tails.com Open in urlscan Pro
2606:4700:10::6816:3083 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.mail.tails.com/u/nrd.php?p=Kp0iNSDKFs_1632_104863_1_15&ems_l=140028&i=1&d=LmVKd1Z5VnNLZ0NBUVJ1Rzl6TE9CRVFTNUdaS...
Effective URL:
https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4T...
Submission: On May 29 via api (May 29th 2021, 9:17:03 am UTC) from BE

Summary HTTP 63 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 32 IPs in 8 countries across 21 domains to perform 63 HTTP transactions. The main IP is 2606:4700:10::6816:3083, located in United States and belongs to CLOUDFLARENET, US. The main domain is tails.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 12th 2020. Valid for: a year.

This is the only time tails.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	217.175.192.51 217.175.192.51	199236 (EMARSYS-A...) (EMARSYS-AS Emarsys eMarketing Systems AG)
1 15	2606:4700:10:... 2606:4700:10::6816:3083	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.218.25.27 52.218.25.27	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:ab24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.117.233.127 34.117.233.127	15169 (GOOGLE) (GOOGLE)
1	13.226.159.122 13.226.159.122	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a0::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:10:... 2606:4700:10::6814:15ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
3	104.111.214.240 104.111.214.240	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	13.226.159.25 13.226.159.25	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
2	13.226.159.121 13.226.159.121	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	178.62.192.243 178.62.192.243	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	52.45.34.218 52.45.34.218	14618 (AMAZON-AES) (AMAZON-AES)
1	34.254.140.182 34.254.140.182	16509 (AMAZON-02) (AMAZON-02)
1	52.29.111.22 52.29.111.22	16509 (AMAZON-02) (AMAZON-02)
1	34.117.30.199 34.117.30.199	15169 (GOOGLE) (GOOGLE)
1	18.157.63.213 18.157.63.213	16509 (AMAZON-02) (AMAZON-02)
3	34.107.173.171 34.107.173.171	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	2a02:6ea0:c70... 2a02:6ea0:c700::4	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	2600:1901:0:2... 2600:1901:0:2bdd::	15169 (GOOGLE) (GOOGLE)
2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
63	32

1 217.175.192.51 (Austria)

ASN199236 (EMARSYS-AS Emarsys eMarketing Systems AG, AT)

link.mail.tails.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:10::6816:3083 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tails.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.25.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ab24 (United States)

ASN13335 (CLOUDFLARENET, US)

o8y.tails.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.233.127 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 127.233.117.34.bc.googleusercontent.com

services.postcodeanywhere.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-122.dus51.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a0::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:15ef (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.214.240 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-240.deploy.static.akamaitechnologies.com

cdn.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o13887.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-25.dus51.r.cloudfront.net

cdn.scarabresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.159.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-121.dus51.r.cloudfront.net

static.scarabresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.62.192.243 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

hits-i.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.34.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-34-218.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.140.182 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.111.22 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

recommender.scarabresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.30.199 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 199.30.117.34.bc.googleusercontent.com

webchannel-content.eservice.emarsys.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.157.63.213 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

recommender-eu.scarabresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.173.171 (Kansas City, United States)

ASN15169 (GOOGLE, US)

consentag.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

assets.reflow.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::4 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

cdn.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:2bdd:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

insight.reflow.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)

i.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	tails.com 1 redirects link.mail.tails.com tails.com o8y.tails.com	647 KB
6	google-analytics.com www.google-analytics.com	20 KB
5	scarabresearch.com cdn.scarabresearch.com static.scarabresearch.com recommender.scarabresearch.com recommender-eu.scarabresearch.com	72 KB
5	iubenda.com cdn.iubenda.com www.iubenda.com hits-i.iubenda.com	73 KB
3	ctnsnet.com cdn.ctnsnet.com i.ctnsnet.com	6 KB
3	cloudflare.com cdnjs.cloudflare.com	39 KB
3	consentag.eu consentag.eu	10 KB
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	99 KB
2	reflow.tv assets.reflow.tv insight.reflow.tv	8 KB
2	google.de www.google.de	569 B
2	google.com www.google.com	357 B
2	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
2	pingdom.net rum-static.pingdom.net rum-collector-2.pingdom.net	3 KB
2	postcodeanywhere.co.uk services.postcodeanywhere.co.uk	27 KB
1	yahoo.com sp.analytics.yahoo.com	964 B
1	emarsys.net webchannel-content.eservice.emarsys.net	296 B
1	googleadservices.com www.googleadservices.com	14 KB
1	sentry.io o13887.ingest.sentry.io	280 B
1	googletagmanager.com www.googletagmanager.com	72 KB
1	trustpilot.com widget.trustpilot.com	7 KB
1	amazonaws.com s3-eu-west-1.amazonaws.com	23 KB
63	21

