a838a2aa8409efa12&__rpa=0&__rc=1&sub1=gfhgfhgfhghhjjhhjhjfhfgh_1f36678440fbd6f4&sub2=yp1f3%7Claecoaeypz5yqn%3D...
  • https://chameleonads.go2cloud.org/aff_c?offer_id=6047&aff_id=5246&aff_click_id=47c108b09d3440ac966ee71cbe9d9d17&source=670490&aff_sub=gfhgfhgfhghhjjhhjhjfhfgh_1f36678440fbd6f4&aff_sub2=yp1f3%7Claec...
  • https://chameleonads.go2cloud.org/aff_r?offer_id=6047&aff_id=5246&url=https%3A%2F%2Fwww.privateinternetaccess.com%2Foffer%2Fgents_y3k0p0r%3Faff_click_id%3D10243016f64af26e0944522bdc6bb6%26aff_sub%3...
  • https://www.privateinternetaccess.com/offer/gents_y3k0p0r?aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246
  • https://www.privateinternetaccess.com/en/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
  • https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
1 MB
142 KB
Document
General
Full URL
https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4b8429cf8c9e11446088d5a8034ad674f4cd682fda9885c20c967d35f1d3b8c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
899ba5dcdd44aca9-TXL
content-encoding
gzip
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 26 Jun 2024 07:57:42 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-robots-tag
noindex, nofollow
x-xss-protection
0

Redirect headers

access-control-allow-headers
Content-Type, X-Requested-With
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
899ba5dbcb09aca9-TXL
content-type
text/html
date
Wed, 26 Jun 2024 07:57:41 GMT
location
https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
x-frame-options
SAMEORIGIN
x-powered-by
PIA
usercentrics.js
s3.eu-west-1.amazonaws.com/assets-cms.privateinternetaccess.com/js/cookie-consent/desktop/
573 KB
573 KB
Script
General
Full URL
https://s3.eu-west-1.amazonaws.com/assets-cms.privateinternetaccess.com/js/cookie-consent/desktop/usercentrics.js
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.218.91.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c29c30f05a67a3c5528f5e1c1ac9531f34485ef08b8f8453c56dafa456009f09

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 07:57:43 GMT
x-amz-version-id
yWI6Z06oTZZ4zRfelPs8jYIon0ws2y_O
Last-Modified
Wed, 19 Jun 2024 12:23:47 GMT
Server
AmazonS3
x-amz-request-id
XJJ2TBRBH3W3FA6Z
ETag
"56d447ec652096877384b25c7277f7a5"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
586613
x-amz-id-2
Mdz4HDuSAMJE8AXBCGN6XEDt6vquMch+LSzx+5BVFSGznUb0dh3cZRh0eI0gtLzyxQCtcHioi98=
snippet.js
static.zdassets.com/ekr/
10 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/ekr/snippet.js?key=ca62a9b8-af87-471f-b92b-16306ac7cc3f
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
1SNRDKSERGJV6VMK
age
50
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
uO6OXeT10Ei8gvkgOYk8GqfEKBgU7iMX4A03NuTET0/d9Yb+OS6Oh3/QHx2K65hZcFaRBXdx7thPR5P7i7nBPQ==
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vUFMVmJ4Di4Me97%2FgO9ZGFdfGvLD6smKbjPHcQlzWFFtbSqZ96Bfr03gnRHSZKVrPnudNjjVtSYWuDIJVGEYyGP4hED04B7PXfQ1vOPbrLAi18l7wxWm5Xw9abS%2BRWKjTOHLFF8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
899ba5e40a05bf20-WAW
access-control-allow-headers
*
js
www.googletagmanager.com/gtag/
208 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-26585402-1
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fcb2668cfa4cb00b60b8aa603581d9cfedd16717799d73dcf45ca25b69ae4d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76708
x-xss-protection
0
last-modified
Wed, 26 Jun 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 26 Jun 2024 07:57:42 GMT
bootstrap.min.js
www.privateinternetaccess.com/offer/assets/scripts/bootstrap/
77 KB
22 KB
Script
General
Full URL
https://www.privateinternetaccess.com/offer/assets/scripts/bootstrap/bootstrap.min.js?v3
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f27c2a51f4f713efda3881de03697fdce7a5022874d94d5256e106e0322d598
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 30 Jan 2024 15:01:32 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
4705349
etag
W/"13367-18d5ae3c0e0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
899ba5e48c6faca9-TXL
alt-svc
h3=":443"; ma=86400
navbar-hp.js
www.privateinternetaccess.com/offer/assets/scripts/core/
1 KB
629 B
Script
General
Full URL
https://www.privateinternetaccess.com/offer/assets/scripts/core/navbar-hp.js?v2
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PIA
Resource Hash
3f0c3501e9f7905c7593e9494d8afe6a9f33b10cbfa644937aae928f818c0080
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
age
4701402
cf-polished
origSize=1569
x-powered-by
PIA
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 24 Nov 2023 08:31:03 GMT
server
cloudflare
etag
W/"621-18c00742d58"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-frame-options
SAMEORIGIN
cf-ray
899ba5e49c73aca9-TXL
access-control-allow-headers
Content-Type, X-Requested-With
pia_new_logo-desktop_dark_v2.svg
lplandmedia.supreme.tools/privateland/logos/pia/
17 KB
6 KB
Image
General
Full URL
https://lplandmedia.supreme.tools/privateland/logos/pia/pia_new_logo-desktop_dark_v2.svg
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
358fe265580661382266638d2e3eed6f32b83742bcbc109e7502ea165eb09a76

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
GzVCuPoY9CRU7jg.WubPzjb.DWUSkTiw
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
QJPAR0WHXVZK5X29
age
286
alt-svc
h3=":443"; ma=86400
x-amz-id-2
UYOG7h1xyDhDkwcV7Gc7ZCBfgKTSGn7a3DdSJxoGRlAIH/6pyuPFCZE/LWIyfn3cm6a/0iCq68w=
last-modified
Tue, 25 Jan 2022 17:01:43 GMT
server
cloudflare
etag
W/"e04a4c5d912529fc13dbf83f00a56ac2"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
899ba5e3aee544f8-TXL
expires
Thu, 26 Jun 2025 07:57:42 GMT
pia_new_logo-desktop_white_v2.svg
lplandmedia.supreme.tools/privateland/logos/pia/
17 KB
6 KB
Image
General
Full URL
https://lplandmedia.supreme.tools/privateland/logos/pia/pia_new_logo-desktop_white_v2.svg?v3
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8363aa35fa4e039e1a1cc71217d5136f4153bba974d1fca4bd2d742d990347d8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
I_pdrAentdikhWOzMVMENG1S2Araa8z5
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
D94ABZNXGFZRJXH1
age
286
alt-svc
h3=":443"; ma=86400
x-amz-id-2
1hreW7svcXkYj8xWM7b7RAVpOwB6ngGba6l8hrT7jS/XmFLk8PX/4qcKVystHCXFmUzeD7GTAgE=
last-modified
Wed, 30 Jun 2021 10:11:04 GMT
server
cloudflare
etag
W/"af9e9a8b449a2159329c1de4d801ebd7"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
899ba5e3aeea44f8-TXL
expires
Thu, 26 Jun 2025 07:57:42 GMT
open_globe.svg
lplandmedia.supreme.tools/privateland/misc/
971 B
915 B
Image
General
Full URL
https://lplandmedia.supreme.tools/privateland/misc/open_globe.svg
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f23c671e5a88e26fc666a274e43def2b2dca1acb2160f3a6321d43ca62a3049

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
hDJOy4fXMXRuyoYFyr.TNgAv5WzDxM_U
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
H095S2AFD5BECF0P
age
286
alt-svc
h3=":443"; ma=86400
x-amz-id-2
GxR1YEYCiUM8Kc9Ki0wsW46i32aNGXxPG0n2lFWW5QQsSxtqdc/lTvaa4dTTv+hUEXq+4kP5abM=
last-modified
Tue, 28 Dec 2021 13:31:06 GMT
server
cloudflare
etag
W/"b6908245aa1f7d647e8fc627012d429e"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
899ba5e41ff844f8-TXL
expires
Thu, 26 Jun 2025 07:57:42 GMT
checkmark-blue.svg
lplandmedia.supreme.tools/privateland/misc/
1 KB
967 B
Image
General
Full URL
https://lplandmedia.supreme.tools/privateland/misc/checkmark-blue.svg
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
596a2f0882e4232f5661dc89dda825c56a40ef24b2218706582318844185c19a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
0k0W9TFZ6SXlpN0dt5gbDW0H.Rhh_.JI
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
P1GYC8Z7K6ZCZJ7T
age
1834
alt-svc
h3=":443"; ma=86400
x-amz-id-2
wz/Hz0ZfoNcxChJpGPPscZhuH0W7JKTjUdfNA50C952qGV2B1MxWyLHfZWH55taa2ZyVy5iJK3U=
last-modified
Mon, 14 Jun 2021 12:30:51 GMT
server
cloudflare
etag
W/"e5cdb80c2c1a6ede25a69154fe623305"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
899ba5e4384d44f8-TXL
expires
Thu, 26 Jun 2025 07:57:42 GMT
mobile_marker.svg
lplandmedia.supreme.tools/privateland/landing-pages/best/
777 KB
580 KB
Image
General
Full URL
https://lplandmedia.supreme.tools/privateland/landing-pages/best/mobile_marker.svg
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13b98404da01b3ec2e6326ff7f18b2e047270e54a2f4dde9f7bfe328bcc20d34

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
uK9twDjWRhg9h_EcKrJkcYnHsFyqS9wh
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 29 Sep 2023 05:35:31 GMT
server
cloudflare
x-amz-request-id
9HJPF024DRM399ND
etag
W/"c1616cb740f89e07ec2bb74c37ff1b72"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
899ba5e4992044f8-TXL
alt-svc
h3=":443"; ma=86400
x-amz-id-2
MMqHMYsmw98a6pccCuHiAq8MNYUYUunkZ164L1JIgwYS8QkoegU4ijtzXn9bnGn8pEYfHkH2BrQ=
expires
Thu, 26 Jun 2025 07:57:42 GMT
trust-shield.svg
lplandmedia.supreme.tools/privateland/landing-pages/best/privacy-focused/
1 KB
1 KB
Image
General
Full URL
https://lplandmedia.supreme.tools/privateland/landing-pages/best/privacy-focused/trust-shield.svg
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
727918fe9e44ae0590e35f88e52707bbd58f2c957316220337fb023282b41bf4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
JJUAARWihYvVUppIIFAduJ411ZRa3xUH
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 14 Jun 2024 07:41:35 GMT
server
cloudflare
x-amz-request-id
75GQKCRFT6A2BAAQ
etag
W/"ec1b64c5b21831e25cbe344f19abcbc0"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
899ba5e4992444f8-TXL
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Eh3EMd42QYcIezwesq71dKpvcLWmFODsOe+vWJiRfDw1Nl3lhl3UN8MSol0tYrXYNf+SZZSrWNo=
expires
Thu, 26 Jun 2025 07:57:42 GMT
globe.svg
lplandmedia.supreme.tools/privateland/landing-pages/best/privacy-focused/
3 KB
2 KB
Image
General
Full URL
https://lplandmedia.supreme.tools/privateland/landing-pages/best/privacy-focused/globe.svg
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a67cdab40c4c4ff5be8549973179ef60b90bd7f06c4a3f92caf7ccb89ed9e82a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
9dBQJL4P2PezX2s63OFJyzh80cw5slmB
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 14 Jun 2024 07:41:35 GMT
server
cloudflare
x-amz-request-id
75GY6FP1EM2PRTR3
etag
W/"e7b89e25cf729d840055777b4d29cf10"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
899ba5e4992744f8-TXL
alt-svc
h3=":443"; ma=86400
x-amz-id-2
eL3FAWFGXM8GpzjSyfv9o1QDLL1et74fKhpL69sB43Aq6kwJ9BLu6D3Ga2LDouI85yBlWlMO0rw=
expires
Thu, 26 Jun 2025 07:57:42 GMT
desktop.svg
lplandmedia.supreme.tools/privateland/landing-pages/best/privacy-focused/
2 KB
1 KB
Image
General
Full URL
https://lplandmedia.supreme.tools/privateland/landing-pages/best/privacy-focused/desktop.svg
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
014ab280f59a0828d8a39a1b3841fd99837d93ba04661ae984d2bab54f1df9f6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
fw6KoyYSp0rbpODn62LMaCupWW78s71q
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 14 Jun 2024 07:41:34 GMT
server
cloudflare
x-amz-request-id
75GP2YNP8YV0NFSN
etag
W/"b89cd33bc89fa14d18342c5f84bcaa4b"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
899ba5e4992b44f8-TXL
alt-svc
h3=":443"; ma=86400
x-amz-id-2
IikdruaahdaWYIxSDElgbZMNyHfOMJ38cD6G22SeUQ6+sqADRBqNA2QqVyivGQhTgTNnUQBPaV8=
expires
Thu, 26 Jun 2025 07:57:42 GMT
devices.svg
lplandmedia.supreme.tools/privateland/landing-pages/best/privacy-focused/
31 KB
13 KB
Image
General
Full URL
https://lplandmedia.supreme.tools/privateland/landing-pages/best/privacy-focused/devices.svg
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56194caa48d3aa7345768f3c14d6aafe85ef568be6370128c80187313a874d59