	Domain	Requested by
15	tails.com	1 redirects tails.com
6	www.google-analytics.com	www.googletagmanager.com tails.com
3	cdnjs.cloudflare.com	consentag.eu
3	consentag.eu	cdn.iubenda.com consentag.eu cdnjs.cloudflare.com
2	i.ctnsnet.com	tails.com assets.reflow.tv
2	errors.client.optimizely.com	tails.com
2	hits-i.iubenda.com	tails.com
2	www.google.de	tails.com
2	www.google.com	tails.com
2	static.scarabresearch.com	cdn.scarabresearch.com
2	cdn.iubenda.com	tails.com cdn.iubenda.com
2	services.postcodeanywhere.co.uk	tails.com
1	sp.analytics.yahoo.com	tails.com
1	insight.reflow.tv	tails.com
1	cdn.ctnsnet.com	consentag.eu
1	assets.reflow.tv	consentag.eu
1	recommender-eu.scarabresearch.com	tails.com
1	webchannel-content.eservice.emarsys.net	tails.com
1	recommender.scarabresearch.com	tails.com
1	rum-collector-2.pingdom.net	tails.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	tails.com
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.scarabresearch.com	cdn.iubenda.com
1	www.iubenda.com	cdn.iubenda.com
1	o13887.ingest.sentry.io	tails.com
1	www.googletagmanager.com	tails.com
1	rum-static.pingdom.net	tails.com
1	cdn.optimizely.com	o8y.tails.com
1	widget.trustpilot.com	tails.com
1	o8y.tails.com	tails.com
1	s3-eu-west-1.amazonaws.com	tails.com
1	link.mail.tails.com
63	33

This site contains links to these domains. Also see Links.

Domain
help.tails.com
www.iubenda.com
de.trustpilot.com
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
link.mail.tails.com R3	`2021-03-30` - `2021-06-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-12` - `2021-08-12`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
o8y.tails.com Cloudflare Inc ECC CA-3	`2020-08-24` - `2021-08-24`	a year	crt.sh
*.postcodeanywhere.co.uk Sectigo RSA Domain Validation Secure Server CA	`2021-02-01` - `2022-02-01`	a year	crt.sh
*.trustpilot.com Amazon	`2021-04-03` - `2022-05-02`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
*.pingdom.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-15` - `2022-01-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
www.iubenda.com DigiCert SHA2 Secure Server CA	`2021-03-26` - `2022-03-31`	a year	crt.sh
*.ingest.sentry.io R3	`2021-04-27` - `2021-07-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.scarabresearch.com Amazon	`2020-11-23` - `2021-12-22`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.iubenda.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-31` - `2022-01-30`	2 years	crt.sh
errors.client.optimizely.com Amazon	`2020-09-02` - `2021-10-02`	a year	crt.sh
webchannel-content.gservice.emarsys.net R3	`2021-05-04` - `2021-08-02`	3 months	crt.sh
consentag.eu DigiCert SHA2 Secure Server CA	`2019-07-01` - `2021-07-08`	2 years	crt.sh
*.reflow.tv GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-01-29` - `2022-03-01`	a year	crt.sh
www.cdn77.com R3	`2021-05-03` - `2021-08-01`	3 months	crt.sh
*.ctnsnet.com DigiCert SHA2 Secure Server CA	`2020-10-16` - `2021-11-16`	a year	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh

This page contains 3 frames:

Primary Page: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
Frame ID: 3CC45C2F0C78B8A6311229F24852E5A5
Requests: 54 HTTP requests in this frame

Frame: https://consentag.eu/public/3.0.1/popup_silent.html
Frame ID: F763D6B316E686A6E5141AB852FB3289
Requests: 5 HTTP requests in this frame

Frame: https://i.ctnsnet.com/int/integration?pixel=65425711&nid=304041&cont=s&eventType=pageView&pageType=other&countryCode=&advertiserUserId=&_ssluid=a3982a4f-4ccc-4567-afd4-75ced9e12477&_sslreqid=86191161-4c64-4ce4-a5f2-5e7e9347b506&loc=https%3a%2f%2ftails.com%2fde%2fsettings%2fcommunication-preferences%3foosl%3d.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE%26sc_src%3demail_104863%26sc_lid%3d5992099%26sc_uid%3dKp0iNSDKFs%26sc_llid%3d1632%26sc_eh%3d949c01bcba3824031&ref=https%3a%2f%2flink.mail.tails.com%2f&caid=31859af84a7f49e690a4c945b84b700b&cst=true&gdpr_consent=
Frame ID: 21B703B92CAD1E1760E90C2054F40736
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://link.mail.tails.com/u/nrd.php?p=Kp0iNSDKFs_1632_104863_1_15&ems_l=140028&i=1&d=LmVKd1Z5VnNLZ0NBU... Page URL
https://tails.com/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxct... HTTP 302
https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQd... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

63
Requests

100 %
HTTPS

44 %
IPv6

21
Domains

33
Subdomains

32
IPs

8
Countries

1126 kB
Transfer

4769 kB
Size

8
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://help.tails.com/hc/de/
Title: Hilfe

Search URL Search Domain Scan URL

URL: https://www.iubenda.com/privacy-policy/81942693/cookie-policy
Title: Cookie-Richtlinie

Search URL Search Domain Scan URL

URL: https://de.trustpilot.com/review/tails.com
Title: Trustpilot

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tailsde/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tails.com_de/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.mail.tails.com/u/nrd.php?p=Kp0iNSDKFs_1632_104863_1_15&ems_l=140028&i=1&d=LmVKd1Z5VnNLZ0NBUVJ1Rzl6TE9CRVFTNUdaSHBsd1FkeGN0RFJIdlA0THg4bklkNHRKNFRxZzBubVdQWHE1NXRpdHpvbDIzZ0hyS1FJYzRwRFFuc2ZpLWx3cU5DR0kwVUJabTNSSFRZTFBFbTQxMXNlRF9IRmlFSS5FNGxrc3cuaTRmaWJXMDZKdUNvZWxCRlVuX3pZTEtjakRF%7CNTk5MjA5OQ==%7CS3AwaU5TREtGcw==%7COTQ5YzAxYmNiYTM4MjQwMzE=%7C&_esuh=_7_b289f904c35fc6b7f1c2f22354d374667cdf6050588caf3d42e0af952400fc27 Page URL
https://tails.com/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031 HTTP 302
https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK nrd.php Show response
link.mail.tails.com/u/ 1 KB
926 B 249ms
192ms Document
text/html 217.175.192.51
EMARSYS-AS Emarsy...

General

Check archive.org

Show headers Download Go to

Full URL

https://link.mail.tails.com/u/nrd.php?p=Kp0iNSDKFs_1632_104863_1_15&ems_l=140028&i=1&d=LmVKd1Z5VnNLZ0NBUVJ1Rzl6TE9CRVFTNUdaSHBsd1FkeGN0RFJIdlA0THg4bklkNHRKNFRxZzBubVdQWHE1NXRpdHpvbDIzZ0hyS1FJYzRwRFFuc2ZpLWx3cU5DR0kwVUJabTNSSFRZTFBFbTQxMXNlRF9IRmlFSS5FNGxrc3cuaTRmaWJXMDZKdUNvZWxCRlVuX3pZTEtjakRF%7CNTk5MjA5OQ==%7CS3AwaU5TREtGcw==%7COTQ5YzAxYmNiYTM4MjQwMzE=%7C&_esuh=_7_b289f904c35fc6b7f1c2f22354d374667cdf6050588caf3d42e0af952400fc27

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

217.175.192.51 , Austria, ASN199236 (EMARSYS-AS Emarsys eMarketing Systems AG, AT),

Reverse DNS

Software

Apache /

Resource Hash

6aee104ee9726dbd3364a148683c1ef0d5f9204c21c41605b2e418d948e4fe01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Host: link.mail.tails.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:16:44 GMT
server: Apache
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
content-encoding: gzip
x-af: suite45-web1
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
content-length: 548
content-type: text/html; charset=utf-8
x-hf: suite-haproxy01c

GET
H3-29

200

Primary Request communication-preferences Show response
tails.com/de/settings/
Redirect Chain

https://tails.com/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06Ju...
https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW0...

26 KB
6 KB

374ms
364ms

Document
text/html

2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15a3116c62d691fe4ebf0f26c7070eeeb76fcfd5c35e1b1734c2b3a767cf0b1c

Request headers

:method: GET
:authority: tails.com
:scheme: https
:path: /de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://link.mail.tails.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: session=994d6ce2a15654fa_60b2067c.Ez__7yJmpArcX4bS1MvzTEVqvuU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://link.mail.tails.com/u/nrd.php?p=Kp0iNSDKFs_1632_104863_1_15&ems_l=140028&i=1&d=LmVKd1Z5VnNLZ0NBUVJ1Rzl6TE9CRVFTNUdaSHBsd1FkeGN0RFJIdlA0THg4bklkNHRKNFRxZzBubVdQWHE1NXRpdHpvbDIzZ0hyS1FJYzRwRFFuc2ZpLWx3cU5DR0kwVUJabTNSSFRZTFBFbTQxMXNlRF9IRmlFSS5FNGxrc3cuaTRmaWJXMDZKdUNvZWxCRlVuX3pZTEtjakRF%7CNTk5MjA5OQ==%7CS3AwaU5TREtGcw==%7COTQ5YzAxYmNiYTM4MjQwMzE=%7C&_esuh=_7_b289f904c35fc6b7f1c2f22354d374667cdf6050588caf3d42e0af952400fc27