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
I1wOqqY7uMvZzbl4RcwaJjRc7GNDx7pn
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 14 Jun 2024 09:07:17 GMT
server
cloudflare
x-amz-request-id
75GYA43C5J3FWKDN
etag
W/"6bb366137b342f6da81c7ca3543d94c8"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
899ba5e4993144f8-TXL
alt-svc
h3=":443"; ma=86400
x-amz-id-2
NtfCzAJZKJ5lrUn6+pDUvHoMgCy4CjJLm9BCH79W/yD5ZUaKig/wnYqXOYvWbMv2MtEhBlq4MN0=
expires
Thu, 26 Jun 2025 07:57:42 GMT
checkmark-green-solid.svg
lplandmedia.supreme.tools/privateland/misc/
234 B
534 B
Image
General
Full URL
https://lplandmedia.supreme.tools/privateland/misc/checkmark-green-solid.svg
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce16310c8616d66f1a2586412979b73d1aa7c958fdf64db840b45c426fa4023f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
SL_8P9DR_29Cg8PJN54Hl3MqLBeW7jKj
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 21 Jun 2021 11:34:08 GMT
server
cloudflare
x-amz-request-id
VF7MKD84WEA9H9K6
etag
W/"db67d6a686cada101308b17988ded6b0"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
899ba5e4993a44f8-TXL
alt-svc
h3=":443"; ma=86400
x-amz-id-2
sfV0Q5GH52l96NSy/aOcTos1kP+lcpXp6m4dgpG5JUBVlldVNZl/cd23re4LQ4s6ZvOPU2PsbCY=
expires
Thu, 26 Jun 2025 07:57:42 GMT
powerfull-encryption.svg
lplandmedia.supreme.tools/privateland/landing-pages/best/digital-privacy/
699 KB
514 KB
Image
General
Full URL
https://lplandmedia.supreme.tools/privateland/landing-pages/best/digital-privacy/powerfull-encryption.svg
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
268f1c5bb18b61db874b88fe3da448a3c55b412ca36ae6392b943ee6f59187c4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
wcSEZZ4_29nUMXYk1eyMxqI69xMjOPvS
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 16 Jun 2024 09:28:15 GMT
server
cloudflare
x-amz-request-id
75GNZWERAHB14S34
etag
W/"4cb064934ebd5a647059c9085e3ff9a4"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
899ba5e4994144f8-TXL
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ndmmNV2Wx+mwZZpqMy9Vn0MXaQMkpUG1Nn6FirwPRqy/HVeamzt9G8P2hPsBTBF6RGkpYumP1fo=
expires
Thu, 26 Jun 2025 07:57:42 GMT
kill-switch.svg
lplandmedia.supreme.tools/privateland/landing-pages/best/digital-privacy/
485 KB
345 KB
Image
General
Full URL
https://lplandmedia.supreme.tools/privateland/landing-pages/best/digital-privacy/kill-switch.svg
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db219730986ff45549d559e07e288255362f98a800109d439dbc25e70f6cea15

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
Fksady9OcnILtHsbdEFb5XmWqgActrze
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 16 Jun 2024 09:28:14 GMT
server
cloudflare
x-amz-request-id
75GZMSQK7RGXCEHV
etag
W/"e302d6058f571b042448d156c5d0b56f"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
899ba5e4994344f8-TXL
alt-svc
h3=":443"; ma=86400
x-amz-id-2
M0pIR3HHWmdf6pocEwS+Gh4/q2OfEUaHDgaPWhsVlg30Wz+kCRgzuAdGDh1tyUF58bAYpDeIAjg=
expires
Thu, 26 Jun 2025 07:57:42 GMT
encryption.svg
lplandmedia.supreme.tools/privateland/landing-pages/best/digital-privacy/
1 MB
1 MB
Image
General
Full URL
https://lplandmedia.supreme.tools/privateland/landing-pages/best/digital-privacy/encryption.svg
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d0def1f616c8bdd2786cc25c33c01af2b6fb094160ad40fa3f18554e8e0b4e7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
BlxID8WkFHct6ESW1LK7UdRi8iY.xUVy
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 16 Jun 2024 09:28:13 GMT
server
cloudflare
x-amz-request-id
75GZQ7RGVZEB1FWD
etag
W/"c0410becaf828ac7bcff98654589d4ed"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
899ba5e4994544f8-TXL
alt-svc
h3=":443"; ma=86400
x-amz-id-2
+0c6+AIhWloJ0/dqRUaR3gJRBc3tdlrn0UzVPYrWFoYpWUdKxwUjbqMjQ+VU5NLBkbD81HKdUJs=
expires
Thu, 26 Jun 2025 07:57:42 GMT
devices.svg
lplandmedia.supreme.tools/privateland/landing-pages/best/why-opt/
447 KB
332 KB
Image
General
Full URL
https://lplandmedia.supreme.tools/privateland/landing-pages/best/why-opt/devices.svg
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0240cacc7fa47d24b290671b3ef6f1b8d1909d1ac80755cc77fc619b2bf38b99

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
1bCNVcI6MbG0n8wsGBFnmc3K0fidqIUR
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 17 Jun 2024 08:15:36 GMT
server
cloudflare
x-amz-request-id
75GPTK6WY83ZB4Q2
etag
W/"1a0f7e53bcbb8bd8639e85b57cdd20bf"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
899ba5e4994844f8-TXL
alt-svc
h3=":443"; ma=86400
x-amz-id-2
2cP7oiGCorsbsRAWjqI/Yuk6s9Kf1WrugAtFMISQXDf2yO4RMThoUx3LilLnRKWbTt1FU2RpV9A=
expires
Thu, 26 Jun 2025 07:57:42 GMT
streaming.svg
lplandmedia.supreme.tools/privateland/landing-pages/best/why-opt/
117 KB
60 KB
Image
General
Full URL
https://lplandmedia.supreme.tools/privateland/landing-pages/best/why-opt/streaming.svg
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
218dc51539d7473febec6a9bf99efb2beeda7df0e35dfc681f2739da2c1a2f97

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
AHjAFHG8IQAtSDXl7fsjXkznOjQam7_2
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 17 Jun 2024 08:15:35 GMT
server
cloudflare
x-amz-request-id
75GP5Q42KHZG7XSJ
etag
W/"f6021c04e1e1ad49699075c0cd8329c5"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
899ba5e4994c44f8-TXL
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Rx9exqAPouaZfFthEk1aY6DRIs6rADG6z5/1gBh/ZnPftTBVOFtu/gOgCf1ZUe6PgwjKkIJwYmY=
expires
Thu, 26 Jun 2025 07:57:42 GMT
gaming.svg
lplandmedia.supreme.tools/privateland/landing-pages/best/why-opt/
608 KB
452 KB
Image
General
Full URL
https://lplandmedia.supreme.tools/privateland/landing-pages/best/why-opt/gaming.svg
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a91ae3a91862459209c0bf4556c01858a6b1d9e1c277d34581f63eaf675fc08

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
mPG9nyr.Gm6XX4FuapfmK1CkhHqBul89
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 17 Jun 2024 08:15:35 GMT
server
cloudflare
x-amz-request-id
3TTP97709VB19HE3
etag
W/"6f5216deb233e756b8a55b353ecec089"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
899ba5e4994f44f8-TXL
alt-svc
h3=":443"; ma=86400
x-amz-id-2
obFzKHs/p66/5Yao1A1Hpw/CnhC1eJQOMUhuN+OrNvE2naPafoQ5XSWhHvu4Fua4Yv+UrRPM+uI=
expires
Thu, 26 Jun 2025 07:57:42 GMT
smart.svg
lplandmedia.supreme.tools/privateland/landing-pages/best/why-opt/
358 KB
266 KB
Image
General
Full URL
https://lplandmedia.supreme.tools/privateland/landing-pages/best/why-opt/smart.svg
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
499fc24435679a5a62b9210e707a9ec2f5e2c5acad584ebb67565db53110fd87

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
T.WiDr8bqFeFKjwLcsViQYV.BI0KfT1B
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 17 Jun 2024 08:15:35 GMT
server
cloudflare
x-amz-request-id
3TTZKSP05DEQADZN
etag
W/"aa5c7aeebd992581b621d17dba2d7d06"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
899ba5e4995144f8-TXL
alt-svc
h3=":443"; ma=86400
x-amz-id-2
6r6rqpHVahsW3SEnFbXaX2qzjXmJWSw9jsRMHOzCnjkmfQ+Ah+yS4cQbMEzDb1bjEFmKPg+9LW4=
expires
Thu, 26 Jun 2025 07:57:42 GMT
5_stars_logo.svg
lplandmedia.supreme.tools/privateland/trustpilot/
816 B
669 B
Image
General
Full URL
https://lplandmedia.supreme.tools/privateland/trustpilot/5_stars_logo.svg
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
701914ca1420ee606163469259dda514df62ad5d849a8a95a805320f70bbbfab

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
ES04NqmtxU1.yZxVe.dAD1P_fCKqqbBv
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
YSSYWD052Y6KB8ZJ
age
286
alt-svc
h3=":443"; ma=86400
x-amz-id-2
IYPjJvfAY1gKahslN531nARnAjXgqiLqK3nq0yMcPRhZSYBxV0NagWSXspm9HgQGz9dCdhSF71k=
last-modified
Fri, 03 Nov 2023 08:56:29 GMT
server
cloudflare
etag
W/"db09ee68dfbeac4ddb613d40607d049d"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
899ba5e4995444f8-TXL
expires
Thu, 26 Jun 2025 07:57:42 GMT
trustpilot_logo.svg
lplandmedia.supreme.tools/privateland/trustpilot/
4 KB
2 KB
Image
General
Full URL
https://lplandmedia.supreme.tools/privateland/trustpilot/trustpilot_logo.svg
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d481ab28534bc2f72a31f951bf67e9cef033d8c8f7c7b06cc26950eef73a9644

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
fN2jzQxkoOwrDUhufM1X9EOU1D0RxrY0
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
6RMFJ85VKE2STGAT
age
4712814
alt-svc
h3=":443"; ma=86400
x-amz-id-2
5bHCZ+zv7J5pTIQKZrZxEiNP+t7FPCMEc/+RHHBGcolHBNmwYDRp/fwuDo/B6Rjdfv6LtjP0CgU=
last-modified
Wed, 28 Apr 2021 06:49:18 GMT
server
cloudflare
etag
W/"3984e87702d28336c164aa50189a2707"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31622400
cf-ray
899ba5e4995944f8-TXL
expires
Fri, 27 Jun 2025 07:57:42 GMT
trustpilot_logo_white.svg
lplandmedia.supreme.tools/privateland/trustpilot/
4 KB
2 KB
Image
General
Full URL
https://lplandmedia.supreme.tools/privateland/trustpilot/trustpilot_logo_white.svg
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fdef46dc1bc1603e4569a5095199090523e7235f42abb44b55316576684cf8e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
rNBCipO8g6ZYXIuc2OtET0MCaoQdl3.Y
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
MHK7G33YDJDFK9KF
age
286
alt-svc
h3=":443"; ma=86400
x-amz-id-2
1+lxc1jinQLkXS+YeUyR4irURZjTqPqb/46Y21+S8lZ/y49D+qIEzeQ4BJq8Xx7enXwkj0+u01g=
last-modified
Wed, 19 Oct 2022 20:35:47 GMT
server
cloudflare
etag
W/"b2290662004141e935e8f742a036a7cf"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
899ba5e4995b44f8-TXL
expires
Thu, 26 Jun 2025 07:57:42 GMT
profile.svg
lplandmedia.supreme.tools/privateland/trustpilot/
830 B
755 B
Image
General
Full URL
https://lplandmedia.supreme.tools/privateland/trustpilot/profile.svg
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf8ae6e584e047445f5c419d09c59d3fbcc59ae70385860daacc5fd711717773