Response headers

date: Sat, 29 May 2021 09:16:45 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, no-cache
access-control-allow-origin: *
set-cookie: remember_token=960100103|a859cd017df1d55b66bdbfb1be87495708d6936a; Expires=Sun, 29-May-2022 09:16:45 GMT; Path=/ session=3030e7adab4b966c_60b2067c.f6cNB-opwAJxZWnLBh4x2IRjn38; Secure; HttpOnly; Path=/
cf-cache-status: BYPASS
cf-request-id: 0a59026fa100004e74402f9000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 656ea02c3c8c4e74-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Sat, 29 May 2021 09:16:44 GMT
content-type: text/html; charset=utf-8
content-length: 827
location: /de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
cache-control: max-age=0, private, no-cache
access-control-allow-origin: *
set-cookie: session=994d6ce2a15654fa_60b2067c.Ez__7yJmpArcX4bS1MvzTEVqvuU; Secure; HttpOnly; Path=/
cf-cache-status: BYPASS
cf-request-id: 0a59026f1000000ea7c48f7000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 656ea02b4fdb0ea7-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK datalayer-1.0.0.min.js Show response
s3-eu-west-1.amazonaws.com/static.tails.com/datalayer/prod/ 108 KB
23 KB 141ms
53ms Script
application/javascript 52.218.25.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-eu-west-1.amazonaws.com/static.tails.com/datalayer/prod/datalayer-1.0.0.min.js
Requested by: Host: tails.com
URL: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.25.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7682dde32db50ed8ff2f595e4c86d9a4c1767eb663a51ae59f31ed4974bdc585

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 May 2021 09:16:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Aug 2019 17:07:39 GMT
Server: AmazonS3
x-amz-request-id: WS41CJ8HV67XCXJP
ETag: "447266994bde2cec139b39f000e77ee5"
Content-Type: application/javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
Content-Length: 23562
x-amz-id-2: d1eJLrh+h6GMiJFpyQjIC6c7HaltSUdZVsqV5LDl+ZkhgFnPnuI7EaIzvYmePsUepud4LkFez/w=

GET
H2 200 18649652273 Show response
o8y.tails.com/edge-client/v1/18131751344/ 29 KB
10 KB 366ms
344ms Script
application/javascript 2606:4700::6811:ab24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://o8y.tails.com/edge-client/v1/18131751344/18649652273
Requested by: Host: tails.com
URL: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ab24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b03ee0bc4df68cdf71de26d7e26770991f53c3178ea06ee97ca55cf4b9b0f614

Request headers

Referer: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:16:45 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
cf-ray: 656ea02eaaf3dfff-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a5902712a0000dfff85037000000001

GET
H3-29 200 main.bebb776b067cf2b31019.css
tails.com/1.0/css/ 2 MB
135 KB 30ms
30ms Stylesheet
text/css 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tails.com/1.0/css/main.bebb776b067cf2b31019.css

Requested by

Host: tails.com
URL: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7a5af2a351f684a05994714f8e9c7fb24dbcf785b790531fb333d15ce2cdde8

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /1.0/css/main.bebb776b067cf2b31019.css
pragma: no-cache
cookie: remember_token=960100103|a859cd017df1d55b66bdbfb1be87495708d6936a; session=3030e7adab4b966c_60b2067c.f6cNB-opwAJxZWnLBh4x2IRjn38
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tails.com
referer: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:16:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 176088
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 27 May 2021 08:14:43 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60af54f3-25dd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
content-security-policy: manifest-src 'none'; frame-ancestors 'none'
cf-request-id: 0a5902711300004e7427058000000001
cf-ray: 656ea02e8a194e74-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 address-3.70.css
services.postcodeanywhere.co.uk/css/ 11 KB
2 KB 29ms
11ms Stylesheet
text/css 34.117.233.127
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://services.postcodeanywhere.co.uk/css/address-3.70.css
Requested by: Host: tails.com
URL: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.233.127 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 127.233.117.34.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8ed3a91653237bec9b0b48f7fc1fce4bbc8e42b014d4f335d5d440085c8a1163

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:16:09 GMT
via: 1.1 google
server: nginx/1.14.0 (Ubuntu)
age: 36
content-type: text/css;charset=UTF-8
content-encoding: gzip
cache-control: public, max-age=60
x-robots-tag: noindex
alt-svc: clear
content-length: 2173

GET
H3-29 200 logo-tm.svg
tails.com/static/images/svgs/logos/ 8 KB
4 KB 30ms
30ms Image
image/svg+xml 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tails.com/static/images/svgs/logos/logo-tm.svg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0264d9ad44f32f05534a6ba89ef11366da56f7c1a3ecfb91e01df2daf1b0471b

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /static/images/svgs/logos/logo-tm.svg
pragma: no-cache
cookie: remember_token=960100103|a859cd017df1d55b66bdbfb1be87495708d6936a; session=3030e7adab4b966c_60b2067c.f6cNB-opwAJxZWnLBh4x2IRjn38
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tails.com
referer: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:16:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3589408
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 08 Mar 2021 16:33:20 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"604651d0-1e0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
content-security-policy: manifest-src 'none'; frame-ancestors 'none'
cf-request-id: 0a5902728400004e74ed289000000001
cf-ray: 656ea030df954e74-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 DE-square.png
tails.com/static/images/country-flags/ 1 KB
2 KB 33ms
32ms Image
image/png 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tails.com/static/images/country-flags/DE-square.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7768acb9e3c519c18df75980e946776618591d8ab624775b56cbba28bef9dc9b

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /static/images/country-flags/DE-square.png
pragma: no-cache
cookie: remember_token=960100103|a859cd017df1d55b66bdbfb1be87495708d6936a; session=3030e7adab4b966c_60b2067c.f6cNB-opwAJxZWnLBh4x2IRjn38; optimizelyEndUserId=oeu1622279805427r0.7800654228222703
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tails.com
referer: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:16:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3554635
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1308
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 08 Mar 2021 16:33:20 GMT
server: cloudflare
x-frame-options: DENY
etag: "604651d0-51c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
content-security-policy: manifest-src 'none'; frame-ancestors 'none'
cf-request-id: 0a590272b000004e745319b000000001
accept-ranges: bytes
cf-ray: 656ea03118054e74-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 vendor.6b1a29106ebe70a75998.js Show response
tails.com/1.0/js/ 426 KB
135 KB 38ms
37ms Script
application/javascript 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tails.com/1.0/js/vendor.6b1a29106ebe70a75998.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96d62719a8762564c255f8c8783a446c61914b926f21a29eac5d10179b283945

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /1.0/js/vendor.6b1a29106ebe70a75998.js
pragma: no-cache
cookie: remember_token=960100103|a859cd017df1d55b66bdbfb1be87495708d6936a; session=3030e7adab4b966c_60b2067c.f6cNB-opwAJxZWnLBh4x2IRjn38
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tails.com
referer: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:16:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2856318
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 26 Apr 2021 07:41:49 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60866ebd-22fba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
content-security-policy: manifest-src 'none'; frame-ancestors 'none'
cf-request-id: 0a590271b800004e740787a000000001
cf-ray: 656ea02f8c854e74-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 main.c7f0b97826d606b34bcf.js Show response
tails.com/1.0/js/ 242 KB
57 KB 32ms
32ms Script
application/javascript 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tails.com/1.0/js/main.c7f0b97826d606b34bcf.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45a388fe1a760fe946a2e876571854996913023a299244ec7e32edfbf4546010

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /1.0/js/main.c7f0b97826d606b34bcf.js
pragma: no-cache
cookie: remember_token=960100103|a859cd017df1d55b66bdbfb1be87495708d6936a; session=3030e7adab4b966c_60b2067c.f6cNB-opwAJxZWnLBh4x2IRjn38
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tails.com
referer: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:16:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1032350
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 17 May 2021 10:23:44 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60a24430-f2de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
content-security-policy: manifest-src 'none'; frame-ancestors 'none'
cf-request-id: 0a590271ec00004e7429b89000000001
cf-ray: 656ea02fed3f4e74-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 vendor.37f6a03aca0a4b60e8aa.js Show response
tails.com/discovery/js/ 295 KB
79 KB 39ms
38ms Script
application/javascript 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tails.com/discovery/js/vendor.37f6a03aca0a4b60e8aa.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c75b9bf203d89747c90df796c9cb689f3b8547d54688b5eb93d838b7a3bf8f3

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /discovery/js/vendor.37f6a03aca0a4b60e8aa.js
pragma: no-cache
cookie: remember_token=960100103|a859cd017df1d55b66bdbfb1be87495708d6936a; session=3030e7adab4b966c_60b2067c.f6cNB-opwAJxZWnLBh4x2IRjn38
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tails.com
referer: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:16:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 168528
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 27 May 2021 10:25:30 GMT
server: cloudflare
etag: W/"60af739a-14e18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
content-security-policy: manifest-src 'none'; frame-ancestors 'self'
cf-request-id: 0a5902721300004e74500fa000000001
cf-ray: 656ea0301dd74e74-FRA
link: </static/fonts/Montserrat/montserrat-regular.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/Montserrat/montserrat-semibold.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/Montserrat/montserrat-light.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/JeffScript/jeffscript.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 main.37f6a03aca0a4b60e8aa.js Show response
tails.com/discovery/js/ 32 KB
10 KB 28ms
27ms Script
application/javascript 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tails.com/discovery/js/main.37f6a03aca0a4b60e8aa.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10c394bb383709abdef8ecd28b74369fcd3af71c672b1fc3bc6c93c8a6e5ccd6