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
VZVnvHMrrAIlb.W27EUXkAAH7edGvmgn
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
WS9NQW93THVN9QF0
age
286
alt-svc
h3=":443"; ma=86400
x-amz-id-2
sz4udAUt9S6NEui9g8hfCxPVatqZ10iGiTL5JL+RSF0xflAnDxlRbQ9MB3CBjERGwoqtSB1wg4Q=
last-modified
Tue, 01 Jun 2021 11:25:19 GMT
server
cloudflare
etag
W/"01a9a0b73bda906c016beb112ab30159"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
899ba5e4995f44f8-TXL
expires
Thu, 26 Jun 2025 07:57:42 GMT
jquery-3.6.1.min.js
code.jquery.com/
88 KB
31 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.1.min.js
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://www.privateinternetaccess.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5244853
x-cache
HIT, HIT
content-length
30957
x-served-by
cache-lga13629-LGA, cache-cph2320054-CPH
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1719388663.596793,VS0,VE0
etag
W/"28feccc0-15e40"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
42, 62385
ouibounce.min.js
cdnjs.cloudflare.com/ajax/libs/ouibounce/0.0.12/
2 KB
1 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ouibounce/0.0.12/ouibounce.min.js
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b74c3b8c5f786bcc4aa29f55ca0b178a0e2b5fcc6da3057a121bececc1b572ea
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
36685
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
665
last-modified
Mon, 04 May 2020 16:13:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f3f-658"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dCVqRslmaVgqp47ztsuwLzrM2zsaCHxGzkMtNgwMHyy1R99w%2FLZBJ%2FWtKdqj7cYrIq5%2FdXy0SlsM6ot7myf4Vjw1eAr7aB5nh7ESRe0XyT9y0umYlYk8OlyBuC8V4Rnf0m0TmsvN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
899ba5e4dbe99737-FRA
expires
Mon, 16 Jun 2025 07:57:42 GMT
countdown.js
assets.cyberghostvpn.com/js/front/blocks/
5 KB
2 KB
Script
General
Full URL
https://assets.cyberghostvpn.com/js/front/blocks/countdown.js
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:10e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16f8dd6a39fbabc9e4d3ce898c7a23eae961924e23a30a758545a96b8a9bac9a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
tI4XnlmfS4D52m0rcCB.mNqAuWCLG1sP
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
DCNX6P7DMJK1FSQ2
age
3778
cf-polished
origSize=7568
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
OXnDQ0YLFRCNmF5G/mfx5rRqonP8lBS4Vtj4rQTGSqP5pj1URHOnV7Q5uxIj/r0s2X0/MkHOwS0=
cf-bgj
minify
last-modified
Thu, 06 Jun 2024 11:04:31 GMT
server
cloudflare
etag
W/"a5646c07d0370d39f18d06fe094bb03a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
899ba5e54f24bb53-FRA
expires
Thu, 26 Jun 2025 07:57:42 GMT
icon-lock.svg
assets-cms.privateinternetaccess.com/photos/shares/campaigns/valentine2023/exit-intent/
1 KB
997 B
Image
General
Full URL
https://assets-cms.privateinternetaccess.com/photos/shares/campaigns/valentine2023/exit-intent/icon-lock.svg
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b8e93f69ae6fca1b4c604b45881695f92187f378579859fdf86f4cf694ef483
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
5nqzMEuJy38fTFTAMGOvH22pXbHeudIP
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains
x-amz-request-id
2S8SWC3ZNZQPNMWX
age
23785
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
a5gUebhgdK4W4i1OY0u2sBFWkILhUrTUPoT4qb+9VJ6jTVr/Rzs9VdFqmb920MfFfaH5NpgNCafzCowecH4KhQ==
last-modified
Fri, 03 Feb 2023 09:11:55 GMT
server
cloudflare
etag
W/"23edaad4a7ac6602177f77cfe279ed63"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
899ba5e4bcc4aca9-TXL
expires
Thu, 26 Jun 2025 07:57:42 GMT
grey-shield.svg
assets-cms.privateinternetaccess.com/photos/shares/campaigns/spring24/
1 KB
1 KB
Image
General
Full URL
https://assets-cms.privateinternetaccess.com/photos/shares/campaigns/spring24/grey-shield.svg
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c88bdc49299d48676034acabc44f507d820f15bf330fb278328ef2b3edda4123
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
Qpe.vhp_nBrw_BidbZITs6uSwyYvCWmq
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains
x-amz-request-id
N9ER41RPRYVDJ5Y9
age
37872
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Yl1E3RmYUvBSlCLJKJvqniZ7UEkDZjigsx5dt5epYwruhxXCzGkzhZXekanC0XCQLrYKAdYgCPc=
last-modified
Tue, 12 Mar 2024 10:33:48 GMT
server
cloudflare
etag
W/"55295933e410764f59a58602763c2d18"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
899ba5e4bcccaca9-TXL
expires
Thu, 26 Jun 2025 07:57:42 GMT
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://www.privateinternetaccess.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
899ba5e5397a2c32-FRA
ca62a9b8-af87-471f-b92b-16306ac7cc3f
ekr.zdassets.com/compose/
1 KB
1 KB
Fetch
General
Full URL
https://ekr.zdassets.com/compose/ca62a9b8-af87-471f-b92b-16306ac7cc3f
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=ca62a9b8-af87-471f-b92b-16306ac7cc3f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b781c2eea0df1426f304c0ac1eca5107ffaaf91a3c42012d4bc7ce296aa7cf02
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
age
11
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
895bcbc7c9d18aab-SEA, 895bcbc7c9d18aab-SEA
x-runtime
0.012569
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"b781c2eea0df1426f304c0ac1eca5107"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bnQK7NKT4FtvoCbMEmbL4ps%2Bqrfm2%2B%2B0cZV2WvZ9yUx4gOKYwmNPIZev2dno1Ke8UhMQIPtTTBzA7zmx56oe%2BHi5JsJW3JcibvaGaednt4TD6%2FzKbe%2BUhvDXYuK2uHmLLj4%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
899ba5e54e1ec3d1-WAW
alooma-latest.min.js
lplandmedia.supreme.tools/scripts/
37 KB
12 KB
Script
General
Full URL
https://lplandmedia.supreme.tools/scripts/alooma-latest.min.js
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42b6f48f6b25bd59a2eb5b418227ddf88bd2379329dabcb290190b6565301a73

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
ddEAxbxejJ0m_AB5pWPp9C2PM6k2Px_Y
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
1TGJ21NEXE5E0W87
age
2438
alt-svc
h3=":443"; ma=86400
x-amz-id-2
kvv3vBIpOKHtQb4AeOvWR6oKxbQt9IqDiynEs/1FXNtxnRlZeaDB9TrHTFnJNqo7ZS37DuF6c6Y=
last-modified
Wed, 04 Oct 2023 14:30:34 GMT
server
cloudflare
etag
W/"7c70cb8917a22566889a5fe86e9228ba"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
899ba5e4996244f8-TXL
expires
Thu, 26 Jun 2025 07:57:42 GMT
background_desktop_circle.svg
s3-eu-west-1.amazonaws.com/lplandmedia.supreme.tools/privateland/landing-pages/best/
5 KB
6 KB
Image
General
Full URL
https://s3-eu-west-1.amazonaws.com/lplandmedia.supreme.tools/privateland/landing-pages/best/background_desktop_circle.svg
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.92.20.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
73a7577ead6f012f5bc244f813047f81b238e9c504b122eda4df5d3121b5ee2c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.privateinternetaccess.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 07:57:43 GMT
x-amz-version-id
Gy5btmE3Z9c_6wz0pPZVuOveNBDDlqfr
Last-Modified
Fri, 29 Sep 2023 13:38:29 GMT
Server
AmazonS3
x-amz-request-id
XJJ81MZEN6DKGKYW
ETag
"5915a75c0b9d10f9df66bb97ae50fe94"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
5246
x-amz-id-2
VXyAC5Cog8kH7l3f7kVNllPcLjh6fUczoaqFKASlW3BFEKYG3HqUqUvOJGScrtaThnqQh8NfKrU=
flags.png
assets-cms.privateinternetaccess.com/img/frontend/pia/
74 KB
74 KB
Image
General
Full URL
https://assets-cms.privateinternetaccess.com/img/frontend/pia/flags.png
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c131aef25f72113f069c5266fd8498b939cc30a8af151afbfd791b4083c7188c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.privateinternetaccess.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
ryqlMzsGxMVjDbJSAP2WzPFA_iZzjiWc
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains
x-amz-request-id
YG6VCRRZD2PRDH6W
cf-polished
origFmt=png, origSize=97164
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="flags.webp"
alt-svc
h3=":443"; ma=86400
content-length
75736
x-amz-id-2
m1CaUn8op/PgKTvvKrjnelgx192zFGc/zAMrFMjHz6X7qkUtztZqB5bd0MWddn0Cc4W9kqV0Wmc=
cf-bgj
imgq:85,h2pri
last-modified
Thu, 20 Jun 2024 08:56:13 GMT
server
cloudflare
etag
"bd5ab174064647c80e9e8d94055b61b4"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
899ba5e4bcd2aca9-TXL
expires
Thu, 26 Jun 2025 07:57:42 GMT
BalooTamma2-Regular.woff2
s3-eu-west-1.amazonaws.com/lplandmedia.supreme.tools/privateland/fonts/BalooTamma2/
126 KB
126 KB
Font
General
Full URL
https://s3-eu-west-1.amazonaws.com/lplandmedia.supreme.tools/privateland/fonts/BalooTamma2/BalooTamma2-Regular.woff2
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.92.20.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7e5c036f7618b33fdf3515463d35c4767a03c31e31f2fb8c6db40bb753248359