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /discovery/js/main.37f6a03aca0a4b60e8aa.js
pragma: no-cache
cookie: remember_token=960100103|a859cd017df1d55b66bdbfb1be87495708d6936a; session=3030e7adab4b966c_60b2067c.f6cNB-opwAJxZWnLBh4x2IRjn38
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tails.com
referer: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:16:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 168534
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 27 May 2021 10:25:30 GMT
server: cloudflare
etag: W/"60af739a-26fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
content-security-policy: manifest-src 'none'; frame-ancestors 'self'
cf-request-id: 0a5902726000004e74f2b39000000001
cf-ray: 656ea0309efd4e74-FRA
link: </static/fonts/Montserrat/montserrat-regular.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/Montserrat/montserrat-semibold.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/Montserrat/montserrat-light.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous </static/fonts/JeffScript/jeffscript.woff2>; as=font; rel=preload; type=font/woff2; crossorigin=anonymous
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 21 KB
7 KB 49ms
15ms Script
application/x-javascript 13.226.159.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-122.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

497686ff9f639ad2f229371c721f48c11823bd1c81d76cbfbdecd1ad68279cdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 7725
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Sat, 29 May 2021 07:08:01 GMT
content-length: 6857
x-xss-protection: 1; mode=block
last-modified: Mon, 10 May 2021 07:07:39 GMT
server: AmazonS3
etag: "c49c54cd9fab85665a9fb17dc4221423"
content-type: application/x-javascript
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: iPGI3YpS5dcrO5klNBRhkGMx6XwjkXR_lCcijvEZZEyLrosUNuRr1Q==

GET
H2 200 address-3.70.min.js Show response
services.postcodeanywhere.co.uk/js/ 88 KB
25 KB 8ms
8ms Script
text/javascript 34.117.233.127
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://services.postcodeanywhere.co.uk/js/address-3.70.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.233.127 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

127.233.117.34.bc.googleusercontent.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

1dff8401cfad8003b79df3d241b98af256a7a0c9e4316e4a03720013f46d398c

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:15:59 GMT
via: 1.1 google
server: nginx/1.14.0 (Ubuntu)
age: 46
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cache-control: public, max-age=60
x-robots-tag: noindex
alt-svc: clear
content-length: 25125
x-xss-protection: 1

GET
H3-29 200 montserrat-regular.woff2
tails.com/static/fonts/Montserrat/ 13 KB
14 KB 30ms
29ms Font
font/woff2 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tails.com/static/fonts/Montserrat/montserrat-regular.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://tails.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: remember_token=960100103|a859cd017df1d55b66bdbfb1be87495708d6936a; session=3030e7adab4b966c_60b2067c.f6cNB-opwAJxZWnLBh4x2IRjn38
:path: /static/fonts/Montserrat/montserrat-regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: tails.com
referer: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://tails.com
Referer: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:16:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3589409
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13708
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 08 Mar 2021 16:33:19 GMT
server: cloudflare
x-frame-options: DENY
etag: "604651cf-358c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=315360000
content-security-policy: manifest-src 'none'; frame-ancestors 'none'
cf-request-id: 0a5902723c00004e74278b2000000001
accept-ranges: bytes
cf-ray: 656ea0306e754e74-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 montserrat-semibold.woff2
tails.com/static/fonts/Montserrat/ 13 KB
14 KB 30ms
29ms Font
font/woff2 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tails.com/static/fonts/Montserrat/montserrat-semibold.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://tails.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: remember_token=960100103|a859cd017df1d55b66bdbfb1be87495708d6936a; session=3030e7adab4b966c_60b2067c.f6cNB-opwAJxZWnLBh4x2IRjn38
:path: /static/fonts/Montserrat/montserrat-semibold.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: tails.com
referer: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://tails.com
Referer: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:16:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3977656
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13464
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 08 Mar 2021 16:33:19 GMT
server: cloudflare
x-frame-options: DENY
etag: "604651cf-3498"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=315360000
content-security-policy: manifest-src 'none'; frame-ancestors 'none'
cf-request-id: 0a5902723d00004e741c032000000001
accept-ranges: bytes
cf-ray: 656ea0306e774e74-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 montserrat-light.woff2
tails.com/static/fonts/Montserrat/ 13 KB
14 KB 35ms
34ms Font
font/woff2 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tails.com/static/fonts/Montserrat/montserrat-light.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03b52a1594b643f27fdfc0ad86291bf36368dde44df9f07e1206b6fd3563bcab

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://tails.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: remember_token=960100103|a859cd017df1d55b66bdbfb1be87495708d6936a; session=3030e7adab4b966c_60b2067c.f6cNB-opwAJxZWnLBh4x2IRjn38
:path: /static/fonts/Montserrat/montserrat-light.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: tails.com
referer: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://tails.com
Referer: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:16:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3124944
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13560
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 22 Apr 2021 17:42:09 GMT
server: cloudflare
x-frame-options: DENY
etag: "6081b571-34f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=315360000
content-security-policy: manifest-src 'none'; frame-ancestors 'none'
cf-request-id: 0a5902723d00004e7414320000000001
accept-ranges: bytes
cf-ray: 656ea0306e7a4e74-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 jeffscript.woff2
tails.com/static/fonts/JeffScript/ 98 KB
99 KB 23ms
22ms Font
font/woff2 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tails.com/static/fonts/JeffScript/jeffscript.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca23773dd4bf46922200e40b31cbedf7d237f19b320309f32e8e62f87086f420

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://tails.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: remember_token=960100103|a859cd017df1d55b66bdbfb1be87495708d6936a; session=3030e7adab4b966c_60b2067c.f6cNB-opwAJxZWnLBh4x2IRjn38
:path: /static/fonts/JeffScript/jeffscript.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: tails.com
referer: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://tails.com
Referer: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:16:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3124944
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 100588
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 22 Apr 2021 17:42:10 GMT
server: cloudflare
x-frame-options: DENY
etag: "6081b572-188ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=315360000
content-security-policy: manifest-src 'none'; frame-ancestors 'none'
cf-request-id: 0a5902723d00004e74e00cc000000001
accept-ranges: bytes
cf-ray: 656ea0306e7b4e74-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2805_d1b7090243fe861d17764cdce54e2896754778c9d479bdee6137067c5ec47b53_edge_helper.js Show response
cdn.optimizely.com/public/18131751344/18649652273/ 374 KB
99 KB 27ms
7ms Script
text/javascript 2a02:26f0:6c00:2a0::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/public/18131751344/18649652273/2805_d1b7090243fe861d17764cdce54e2896754778c9d479bdee6137067c5ec47b53_edge_helper.js

Requested by

Host: o8y.tails.com
URL: https://o8y.tails.com/edge-client/v1/18131751344/18649652273

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d1b7090243fe861d17764cdce54e2896754778c9d479bdee6137067c5ec47b53

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: U2lq6EtaRU0zO1Il7KdKByiretBhi4AQ
content-encoding: gzip
etag: "3fb64830fd1a6caaa8400fd9025778ac"
x-amz-request-id: YMH030B9NRBEVW2V
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 2805
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:2a0::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 100674
x-amz-id-2: 9tqnu7euX19sqTjSTNErvMvnT1dNIZcOFEfOTys17LhHgOB/WenoIrM+5Bth4W5a3uIdNyUMFM4=
last-modified: Fri, 28 May 2021 15:26:17 GMT
server: AmazonS3
date: Sat, 29 May 2021 09:16:45 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 prum.min.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 39ms
18ms Script
application/javascript 2606:4700:10::6814:15ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/prum.min.js
Requested by: Host: tails.com
URL: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:15ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c19455754ead9313cc2221c64f1c66e8378501d8099bdcb3d90bb0b1a170b5ec

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:16:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 14:01:38 GMT
server: cloudflare
age: 4376
etag: W/"609a8e42-1849"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=43200
cf-ray: 656ea03139784e07-FRA
cf-request-id: 0a590272c300004e0723b2a000000001

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 380 KB
72 KB 35ms
15ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5ZNT7J

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79da9921ec327d511385505cec2e6619f26fd6484349ead391e7129b7ba231a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:16:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73467
x-xss-protection: 0
last-modified: Sat, 29 May 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 29 May 2021 09:16:45 GMT

GET
H3-29 200 tails-icons.woff2
tails.com/static/fonts/tails-icons/ 48 KB
49 KB 20ms
20ms Font
font/woff2 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tails.com/static/fonts/tails-icons/tails-icons.woff2?4a883c

Requested by

Host: tails.com
URL: https://tails.com/1.0/css/main.bebb776b067cf2b31019.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75125e19525c550e582dc4b888e8afa085db3479bfdab35c42955720cd751695