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.privateinternetaccess.com/
Origin
https://www.privateinternetaccess.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 07:57:43 GMT
x-amz-version-id
u7a0kwwuAa7DJts20XHe9U5AEalQ8cFw
Last-Modified
Mon, 14 Jun 2021 08:25:55 GMT
Server
AmazonS3
x-amz-request-id
XJJ1D771G9JP9KHN
ETag
"8ec3bec1d70191aac78a13b1c99b51a5"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Length
128516
x-amz-id-2
LeqR6W5iVIncrUEmIDtnewec3KyFX45SI74SdsXPeTFisKz8rw//v9Qzfw68qZXJynMcY9bxa2o=
BalooTamma2-Medium.woff2
s3-eu-west-1.amazonaws.com/lplandmedia.supreme.tools/privateland/fonts/BalooTamma2/
131 KB
132 KB
Font
General
Full URL
https://s3-eu-west-1.amazonaws.com/lplandmedia.supreme.tools/privateland/fonts/BalooTamma2/BalooTamma2-Medium.woff2
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.92.20.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
9c65ae055ca38279199860272550858f891db0fa22c3e47b42878e94f524dfa3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.privateinternetaccess.com/
Origin
https://www.privateinternetaccess.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 07:57:43 GMT
x-amz-version-id
aKtgbYi6PhPx3jSreX1In1KFvpbvMf2s
Last-Modified
Mon, 14 Jun 2021 08:25:57 GMT
Server
AmazonS3
x-amz-request-id
XJJ386HMANKHSMBE
ETag
"14e49685f2059cfba218f09a08472251"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Length
134600
x-amz-id-2
wMUkgzmq0ldnStZwLZeKkYf/8eQNIUJtd+MQFmiUaqbUYjCIYUOJTD+Q82Z9KjT428RGvLQXP20=
/
kapetracking.com/jssdk/track/
37 B
310 B
XHR
General
Full URL
https://kapetracking.com/jssdk/track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRjdXJyZW50X3VybCI6ICJodHRwczovL3d3dy5wcml2YXRlaW50ZXJuZXRhY2Nlc3MuY29tL29mZmVyL2Jlc3Q%2FY291cG9uPTJZMk0mYWZmX2NsaWNrX2lkPTEwMjQzMDE2ZjY0YWYyNmUwOTQ0NTIyYmRjNmJiNiZhZmZfc3ViPTUyNDYmbm9Gb3JjZUNvbmRpdGlvbj10cnVlJmFmZl9pZD0yMjYzOCZzb3VyY2U9Z2VuIiwiJGJyb3dzZXJfdmVyc2lvbiI6IDEyNiwiJHNjcmVlbl9oZWlnaHQiOiAxMjAwLCIkc2NyZWVuX3dpZHRoIjogMTYwMCwibXBfbGliIjogIndlYiIsIiRsaWJfdmVyc2lvbiI6ICIxLjAuMCIsImRpc3RpbmN0X2lkIjogIjE5MDUzOGNlYjU4N2I0LTAyYTEzOTdiODdlOGU2LTI2MDAxZjUxLTFkNGMwMC0xOTA1MzhjZWI1YTZjYyIsIiRpbml0aWFsX3JlZmVycmVyIjogIiRkaXJlY3QiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJtcF9wYWdlIjogImh0dHBzOi8vd3d3LnByaXZhdGVpbnRlcm5ldGFjY2Vzcy5jb20vb2ZmZXIvYmVzdD9jb3Vwb249MlkyTSZhZmZfY2xpY2tfaWQ9MTAyNDMwMTZmNjRhZjI2ZTA5NDQ1MjJiZGM2YmI2JmFmZl9zdWI9NTI0NiZub0ZvcmNlQ29uZGl0aW9uPXRydWUmYWZmX2lkPTIyNjM4JnNvdXJjZT1nZW4iLCJtcF9icm93c2VyIjogIkNocm9tZSIsIm1wX3BsYXRmb3JtIjogIldpbmRvd3MiLCJ0b2tlbiI6ICJVSEpwZG1GMFpTQkpiblJsY201bGRDQkJZMk5sYzNNPSJ9fQ%3D%3D&ip=1&_=1719388662626
Requested by
Host: lplandmedia.supreme.tools
URL: https://lplandmedia.supreme.tools/scripts/alooma-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.55.107.35 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
ddac080d809de7b1c2155d049ddb61669d094b0dd9e430a88a3f5f3e20462e89
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-powered-by
Express
etag
W/"25-gVIY72+Fb3As5bt9jt3TAhX3JGY"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.privateinternetaccess.com
access-control-allow-credentials
true
content-length
37
right-enabled.svg
s3-eu-west-1.amazonaws.com/lplandmedia.supreme.tools/privateland/landing-pages/best/why-opt/
845 B
1 KB
Image
General
Full URL
https://s3-eu-west-1.amazonaws.com/lplandmedia.supreme.tools/privateland/landing-pages/best/why-opt/right-enabled.svg
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.92.20.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b83588d8211aa8da1fb2f993db71e28b5e39e6772def78dd1c805e76298234f1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.privateinternetaccess.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 07:57:43 GMT
x-amz-version-id
O1jrTs.cfH92Kd5nECAMJ2mAuph08ZMe
Last-Modified
Mon, 17 Jun 2024 13:15:26 GMT
Server
AmazonS3
x-amz-request-id
XJJF1FQBSJZV6QVT
ETag
"7838015db4b4a7634bf7eb8e4e196c92"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
845
x-amz-id-2
gOD3pju0tA6ekgrkRjkmQAD0EhqGAhU3czbzYoSwWp0J/wDZFYtoGnnpVpdDE2fV5Uf3QTTnPhA=
left-enabled.svg
s3-eu-west-1.amazonaws.com/lplandmedia.supreme.tools/privateland/landing-pages/best/why-opt/
945 B
1 KB
Image
General
Full URL
https://s3-eu-west-1.amazonaws.com/lplandmedia.supreme.tools/privateland/landing-pages/best/why-opt/left-enabled.svg
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.92.20.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0fd967164524ebe8c0ffd96573d9b80c4f4e7674fd9e28edbfc01e9af1752f96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.privateinternetaccess.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 07:57:43 GMT
x-amz-version-id
LMkMmNg1ql4JcvaWbExRMRi9r.01CUvF
Last-Modified
Mon, 17 Jun 2024 13:15:25 GMT
Server
AmazonS3
x-amz-request-id
XJJ0T95F0RNZT8BC
ETag
"206231000a79a5de8406dde27fb10c0f"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
945
x-amz-id-2
+wppu35VUOyXMG1c8ZKitLe/u4uhJB/hYYNYapS54n3JR4qXbG9bZpPaheuje9HWlquXA7+/1N0=
BalooTamma2-SemiBold.woff2
s3-eu-west-1.amazonaws.com/lplandmedia.supreme.tools/privateland/fonts/BalooTamma2/
137 KB
137 KB
Font
General
Full URL
https://s3-eu-west-1.amazonaws.com/lplandmedia.supreme.tools/privateland/fonts/BalooTamma2/BalooTamma2-SemiBold.woff2
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.92.20.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0042b39f17016ced3c706b3239483b7b2350efc5c8b9aaf93422ff1f3f40cd0a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.privateinternetaccess.com/
Origin
https://www.privateinternetaccess.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 07:57:43 GMT
x-amz-version-id
HcW_KesI.IVg1VrSPy9K6wf3yD4_e7Ss
Last-Modified
Mon, 14 Jun 2021 08:26:22 GMT
Server
AmazonS3
x-amz-request-id
XJJDPPVCBXDAXE8T
ETag
"3998fe0bd286c51cb4028bd96cb4af81"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Length
140232
x-amz-id-2
k8VSCk9VyYzaJbF6broJ/KeL+089Newg5cV2jpTECv/nOLxnLjVl+gob4NGcfZEL86gtgZ5kRHY=
baloo-tamma-2-v2-latin-regular-D5DjQtQC.woff2
assets.cyberghostvpn.com/dist/fonts/
26 KB
27 KB
Font
General
Full URL
https://assets.cyberghostvpn.com/dist/fonts/baloo-tamma-2-v2-latin-regular-D5DjQtQC.woff2
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.0.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fb92dda108173f231da629cb244f327692909bd3d10987c52c09b9486d73272

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.privateinternetaccess.com/
Origin
https://www.privateinternetaccess.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
wIwo47CYcLInIFhhQEMB6oxyQfNJDhQW
cf-cache-status
HIT
x-amz-request-id
P4BBE37XDDBJSA33
age
4434
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
26800
x-amz-id-2
boAborHRnMnNqKkiBEJkPHheOXWs2d+8/uNgOCOu03DhmE6eKqQ1C2rgjE6XtCxOG41rNpNfv1n9XX5Nb3ndIyKxTItBTd/S
last-modified
Thu, 20 Jun 2024 08:56:45 GMT
server
cloudflare
etag
"ed110c63f2108f645c07e850957d3052"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
899ba5e6ddd465d3-FRA
expires
Thu, 26 Jun 2025 07:57:42 GMT
baloo-tamma-2-v2-latin-500-Ds7bax5B.woff2
assets.cyberghostvpn.com/dist/fonts/
26 KB
27 KB
Font
General
Full URL
https://assets.cyberghostvpn.com/dist/fonts/baloo-tamma-2-v2-latin-500-Ds7bax5B.woff2
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.0.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9596c49497f1d334c467fa9d6bde8f2aa3e05f72ae6aeec4db7b6c45704889da

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.privateinternetaccess.com/
Origin
https://www.privateinternetaccess.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
tfGvSrfqM2IifHI.MSRgrzI97J0ygPHO
cf-cache-status
HIT
x-amz-request-id
P471FJHTWJEJ3KM8
age
4434
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
27072
x-amz-id-2
JVZBXwOxixFUnf1D86ZGCpF2or69AnkhQ0XbPmlQdhLuHyBTYdvrkCtH/7WlG2SmwREoZv4/WWY=
last-modified
Thu, 06 Jun 2024 11:04:28 GMT
server
cloudflare
etag
"b261b5155c8cfcca32f1cbc270a5dace"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
899ba5e6ddd165d3-FRA
expires
Thu, 26 Jun 2025 07:57:42 GMT
baloo-tamma-2-v2-latin-600-ChTzULYr.woff2
assets.cyberghostvpn.com/dist/fonts/
27 KB
28 KB
Font
General
Full URL
https://assets.cyberghostvpn.com/dist/fonts/baloo-tamma-2-v2-latin-600-ChTzULYr.woff2
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.0.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
896c08e4b8cba9335b9ccce3a76a954b0ccc579004ee0067df717e7d948f9ba6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.privateinternetaccess.com/
Origin
https://www.privateinternetaccess.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:42 GMT
x-amz-version-id
lsjcJUkqPI5PlnDoHMSYErfOpsSLmw11
cf-cache-status
HIT
x-amz-request-id
P47A8Y05P9V3GTEN
age
4434
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
27672
x-amz-id-2
dwxzwO3EnRtZ9a+D6N/IrxXOAlPF1QNKN2nNFXnnOd5UfXJs2HIKenB96NBSh3H5gDwq13K6Ocw=
last-modified
Thu, 06 Jun 2024 11:04:28 GMT
server
cloudflare
etag
"253788680d352b84ea419c57a658379f"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
899ba5e6ddcf65d3-FRA
expires
Thu, 26 Jun 2025 07:57:42 GMT
js
www.googletagmanager.com/gtag/
353 KB
106 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CP12RMHK09&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26585402-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f323ccf7437face1661afb3763b673906b3ce06c03bc7973a0e86742b289ac19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
108507
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 26 Jun 2024 07:57:43 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26585402-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 26 Jun 2024 06:29:07 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5316
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 26 Jun 2024 08:29:07 GMT
0.usercentrics.js
s3.eu-west-1.amazonaws.com/assets-cms.privateinternetaccess.com/js/cookie-consent/desktop/
213 KB
214 KB
Script
General
Full URL
https://s3.eu-west-1.amazonaws.com/assets-cms.privateinternetaccess.com/js/cookie-consent/desktop/0.usercentrics.js
Requested by
Host: s3.eu-west-1.amazonaws.com
URL: https://s3.eu-west-1.amazonaws.com/assets-cms.privateinternetaccess.com/js/cookie-consent/desktop/usercentrics.js
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.218.91.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ec4b3914b698cfda4274f07db9663ce172e088d0a4fee1bcc2c46304ae630d1f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 07:57:44 GMT
x-amz-version-id
4vwee4C_D6xCQXuwbFY6KSceV2TZ7jmU
Last-Modified
Wed, 19 Jun 2024 12:23:46 GMT
Server
AmazonS3
x-amz-request-id
GHZAB4CA1GXEB0GB
ETag
"a702750ca785236e3e10f688311223d0"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
218333
x-amz-id-2
/TfRVKELvsV0BwmuVTCWXdhhExnRTwEjFjHIdXE9El3AzF4+4C1XS30Q4bvVreeRQg+Bo/AR364=
web-widget-main-67c35ac.js
static.zdassets.com/web_widget/messenger/latest/ Frame 5455
466 KB
143 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-67c35ac.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=ca62a9b8-af87-471f-b92b-16306ac7cc3f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df3442982a2802fbd2ff9af5791efaaed5e7547e92d8b7c8a87a548af5e7b646
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:43 GMT
x-amz-version-id
ezAjB0k3wqJKTsxVNeX4PL.m4o.reOlk
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
3YZHRVTXYNW1JF51
age
128880
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
8gmQgMMF5M4jXVxARcek0wpezHt3LWf5SZK58qEcificCpJw7L+AWs8hEaSYL2e7J0fXXZAVe8Q=
last-modified
Tue, 18 Jun 2024 12:04:04 GMT
server
cloudflare
etag
W/"3a35ddf83ef1d75c127252e29d81bab1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oPYeOpDFhuXK%2F8DYUQT2uW%2BZwmWivFRRQSQDyCyCINk%2F0GytJqVKp59y7q8Zs1x%2Bf58eeGgzYBJEw6VRVflbKYgpbPjo5Oh7R9ZVbze17pXPj6KeqE3n6e7V1fNa0XG17lGxV9g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
899ba5eb6ac8bf20-WAW
access-control-allow-headers
*
expires
Wed, 18 Jun 2025 12:04:02 GMT
main.js
www.privateinternetaccess.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/ Frame BF65
Redirect Chain
  • https://www.privateinternetaccess.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.privateinternetaccess.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
8 KB
4 KB
Script
General
Full URL
https://www.privateinternetaccess.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Server
104.18.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b93ebffdf1ec1c10723e77fd4d97e4a93a2cfcdd662c9697fce0884d49325a93
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 26 Jun 2024 07:57:43 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
899ba5ec8e13aca9-TXL
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 26 Jun 2024 07:57:43 GMT
strict-transport-security
max-age=15552000; includeSubDomains
server
cloudflare
vary
Accept-Encoding
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
899ba5eb6bb8aca9-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/
1 B
216 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=202292119&t=pageview&_s=1&dl=https%3A%2F%2Fwww.privateinternetaccess.com%2Foffer%2Fbest%3Fcoupon%3D2Y2M%26aff_click_id%3D10243016f64af26e0944522bdc6bb6%26aff_sub%3D5246%26noForceCondition%3Dtrue%26aff_id%3D22638%26source%3Dgen&ul=de-de&de=UTF-8&dt=Private%20Internet%20Access%20%7C%20Anonymous%20VPN%20Service%20Provider&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1883401738&gjid=1668922430&cid=921804540.1719388664&tid=UA-26585402-1&_gid=1899523549.1719388664&_r=1&gtm=457e46o1za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=1856155964
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:57:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.privateinternetaccess.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-CP12RMHK09&gtm=45je46o1v882146680za200&_p=1719388662451&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=921804540.1719388664&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1719388663&sct=1&seg=0&dl=https%3A%2F%2Fwww.privateinternetaccess.com%2Foffer%2Fbest%3Fcoupon%3D2Y2M%26aff_click_id%3D10243016f64af26e0944522bdc6bb6%26aff_sub%3D5246%26noForceCondition%3Dtrue%26aff_id%3D22638%26source%3Dgen&dt=Private%20Internet%20Access%20%7C%20Anonymous%20VPN%20Service%20Provider&en=page_view&_fv=1&_ss=1&tfd=8164&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CP12RMHK09&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:57:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.privateinternetaccess.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
255 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CP12RMHK09&cid=921804540.1719388664&gtm=45je46o1v882146680za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CP12RMHK09&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:57:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.privateinternetaccess.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CP12RMHK09&cid=921804540.1719388664&gtm=45je46o1v882146680za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=744077524
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:57:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
languages.json
api.usercentrics.eu/settings/MPjVzXNil/latest/ Frame
0
0
Preflight
General
Full URL
https://api.usercentrics.eu/settings/MPjVzXNil/latest/languages.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.privateinternetaccess.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 26 Jun 2024 07:57:44 GMT
expires
Wed, 26 Jun 2024 07:57:44 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
DE,DEBY
x-guploader-uploadid
ACJd0NqfQiS4X1EdN-ZBddFeHp4gyHA6BVE9Dz0TC9XTI3ckXTnoqk4kxnGjee7lcvt9D2h92A
languages.json
api.usercentrics.eu/settings/MPjVzXNil/latest/
336 B
669 B
Fetch
General
Full URL
https://api.usercentrics.eu/settings/MPjVzXNil/latest/languages.json
Requested by
Host: s3.eu-west-1.amazonaws.com
URL: https://s3.eu-west-1.amazonaws.com/assets-cms.privateinternetaccess.com/js/cookie-consent/desktop/usercentrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9eb41151162df45fc4165fb69da9fb64e506fbd8f28c897e07aacecf884d711b
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 26 Jun 2024 07:57:44 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
0
x-client-geo-location
DE,DEBY
x-guploader-uploadid
ACJd0Nq-aXjvFwnXsOjSxfPU5lwuMEOg9dtInXPRCYnyojqcW5Auj_UX38hSKNab3zjYIfryKQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143
last-modified
Thu, 20 Jun 2024 06:20:02 GMT
server
UploadServer
etag
"229d8087a3b02b973de3f74345bbf72a"
vary
Accept-Encoding
x-goog-generation
1718864402131887
x-goog-hash
crc32c=/1Dtbg==, md5=Ip2Ah6OwK5c94/dDRbv3Kg==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=60
x-goog-stored-content-length
143
accept-ranges
bytes
content-type
application/json
expires
Wed, 26 Jun 2024 07:58:44 GMT
en-us-json-67c35ac.js
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 5455
20 KB
4 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-67c35ac.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-67c35ac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cf2a49af363df5bd71810d0563a98f40dd311f3cc4fa803ad568bc2e064d893
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:44 GMT
x-amz-version-id
4trfKxavXJB3vXVXSVn5tCELN5piGtTn
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
9YW761SVGRK5KYYV
age
669582
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
oAIEUu+JQcDV39xf3LtWk6cCsxJh6u2qrXC7Gibr9PA/OrxzyEVb7+EKXxnujlsPNUZnHhCNYSifJGRqQYDBi8+Ukienj7TF
last-modified
Tue, 18 Jun 2024 12:04:05 GMT
server
cloudflare
etag
W/"8f0c2ab0bd14e9e847312f7e99adb66d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Az0EeNQgHVB6PC1uObhS9q4lKdv8kdu8FWSITt4VUqaRrrICG6t47I74n8nP5AyRJc2LD0YOLsj1i%2BjUU4F52KXUhrnpb2FeR%2FO3vPIjCziBnSDqPgz9nCoTxd2hJkqhCHIiATA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
899ba5eeae91bf20-WAW
access-control-allow-headers
*
expires
Wed, 18 Jun 2025 12:04:04 GMT
web-widget-4852-67c35ac.js
static.zdassets.com/web_widget/messenger/latest/ Frame 5455
139 KB
47 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-67c35ac.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-67c35ac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
356c4544c456b989861d78d9cb42a8e8625171a6eec736fa2f5424601d985a42
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:44 GMT
x-amz-version-id
QZp0pqgwgOLAm66wA3VQ9gVEz8Ybtsiv
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
3YZV4P9Q4NHX770P
age
669585
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
R3WfFqrMVnwOkGF0iQxvHxfYsUak4jC1lpPsLQMLwOD9bPilBWCHEdmwEnOZzzAOamIJVw3IKLLPuxnAuv4MZg==
last-modified
Tue, 18 Jun 2024 12:04:03 GMT
server
cloudflare
etag
W/"40fb729956c4a956df4256614af4b393"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=crPr9J7GTZYPcmH9B9CrnzRQOaNW8cJ8wxJ4cyGvERPZcYe7Ck96WPW6GasjsrbZtSiYLBIVKo0Hg2BDUORPAtNd%2FcPKWXHOUGF84%2FG4vj2VNx2D6lXVP0wxIsXsnF2d0yzD7Z8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
899ba5eeae93bf20-WAW
access-control-allow-headers
*
expires
Wed, 18 Jun 2025 12:04:02 GMT
web-widget-9527-67c35ac.js
static.zdassets.com/web_widget/messenger/latest/ Frame 5455
29 KB
11 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-9527-67c35ac.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-67c35ac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ad71bb2996ac89c0922d74c03405115600a0e9108c738f101c8b06e4dd59f62
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:44 GMT
x-amz-version-id
YC.iV1Qc7b4qsSKn3k4whrbCNm5VQ30p
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
3YZKD0QF64C110BK
age
669585
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
4aiWw0dsM8t6qDNVBDJeOZSJesH63mQAw2uGlpPgOfbFqWRW+lqDsOlY89p9kLlbh1UeNuy2WNI=
last-modified
Tue, 18 Jun 2024 12:04:04 GMT
server
cloudflare
etag
W/"083d4fe56f4013855997ad6d21392f69"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mlvbrPWzzuo3Rjvr1p15Ns%2BNEX6etLYxQpCOKNNvyipo7PLPvWRhK37ruZGvjThdDP%2BLNPnI5YwwJBu%2BvpEzzV3Jt4kiiZYxyDKgCPa4RXkgWAM6Q%2FbryL1z%2B%2FUSRYzIq9NlM1I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
899ba5eeae96bf20-WAW
access-control-allow-headers
*
expires
Wed, 18 Jun 2025 12:04:02 GMT
web-widget-2306-67c35ac.js
static.zdassets.com/web_widget/messenger/latest/ Frame 5455
14 KB
4 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-2306-67c35ac.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-67c35ac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd80c58cfa802442b76296864d6351cbd2018e97519701cf64c989ecb9ec94f9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:44 GMT
x-amz-version-id
0BlqScfhLkZs1UurnZbnaTRhBffbySzn
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
3YZVTW6W5JCBP52M
age
669585
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
H6e621JF2AeFn8udikW7C+4gi1O/at3B3doJo6bKqGnPZVds+4AJZOR7Q1EbbRYU3HVKbFE1KtE=
last-modified
Tue, 18 Jun 2024 12:04:03 GMT
server
cloudflare
etag
W/"1b2c14135523982db180c989ec11c5cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nbKWIxgrR9Q%2FNBGuBAn8SLIbblbuMX5J5%2Bapcg4%2BsZCZTFcP02c43dwBqANgbii5AjiFjuKFPtYyfdlbVRhCkkU4oe7l2VhKuLzX5FOFYSiYhTuXk2JEN%2FhnSHgZUA8dbWdiuoQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
899ba5eebea1bf20-WAW
access-control-allow-headers
*
expires
Wed, 18 Jun 2025 12:04:02 GMT
web-widget-5178-67c35ac.js
static.zdassets.com/web_widget/messenger/latest/ Frame 5455
12 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-67c35ac.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-67c35ac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8ff59d329d21518b345f0932febb24febe12b0143d9f56c31676c9bc5db2459
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:44 GMT
x-amz-version-id
9clausNQsztvaXCilP4kz8ueMZ3QN1_Z
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
3YZY8E844SBKPNEJ
age
669585
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
N2wzvotxmwEWYlumgmSZh57m654INoEArODDxg2X9YQ4TBUNLMaUARNfznmaFNUenCaM8XAR15sw9Y/x+ojm3g==
last-modified
Tue, 18 Jun 2024 12:04:03 GMT
server
cloudflare
etag
W/"7ea6a03ae546d28215fb61ff43d384ab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=daxGN%2BguK2DzN57Oe%2BSZIFX9%2FG9RYKtDZ9J8hrI3F25N3Go9lvKh5%2BeMAx%2BcXxJROq7d4KvvUbX8zEi7sUfuXIptixqPwtR6D0LFuAJTP%2BDIXiRJREVYcZ0DEDLbm4UYb0Z6EKw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
899ba5eebea6bf20-WAW
access-control-allow-headers
*
expires
Wed, 18 Jun 2025 12:04:02 GMT
web-widget-9535-67c35ac.js
static.zdassets.com/web_widget/messenger/latest/ Frame 5455
15 KB
6 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-67c35ac.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-67c35ac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2533c8e2ab843fab73ebf949f41959aa93a9376019e8d9ec57fb79fdcfdd980
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:44 GMT
x-amz-version-id
R7BknJZOYNKRj1KPNatcq__rEfB6aKOB
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
3YZZPGYVWCPCAG69
age
669585
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
Fi7br1VBbR4qyipQrdKdDbKB9sYgkyqu4AbtAYxFoZH40UmRf1YJIO2IZjCVhBA4DJTLXiK3ezQ=
last-modified
Tue, 18 Jun 2024 12:04:04 GMT
server
cloudflare
etag
W/"9fcec5882e8ed5ae7af4c4a36c84ba05"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X8JmaDvyVfYegH2dn9jIRh4iVJfGG0Fe8EHY6jTJEJ44nNRlpnF8DAmLsMpjyphtfBsSx%2BPrcSfBWs6NowkoPtV1sBqSZC9eRQYs4l1iRKw2Mac%2BUsCTqc3NqTBIzhYCHQuHDHM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
899ba5eebea9bf20-WAW
access-control-allow-headers
*
expires
Wed, 18 Jun 2025 12:04:02 GMT
899ba5dcdd44aca9
www.privateinternetaccess.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame BF65
0
450 B
XHR
General
Full URL
https://www.privateinternetaccess.com/cdn-cgi/challenge-platform/h/b/jsd/r/899ba5dcdd44aca9
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 26 Jun 2024 07:57:44 GMT
strict-transport-security
max-age=15552000; includeSubDomains
server
cloudflare
cf-ray
899ba5efedcdaca9-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain; charset=UTF-8
/
kapetracking.com/jssdk/track/
37 B
311 B
XHR
General
Full URL
https://kapetracking.com/jssdk/track/?data=eyJldmVudCI6ICJwYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRjdXJyZW50X3VybCI6ICJodHRwczovL3d3dy5wcml2YXRlaW50ZXJuZXRhY2Nlc3MuY29tL29mZmVyL2Jlc3Q%2FY291cG9uPTJZMk0mYWZmX2NsaWNrX2lkPTEwMjQzMDE2ZjY0YWYyNmUwOTQ0NTIyYmRjNmJiNiZhZmZfc3ViPTUyNDYmbm9Gb3JjZUNvbmRpdGlvbj10cnVlJmFmZl9pZD0yMjYzOCZzb3VyY2U9Z2VuIiwiJGJyb3dzZXJfdmVyc2lvbiI6IDEyNiwiJHNjcmVlbl9oZWlnaHQiOiAxMjAwLCIkc2NyZWVuX3dpZHRoIjogMTYwMCwibXBfbGliIjogIndlYiIsIiRsaWJfdmVyc2lvbiI6ICIxLjAuMCIsImRpc3RpbmN0X2lkIjogIjE5MDUzOGNlYjU4N2I0LTAyYTEzOTdiODdlOGU2LTI2MDAxZjUxLTFkNGMwMC0xOTA1MzhjZWI1YTZjYyIsIiRpbml0aWFsX3JlZmVycmVyIjogIiRkaXJlY3QiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJsYW5nIjogImVuIiwicGFnZV92aWV3X2lkIjogIjN8cF9HWEgwOFZTOTNLNkE4VjdaQU8iLCJzcGxpdEN1cnJlbnRVcmwiOiB7Imhvc3QiOiAiaHR0cHM6Ly93d3cucHJpdmF0ZWludGVybmV0YWNjZXNzLmNvbS9vZmZlci9iZXN0IiwicGFyYW1zIjogeyJjb3Vwb24iOiAiMlkyTSIsImFmZl9jbGlja19pZCI6ICIxMDI0MzAxNmY2NGFmMjZlMDk0NDUyMmJkYzZiYjYiLCJhZmZfc3ViIjogIjUyNDYiLCJub0ZvcmNlQ29uZGl0aW9uIjogInRydWUiLCJhZmZfaWQiOiAiMjI2MzgiLCJzb3VyY2UiOiAiZ2VuIiwiYWZmX3N1YjQiOiAiMlkyTSJ9fSwiaWQiOiAiMTQ2NiIsImlkX2VuIjogIiIsInRva2VuIjogIlVISnBkbUYwWlNCSmJuUmxjbTVsZENCQlkyTmxjM009In19&ip=1&_=1719388664301
Requested by
Host: lplandmedia.supreme.tools
URL: https://lplandmedia.supreme.tools/scripts/alooma-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.55.107.35 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
098113b914f3058accc533c345af25d1fafd1401a6942e990674d48632b32f7f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-powered-by
Express
etag
W/"25-SvY3moqXzUV02fJ0c+XnIZyj784"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.privateinternetaccess.com
access-control-allow-credentials
true
content-length
37
/
kapetracking.com/jssdk/track/
37 B
309 B
XHR
General
Full URL
https://kapetracking.com/jssdk/track/?data=eyJldmVudCI6ICJleHBlcmltZW50X3N0YXJ0ZWQiLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRjdXJyZW50X3VybCI6ICJodHRwczovL3d3dy5wcml2YXRlaW50ZXJuZXRhY2Nlc3MuY29tL29mZmVyL2Jlc3Q%2FY291cG9uPTJZMk0mYWZmX2NsaWNrX2lkPTEwMjQzMDE2ZjY0YWYyNmUwOTQ0NTIyYmRjNmJiNiZhZmZfc3ViPTUyNDYmbm9Gb3JjZUNvbmRpdGlvbj10cnVlJmFmZl9pZD0yMjYzOCZzb3VyY2U9Z2VuIiwiJGJyb3dzZXJfdmVyc2lvbiI6IDEyNiwiJHNjcmVlbl9oZWlnaHQiOiAxMjAwLCIkc2NyZWVuX3dpZHRoIjogMTYwMCwibXBfbGliIjogIndlYiIsIiRsaWJfdmVyc2lvbiI6ICIxLjAuMCIsImRpc3RpbmN0X2lkIjogIjE5MDUzOGNlYjU4N2I0LTAyYTEzOTdiODdlOGU2LTI2MDAxZjUxLTFkNGMwMC0xOTA1MzhjZWI1YTZjYyIsIiRpbml0aWFsX3JlZmVycmVyIjogIiRkaXJlY3QiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJwYWdlX3ZpZXdfaWQiOiAiM3xwX0dYSDA4VlM5M0s2QThWN1pBTyIsImxhbmciOiAiZW4iLCJzcGxpdEN1cnJlbnRVcmwiOiB7Imhvc3QiOiAiaHR0cHM6Ly93d3cucHJpdmF0ZWludGVybmV0YWNjZXNzLmNvbS9vZmZlci9iZXN0IiwicGFyYW1zIjogeyJjb3Vwb24iOiAiMlkyTSIsImFmZl9jbGlja19pZCI6ICIxMDI0MzAxNmY2NGFmMjZlMDk0NDUyMmJkYzZiYjYiLCJhZmZfc3ViIjogIjUyNDYiLCJub0ZvcmNlQ29uZGl0aW9uIjogInRydWUiLCJhZmZfaWQiOiAiMjI2MzgiLCJzb3VyY2UiOiAiZ2VuIiwiYWZmX3N1YjQiOiAiMlkyTSJ9fSwiZXhwZXJpbWVudElEIjogImJzdGNudG50IiwiZXhwZXJpbWVudE5hbWUiOiAiYnN0Y250bnQiLCJjaG9zZW5WYXJpYXRpb24iOiAidmFyaWF0aW9uX2JzdGNudG50IiwidG9rZW4iOiAiVUhKcGRtRjBaU0JKYm5SbGNtNWxkQ0JCWTJObGMzTT0ifX0%3D&ip=1&_=1719388664304
Requested by
Host: lplandmedia.supreme.tools
URL: https://lplandmedia.supreme.tools/scripts/alooma-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.55.107.35 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
e581ec32162a0e6901452d088502555c47fa6ee1ecde8649e6f19a4d16672538
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-powered-by
Express
etag
W/"25-oKGe/erVqiBMtWNvN0GetQavi4Y"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.privateinternetaccess.com
access-control-allow-credentials
true
content-length
37
rum
www.privateinternetaccess.com/cdn-cgi/
0
151 B
XHR
General
Full URL
https://www.privateinternetaccess.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 26 Jun 2024 07:57:44 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.privateinternetaccess.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
899ba5f09f68aca9-TXL
pv
piavpnsupport.zendesk.com/frontendevents/ Frame 5455
0
0
Fetch
General
Full URL
https://piavpnsupport.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-67c35ac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 26 Jun 2024 07:57:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Zx8N3F2Wuxq6oECiTlpcQ%2BdgqxofBuDkANZVRE6tbsbO%2B1bbxhTvzt2GdAvc5qBnFS6DVKalqstqIQKIyLcmoZynTJ%2BRjP5QRd%2Bnj7Lv%2F91USrHZnAmAyK%2F%2BGGr6AfqW%2FQdRd4brpdw7UM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
899ba5f50dcfbf28-WAW
content-length
0
x-request-id
899ba5f50dcfbf28-WAW
config
piavpnsupport.zendesk.com/embeddable/ Frame 5455
865 B
1 KB
Fetch
General
Full URL
https://piavpnsupport.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-67c35ac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ba7f0b86ddfca1d83fb4297256bca0c37de06273b2ff54ddd0974485525ae38

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
11
x-zendesk-origin-server
embeddable-app-server-7547d45677-2v6wb
x-cached
MISS
x-runtime
0.002557
last-modified
Wed, 26 Jun 2024 07:57:33 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c8KgDRU4EzOc3HIKiuA6%2Frt%2Bv1RG5h5YOtohFAjGeLqLa4qatwxBuqtCYRrdXreOIaBgEDx8JYhJGQ7LUfevbqZnMkBsPl%2B3HGaK%2BXct6%2BD8fGcq37U7CeNAlqnBLFrOTcJgbhFa5Dao3X8%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
899ba5f1c985bf28-WAW
en.json
api.usercentrics.eu/settings/MPjVzXNil/latest/
25 KB
7 KB
Fetch
General
Full URL
https://api.usercentrics.eu/settings/MPjVzXNil/latest/en.json
Requested by
Host: s3.eu-west-1.amazonaws.com
URL: https://s3.eu-west-1.amazonaws.com/assets-cms.privateinternetaccess.com/js/cookie-consent/desktop/usercentrics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f157f29e105984cdb1f06c2cee12168394848700ccc7d01283b0bcb0001beb08
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 26 Jun 2024 07:57:44 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
0
x-client-geo-location
DE,DEMV
x-guploader-uploadid
ACJd0NoAEvQQ4KQCm4og6vzpNwiyVC33Ps6I6ob3bdCQUq13Wvf_kbTm7AWo-aWaBmGfAIIUQIc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7430
last-modified
Thu, 20 Jun 2024 06:20:01 GMT
server
UploadServer
etag
"97cd69a42b99468e53329924ca439db9"
vary
Accept-Encoding
x-goog-generation
1718864401517342
x-goog-hash
crc32c=kkXdOw==, md5=l81ppCuZRo5TMpkkykOduQ==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=60
x-goog-stored-content-length
7430
accept-ranges
bytes
content-type
application/json
expires
Wed, 26 Jun 2024 07:58:44 GMT
pv
piavpnsupport.zendesk.com/frontendevents/ Frame
0
0
Preflight
General
Full URL
https://piavpnsupport.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.privateinternetaccess.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
899ba5f1c987bf28-WAW
date
Wed, 26 Jun 2024 07:57:45 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FK7KTxbYwMlJjsoARiTE8mUEBfTtIPtQwGaZhrno%2BPZG6taEXZHgVRtbSAKEb5AUgUIWW5HTGbdJ%2FL3t%2BPKRhtR8LNqHmOTo9uIhmHYEGG6XUM2ei0V58ZyVNSR21GQJ4f6jmEQPzXh%2BsTQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-request-id
899ba5f1c987bf28-WAW
x-zendesk-zorg
yes
en.json
api.usercentrics.eu/settings/MPjVzXNil/latest/ Frame
0
0
Preflight
General
Full URL
https://api.usercentrics.eu/settings/MPjVzXNil/latest/en.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.privateinternetaccess.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 26 Jun 2024 07:57:44 GMT
expires
Wed, 26 Jun 2024 07:57:44 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
DE,DEMV
x-guploader-uploadid
ACJd0NpRUGme50hcQ5-ZzfhUYuOxKhNXF6baQ9AaaBb53IPfs4lYXB8cPnnAJFvQMIVaqiB-gaw
favicon.png
www.privateinternetaccess.com/offer/
644 B
923 B
Other
General
Full URL
https://www.privateinternetaccess.com/offer/favicon.png?v2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
742346452526571fed80963abd99da7cf380807f25ae2a2a561fae0895cd1c20
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:44 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
age
2896458
cf-polished
origFmt=png, origSize=1105
content-disposition
inline; filename="favicon.webp"
alt-svc
h3=":443"; ma=86400
content-length
644
cf-bgj
imgq:85,h2pri
last-modified
Thu, 16 May 2024 09:19:55 GMT
server
cloudflare
etag
W/"451-18f80b37278"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
899ba5f17981aca9-TXL
1px.png
app.usercentrics.eu/session/
489 B
1013 B
Image
General
Full URL
https://app.usercentrics.eu/session/1px.png?settingsId=MPjVzXNil
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:41:40 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
964
x-guploader-uploadid
ACJd0Npa9JzqIjmoz4Q9aC1Wr9xTjdaOC8dVTbxROstAq2wbTTBZF8deYxp8AhWJfwL9o_InTw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
522
last-modified
Fri, 08 May 2020 09:06:13 GMT
server
UploadServer
etag
"3702ada73b8951017b8451cbd6a96523"
x-goog-generation
1588928773413784
x-goog-hash
crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
content-type
image/png
cache-control
public,max-age=1800,no-transform
x-goog-stored-content-length
522
accept-ranges
bytes
expires
Wed, 26 Jun 2024 08:11:40 GMT
en
aggregator.service.usercentrics.eu/aggregate/
43 KB
7 KB
Fetch
General
Full URL
https://aggregator.service.usercentrics.eu/aggregate/en?templates=8eIqa_sKr@8.1.1,BJ59EidsWQ@25.7.28,H1Vl5NidjWX@40.17.44,HkF9Eo_jbX@10.2.5,HkIVcNiuoZX@6.3.4,HkocEodjb7@52.11.41,S1_9Vsuj-Q@15.7.22,Sy7BcNo_ib7@4.2.4,UZNkucjJ7sFTDD@1.0.4,ZvGdwtkk1x3HFI@1.1.2,ry3w9Vo_oZ7@7.5.6
Requested by
Host: s3.eu-west-1.amazonaws.com
URL: https://s3.eu-west-1.amazonaws.com/assets-cms.privateinternetaccess.com/js/cookie-consent/desktop/usercentrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:256b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
cec03fbf54a8d669bc8ce7b5e55837c46ca6198d634a6e192f1842b59d40123a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 10 Jun 2024 07:54:22 GMT
content-encoding
br
via
1.1 google
server
Google Frontend
age
1382603
etag
"1jx4qhl"
vary
Accept-Encoding, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=2592000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6658
en
aggregator.service.usercentrics.eu/aggregate/ Frame
0
0
Preflight
General
Full URL
https://aggregator.service.usercentrics.eu/aggregate/en?templates=8eIqa_sKr@8.1.1,BJ59EidsWQ@25.7.28,H1Vl5NidjWX@40.17.44,HkF9Eo_jbX@10.2.5,HkIVcNiuoZX@6.3.4,HkocEodjb7@52.11.41,S1_9Vsuj-Q@15.7.22,Sy7BcNo_ib7@4.2.4,UZNkucjJ7sFTDD@1.0.4,ZvGdwtkk1x3HFI@1.1.2,ry3w9Vo_oZ7@7.5.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:256b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.privateinternetaccess.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 26 Jun 2024 07:57:44 GMT
server
Google Frontend
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
8226aa7ce5887f4565abc4b4fcdd7212
translations-en.json
api.usercentrics.eu/translations/
7 KB
2 KB
Fetch
General
Full URL
https://api.usercentrics.eu/translations/translations-en.json
Requested by
Host: s3.eu-west-1.amazonaws.com
URL: https://s3.eu-west-1.amazonaws.com/assets-cms.privateinternetaccess.com/js/cookie-consent/desktop/usercentrics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f15c1f9422cc0dc350befed6b60fe1be6d5d0328107eb7de59612a7c5e9d70ab
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 26 Jun 2024 05:08:00 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
10185
x-client-geo-location
DE,DEMV
x-guploader-uploadid
ACJd0NplS3i-lbE0m1zSKUDiUyQJxlTtIG6ROTocHvTEB3PD8Wsd9nFBR26wL-uYKBzdLvQNUdX812eZ-w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2384
last-modified
Thu, 06 Jun 2024 08:55:09 GMT
server
UploadServer
etag
"a0f233c9d1138af7de89e17b16a1f811"
vary
Accept-Encoding
x-goog-generation
1717664109592381
x-goog-hash
crc32c=6i8t0A==, md5=oPIzydETivfeieF7FqH4EQ==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400, s-maxage=86400
x-goog-stored-content-length
2384
accept-ranges
bytes
content-type
application/json
expires
Thu, 27 Jun 2024 05:08:00 GMT
translations-en.json
api.usercentrics.eu/translations/ Frame
0
0
Preflight
General
Full URL
https://api.usercentrics.eu/translations/translations-en.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.privateinternetaccess.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 26 Jun 2024 07:57:45 GMT
expires
Wed, 26 Jun 2024 07:57:45 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
DE,DEMV
x-guploader-uploadid
ACJd0Nrx8e1f_3sFKUITLAl6ntdpGSNhsy6rkxZeAYkn46QOZAbPrRXVJnLXlPLjKzVytTrWr2o
graphql
graphql.usercentrics.eu/
928 B
621 B
Fetch
General
Full URL
https://graphql.usercentrics.eu/graphql
Requested by
Host: s3.eu-west-1.amazonaws.com
URL: https://s3.eu-west-1.amazonaws.com/assets-cms.privateinternetaccess.com/js/cookie-consent/desktop/usercentrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7903:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/ Express
Resource Hash
7b54e1f29ea7ef92f5946a707b4f8a4ec85152cf90760a852a68cad3889f0658
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
Access-Control-Allow-Origin
*
Accept
application/json
Referer
X-Request-ID
c1398dc1-5aea-4db4-a4c0-12cd8afb3b5b
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:45 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=7776000
x-powered-by
Express
etag
W/"3a0-9cT8WhH16IwX491hyq5ZuhNByGo"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1.usercentrics.js
s3.eu-west-1.amazonaws.com/assets-cms.privateinternetaccess.com/js/cookie-consent/desktop/
48 KB
49 KB
Script
General
Full URL
https://s3.eu-west-1.amazonaws.com/assets-cms.privateinternetaccess.com/js/cookie-consent/desktop/1.usercentrics.js
Requested by
Host: s3.eu-west-1.amazonaws.com
URL: https://s3.eu-west-1.amazonaws.com/assets-cms.privateinternetaccess.com/js/cookie-consent/desktop/usercentrics.js
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.218.91.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
3de1c513078590865ae651b17085f04884a4cf6228301465219b45a90072777e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 07:57:46 GMT
x-amz-version-id
FET_q6Bo0.Ff4HFCGmc_xRTRSrnmWcFz
Last-Modified
Wed, 19 Jun 2024 12:23:46 GMT
Server
AmazonS3
x-amz-request-id
JV8B06XM4M7ARVHE
ETag
"b2eb3a21c15f48b7df599d7684d98388"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
49541
x-amz-id-2
3Ai0qdZu50Vzk4ihay4yszKm8BwWigDntLNiXTwIWzH8QFru1ckQl1VUSUhOVLLg/bYUNsgDzHY=
graphql
graphql.usercentrics.eu/ Frame
0
0
Preflight
General
Full URL
https://graphql.usercentrics.eu/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7903:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-request-id
Access-Control-Request-Method
POST
Origin
https://www.privateinternetaccess.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin,content-type,x-request-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 26 Jun 2024 07:57:45 GMT
strict-transport-security
max-age=7776000
vary
Access-Control-Request-Headers
via
1.1 google
x-powered-by
Express
elastic-post
www.privateinternetaccess.com/offer/
0
0
Fetch
General
Full URL
https://www.privateinternetaccess.com/offer/elastic-post
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 26 Jun 2024 07:57:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
server
cloudflare
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
x-download-options
noopen
cf-ray
899ba5f7bea5aca9-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
0
swiper.css
www.privateinternetaccess.com/offer/assets/styles/core/
13 KB
4 KB
Stylesheet
General
Full URL
https://www.privateinternetaccess.com/offer/assets/styles/core/swiper.css
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcfe496a5b7c920adac406084ed42f863908ed0db3fa0d6d219850a8ce14f54f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 19 Mar 2024 14:13:03 GMT
server
cloudflare
age
485223
cf-polished
origSize=13872
etag
W/"3630-18e570ef998"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
899ba5f7ff08aca9-TXL
alt-svc
h3=":443"; ma=86400
swiper.js
www.privateinternetaccess.com/offer/assets/scripts/core/carousel/
141 KB
38 KB
Script
General
Full URL
https://www.privateinternetaccess.com/offer/assets/scripts/core/carousel/swiper.js
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PIA
Resource Hash
e615c14354c18360a357120fee850734f18383fe49b6e303264e24cde3d7db93
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
age
4720595
cf-polished
origSize=144275
x-powered-by
PIA
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 26 Oct 2023 07:44:39 GMT
server
cloudflare
etag
W/"23393-18b6af14658"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-frame-options
SAMEORIGIN
cf-ray
899ba5f7ff0baca9-TXL
access-control-allow-headers
Content-Type, X-Requested-With
carousel-hp.js
www.privateinternetaccess.com/offer/assets/scripts/core/carousel/
378 B
544 B
Script
General
Full URL
https://www.privateinternetaccess.com/offer/assets/scripts/core/carousel/carousel-hp.js?v2
Requested by
Host: www.privateinternetaccess.com
URL: https://www.privateinternetaccess.com/offer/best?coupon=2Y2M&aff_click_id=10243016f64af26e0944522bdc6bb6&aff_sub=5246&noForceCondition=true&aff_id=22638&source=gen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PIA
Resource Hash
2d4922e970fe8a57922c7a0fa0f199f17336ff5d4a901814c2aa2fda47ae1e4b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:57:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
age
4709505
cf-polished
origSize=683
x-powered-by
PIA
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 24 Nov 2023 08:31:03 GMT
server
cloudflare
etag
W/"2ab-18c00742d58"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-frame-options
SAMEORIGIN
cf-ray
899ba5f87807aca9-TXL
access-control-allow-headers
Content-Type, X-Requested-With
truncated
/
2 KB
2 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f

Request headers

Referer
Origin
https://www.privateinternetaccess.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
left-disabled.svg
s3-eu-west-1.amazonaws.com/lplandmedia.supreme.tools/privateland/landing-pages/best/why-opt/
1 KB
1 KB
Image
General
Full URL
https://s3-eu-west-1.amazonaws.com/lplandmedia.supreme.tools/privateland/landing-pages/best/why-opt/left-disabled.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.92.20.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
65f04d2408c7061ed047965630557589970c17d1d93a8d0e733769e4bd62636e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.privateinternetaccess.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 07:57:46 GMT
x-amz-version-id
1bWp3aCJ.Ehv9Lb2R7qCJObOhgbn9hkP
Last-Modified
Mon, 17 Jun 2024 13:15:26 GMT
Server
AmazonS3
x-amz-request-id
JV832QD5ZR9HEQWT
ETag
"1023c84d7e9d8a64c9f4adf964e5687c"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1035
x-amz-id-2
G1SvDZJfD7RwI0bYCb2GL/8NX6pIHM+BS+NlKVaf1yoYLCryeVaTnLtIH/whceH/WoN/Gje0qaM=

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 undefined| event object| fence object| sharedStorage object| zEWebpackACJsonp function| zE function| zEmbed object| zESettings function| gtag object| dataLayer string| ALOOMA_CUSTOM_LIB_URL object| alooma object| lazySizes function| aloomaSDKInit number| clickCounter object| AloomaSDK function| $ function| jQuery function| ouibounce string| campaignName boolean| eiDisplayed number| exit_timer boolean| zEACLoaded object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| webpackJsonp function| setImmediate function| clearImmediate function| __import__ number| uidEvent object| bootstrap object| __cfBeacon function| onYouTubeIframeAPIReady object| gaplugins object| gaGlobal object| gaData object| Feedback object| CONFIG string| visitorType boolean| userLoggedIn string| pricingLink string| language function| Swiper

27 Cookies

Domain/Path Name / Value
www.disincorzu.com/ Name: uniqueClick_bncx479
Value: 0b28644d-6e5e-4d4d-a10b-7d859a648e74:1719388656
www.thrusteriu.com/ Name: uniqueClick_77G3B
Value: 24882483-147b-4ff8-9002-5e7ffadb79c3:1719388656
chameleonads.go2cloud.org/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjYiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEyNi4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiYWNjZXB0X2xhbmd1YWdlIjoiZGUtREUsZGU7cT0wLjk7cT0wLjkiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=
.privateinternetaccess.com/ Name: di
Value: 2D93AD58-B116-08B0-042C-25151A9ECE56
.privateinternetaccess.com/ Name: media_source
Value: ia
.privateinternetaccess.com/ Name: initial_media_source
Value: ia
.privateinternetaccess.com/ Name: PIALP_lang
Value: en
.privateinternetaccess.com/ Name: _cfuvid
Value: emWKwdCeIVZhKZ4OXxfcmyETDa9W6WV622zIUnfQ_KU-1719388657891-0.0.1.1-604800000
www.thrusteriu.com/ Name: transaction_id
Value: 2fc83d2e63044d02b26ef71ab61d34aa|47c108b09d3440ac966ee71cbe9d9d17
chameleonads.go2cloud.org/ Name: enc_aff_session_6047
Value: ENC03a192bfdc387b022020adb1e48b4c14b06c355f9f9fca4b37b79770bb4d3501a9bd17bca8ad0b0e8c74e7df0ad254065c68f116efc02e01e69c9b6061e892cfed91f034ad3464f8a04d89677a10aedc9a4f226496a85175d511fdf5b6ed544dd0223c9a22c0dfa87a103d34562e84db60e1a24c707d98232b25eefe6ae8efe40e456ba6dfc9622f1ca3e5e22bd8e3a3f2fad887d7cc08f695932fff1f5deb68ad669ac615157411e2bba21a5f3b910dd7c28d1dfce369c87a122abaa30934ee074fc82a599126f062adb6d7bcf33fc4144051a17c6c8c1382871487ab3152992d3cfb48c2bf16565621ce1ce90f18d613602caf05646ba79bd6b84afab3af826607d9dc21
.privateinternetaccess.com/ Name: session
Value: 1
.privateinternetaccess.com/ Name: affiliate
Value: 22638
.privateinternetaccess.com/ Name: coupon
Value: 2Y2M
.privateinternetaccess.com/ Name: offer_id
Value: 1466
.privateinternetaccess.com/ Name: lp
Value: offer_best
.privateinternetaccess.com/ Name: assisting_media
Value: ia
.privateinternetaccess.com/ Name: experiment_name
Value: bstcntnt
.privateinternetaccess.com/ Name: variation_name
Value: variation_bstcntnt
.privateinternetaccess.com/ Name: mp_UHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3M
Value: _alooma=%7B%22distinct_id%22%3A%20%22190538ceb587b4-02a1397b87e8e6-26001f51-1d4c00-190538ceb5a6cc%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.cyberghostvpn.com/ Name: _cfuvid
Value: 2sjKWux47DnqdAMzKtVeDmHWsamffK4qkhuXnrWxzmo-1719388662627-0.0.1.1-604800000
.privateinternetaccess.com/ Name: _gid
Value: GA1.2.1899523549.1719388664
.privateinternetaccess.com/ Name: _gat_gtag_UA_26585402_1
Value: 1
.privateinternetaccess.com/ Name: _ga_CP12RMHK09
Value: GS1.1.1719388663.1.0.1719388663.60.0.0
.privateinternetaccess.com/ Name: _ga
Value: GA1.1.921804540.1719388664
.privateinternetaccess.com/ Name: pia_pp
Value: offer_best
.privateinternetaccess.com/ Name: scroll_depth_prev_page
Value: 0
.privateinternetaccess.com/ Name: cf_clearance
Value: z87MXVkJ_2haZT6xgFcu6J1JXdLXkPR7yrlVOdfn7Zs-1719388664-1.0.1.1-QJ7d8EixE1q4y3q16RkM4e7JiyN9YL0nCOqeOZTm6kY7sJzsT9vaBnh0DO4LKSBRNz8pLV3FoRlMYN4ibYim0g

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aggregator.service.usercentrics.eu
api.usercentrics.eu
app.usercentrics.eu
assets-cms.privateinternetaccess.com
assets.cyberghostvpn.com
cdnjs.cloudflare.com
chameleonads.go2cloud.org
code.jquery.com
ekr.zdassets.com
graphql.usercentrics.eu
kapetracking.com
lplandmedia.supreme.tools
piavpnsupport.zendesk.com
region1.analytics.google.com
s3-eu-west-1.amazonaws.com
s3.eu-west-1.amazonaws.com
static.cloudflareinsights.com
static.zdassets.com
stats.g.doubleclick.net
www.disincorzu.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.privateinternetaccess.com
www.thrusteriu.com
104.16.53.111
104.17.24.14
104.18.36.183
104.18.70.113
104.18.72.113
104.20.0.14
142.250.185.67
172.64.154.65
2001:4860:4802:34::36
2600:1901:0:256b::
2600:1901:0:5987::
2600:1901:0:7903::
2600:1901:0:c07c::
2606:4700:10::6814:10e
2606:4700::6810:4f49
2a00:1450:4001:80e::2008
2a00:1450:4001:81d::200e
2a00:1450:400c:c06::9c
2a04:4e42:400::649
34.107.201.120
34.96.118.183
35.241.3.184
45.55.107.35
52.210.2.133
52.218.91.83
52.92.20.224
0042b39f17016ced3c706b3239483b7b2350efc5c8b9aaf93422ff1f3f40cd0a
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
014ab280f59a0828d8a39a1b3841fd99837d93ba04661ae984d2bab54f1df9f6
0240cacc7fa47d24b290671b3ef6f1b8d1909d1ac80755cc77fc619b2bf38b99
098113b914f3058accc533c345af25d1fafd1401a6942e990674d48632b32f7f
0fd967164524ebe8c0ffd96573d9b80c4f4e7674fd9e28edbfc01e9af1752f96
13b98404da01b3ec2e6326ff7f18b2e047270e54a2f4dde9f7bfe328bcc20d34
16f8dd6a39fbabc9e4d3ce898c7a23eae961924e23a30a758545a96b8a9bac9a
218dc51539d7473febec6a9bf99efb2beeda7df0e35dfc681f2739da2c1a2f97
268f1c5bb18b61db874b88fe3da448a3c55b412ca36ae6392b943ee6f59187c4
2d4922e970fe8a57922c7a0fa0f199f17336ff5d4a901814c2aa2fda47ae1e4b
356c4544c456b989861d78d9cb42a8e8625171a6eec736fa2f5424601d985a42
358fe265580661382266638d2e3eed6f32b83742bcbc109e7502ea165eb09a76
3de1c513078590865ae651b17085f04884a4cf6228301465219b45a90072777e
3f0c3501e9f7905c7593e9494d8afe6a9f33b10cbfa644937aae928f818c0080
42b6f48f6b25bd59a2eb5b418227ddf88bd2379329dabcb290190b6565301a73
499fc24435679a5a62b9210e707a9ec2f5e2c5acad584ebb67565db53110fd87
4cf2a49af363df5bd71810d0563a98f40dd311f3cc4fa803ad568bc2e064d893
4f23c671e5a88e26fc666a274e43def2b2dca1acb2160f3a6321d43ca62a3049
56194caa48d3aa7345768f3c14d6aafe85ef568be6370128c80187313a874d59
596a2f0882e4232f5661dc89dda825c56a40ef24b2218706582318844185c19a
5a91ae3a91862459209c0bf4556c01858a6b1d9e1c277d34581f63eaf675fc08
65f04d2408c7061ed047965630557589970c17d1d93a8d0e733769e4bd62636e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b8e93f69ae6fca1b4c604b45881695f92187f378579859fdf86f4cf694ef483
701914ca1420ee606163469259dda514df62ad5d849a8a95a805320f70bbbfab
727918fe9e44ae0590e35f88e52707bbd58f2c957316220337fb023282b41bf4
73a7577ead6f012f5bc244f813047f81b238e9c504b122eda4df5d3121b5ee2c
742346452526571fed80963abd99da7cf380807f25ae2a2a561fae0895cd1c20
7b54e1f29ea7ef92f5946a707b4f8a4ec85152cf90760a852a68cad3889f0658
7ba7f0b86ddfca1d83fb4297256bca0c37de06273b2ff54ddd0974485525ae38
7e5c036f7618b33fdf3515463d35c4767a03c31e31f2fb8c6db40bb753248359
7fdef46dc1bc1603e4569a5095199090523e7235f42abb44b55316576684cf8e
8363aa35fa4e039e1a1cc71217d5136f4153bba974d1fca4bd2d742d990347d8
896c08e4b8cba9335b9ccce3a76a954b0ccc579004ee0067df717e7d948f9ba6
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8d0def1f616c8bdd2786cc25c33c01af2b6fb094160ad40fa3f18554e8e0b4e7
8f27c2a51f4f713efda3881de03697fdce7a5022874d94d5256e106e0322d598
8fb92dda108173f231da629cb244f327692909bd3d10987c52c09b9486d73272
9596c49497f1d334c467fa9d6bde8f2aa3e05f72ae6aeec4db7b6c45704889da
9ad71bb2996ac89c0922d74c03405115600a0e9108c738f101c8b06e4dd59f62
9c65ae055ca38279199860272550858f891db0fa22c3e47b42878e94f524dfa3
9eb41151162df45fc4165fb69da9fb64e506fbd8f28c897e07aacecf884d711b
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a4b8429cf8c9e11446088d5a8034ad674f4cd682fda9885c20c967d35f1d3b8c
a67cdab40c4c4ff5be8549973179ef60b90bd7f06c4a3f92caf7ccb89ed9e82a
b74c3b8c5f786bcc4aa29f55ca0b178a0e2b5fcc6da3057a121bececc1b572ea
b781c2eea0df1426f304c0ac1eca5107ffaaf91a3c42012d4bc7ce296aa7cf02
b83588d8211aa8da1fb2f993db71e28b5e39e6772def78dd1c805e76298234f1
b8ff59d329d21518b345f0932febb24febe12b0143d9f56c31676c9bc5db2459
b93ebffdf1ec1c10723e77fd4d97e4a93a2cfcdd662c9697fce0884d49325a93
bd80c58cfa802442b76296864d6351cbd2018e97519701cf64c989ecb9ec94f9
c131aef25f72113f069c5266fd8498b939cc30a8af151afbfd791b4083c7188c
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f
c29c30f05a67a3c5528f5e1c1ac9531f34485ef08b8f8453c56dafa456009f09
c88bdc49299d48676034acabc44f507d820f15bf330fb278328ef2b3edda4123
ce16310c8616d66f1a2586412979b73d1aa7c958fdf64db840b45c426fa4023f
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
cec03fbf54a8d669bc8ce7b5e55837c46ca6198d634a6e192f1842b59d40123a
cf8ae6e584e047445f5c419d09c59d3fbcc59ae70385860daacc5fd711717773
d2533c8e2ab843fab73ebf949f41959aa93a9376019e8d9ec57fb79fdcfdd980
d481ab28534bc2f72a31f951bf67e9cef033d8c8f7c7b06cc26950eef73a9644
db219730986ff45549d559e07e288255362f98a800109d439dbc25e70f6cea15
ddac080d809de7b1c2155d049ddb61669d094b0dd9e430a88a3f5f3e20462e89
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df3442982a2802fbd2ff9af5791efaaed5e7547e92d8b7c8a87a548af5e7b646
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e581ec32162a0e6901452d088502555c47fa6ee1ecde8649e6f19a4d16672538
e615c14354c18360a357120fee850734f18383fe49b6e303264e24cde3d7db93
ec4b3914b698cfda4274f07db9663ce172e088d0a4fee1bcc2c46304ae630d1f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f157f29e105984cdb1f06c2cee12168394848700ccc7d01283b0bcb0001beb08
f15c1f9422cc0dc350befed6b60fe1be6d5d0328107eb7de59612a7c5e9d70ab
f323ccf7437face1661afb3763b673906b3ce06c03bc7973a0e86742b289ac19
fcb2668cfa4cb00b60b8aa603581d9cfedd16717799d73dcf45ca25b69ae4d96
fcfe496a5b7c920adac406084ed42f863908ed0db3fa0d6d219850a8ce14f54f