Security Headers

Name	Value
Content-Security-Policy	manifest-src 'none'; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://tails.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: remember_token=960100103|a859cd017df1d55b66bdbfb1be87495708d6936a; session=3030e7adab4b966c_60b2067c.f6cNB-opwAJxZWnLBh4x2IRjn38; optimizelyEndUserId=oeu1622279805427r0.7800654228222703
:path: /static/fonts/tails-icons/tails-icons.woff2?4a883c
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: tails.com
referer: https://tails.com/1.0/css/main.bebb776b067cf2b31019.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://tails.com
Referer: https://tails.com/1.0/css/main.bebb776b067cf2b31019.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:16:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3340444
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49612
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 08 Mar 2021 16:33:20 GMT
server: cloudflare
x-frame-options: DENY
etag: "604651d0-c1cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=315360000
content-security-policy: manifest-src 'none'; frame-ancestors 'none'
cf-request-id: 0a590272c200004e74e205f000000001
accept-ranges: bytes
cf-ray: 656ea03138464e74-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 iubenda_cs.js Show response
cdn.iubenda.com/cs/ 451 B
605 B 59ms
20ms Script
application/javascript 104.111.214.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cs/iubenda_cs.js
Requested by: Host: tails.com
URL: https://tails.com/discovery/js/main.37f6a03aca0a4b60e8aa.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-240.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dd0d7cee23a4d08e20b34618a04b6b5dbd9df489bb630c218e22ba2b319e41a7

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:16:45 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 16:40:44 GMT
etag: "60afcb8c-14f"
vary: Accept-Encoding
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
access-control-allow-origin: *
cache-control: public, must-revalidate, proxy-revalidate, max-age=10800
content-type: application/javascript
content-length: 335
expires: Sat, 29 May 2021 12:16:45 GMT

POST
H2 200 / Show response
o13887.ingest.sentry.io/api/104235/store/ 41 B
280 B 28ms
9ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o13887.ingest.sentry.io/api/104235/store/?sentry_key=eb830eba39d24851ab3f3d29373051b2&sentry_version=7

Requested by

Host: tails.com
URL: https://tails.com/discovery/js/vendor.37f6a03aca0a4b60e8aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

739545028ec84ff1a2a8489e27058ec23dec426439564ad31f2708f4c25a91ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 29 May 2021 09:16:45 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://tails.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 41

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZNT7J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2993
date: Sat, 29 May 2021 08:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sat, 29 May 2021 10:26:52 GMT

GET
H2 200 core-de.js Show response
cdn.iubenda.com/cookie_solution/iubenda_cs/1.30.3/ 294 KB
71 KB 19ms
19ms Script
application/javascript 104.111.214.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.30.3/core-de.js
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cs/iubenda_cs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-240.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: faeb6f447decbc66c748b9f4a3ad69fa3a08a63a6b3e789dcd53c6aad32785a1

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:16:45 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 16:40:43 GMT
etag: "60afcb8b-11ad8"
vary: Accept-Encoding
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
access-control-allow-origin: *
cache-control: public, must-revalidate, proxy-revalidate, max-age=31536000
content-type: application/javascript
content-length: 72408
expires: Sun, 29 May 2022 09:16:45 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
13ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1628441787&t=pageview&_s=1&dl=https%3A%2F%2Ftails.com%2Fde%2Fsettings%2Fcommunication-preferences%3Foosl%3D.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE%26sc_src%3Demail_104863%26sc_lid%3D5992099%26sc_uid%3DKp0iNSDKFs%26sc_llid%3D1632%26sc_eh%3D949c01bcba3824031&dr=https%3A%2F%2Flink.mail.tails.com%2F&ul=en-us&de=UTF-8&dt=tails.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGAAgAAB~&cid=1164903024.1622279806&tid=UA-52363535-1&_gid=2043214717.1622279806&gtm=2wg5q15ZNT7J&gcs=G100&cg1=%2Fde%2Fsettings%2Fcommunication-preferences&z=499487562

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 01:27:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28183
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 81942693.js Show response
www.iubenda.com/cookie-solution/confs/js/ 94 B
458 B 20ms
18ms Script
application/javascript 104.111.214.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iubenda.com/cookie-solution/confs/js/81942693.js
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.30.3/core-de.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-240.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: daa6a02031289fb7fb3bbdabe83aecb152b236c81342322302609a7e42ed35e4

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:16:45 GMT
access-control-request-method: *
content-encoding: gzip
content-length: 92
last-modified: Mon, 24 May 2021 10:23:52 GMT
server: nginx
etag: "60ab7eb8-5e"
vary: Accept-Encoding
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sun, 30 May 2021 09:16:45 GMT

GET
H/1.1 200
OK scarab-v2.js Show response
cdn.scarabresearch.com/js/18CBED0E9A2E6FF9/ 105 KB
25 KB 48ms
17ms Script
application/javascript 13.226.159.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.scarabresearch.com/js/18CBED0E9A2E6FF9/scarab-v2.js
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.30.3/core-de.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-25.dus51.r.cloudfront.net
Software: /
Resource Hash: c649b91d19952fac777c1928a0af893cbdb3bb5160b7ef48798997f4eca87933

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 May 2021 08:57:06 GMT
Content-Encoding: gzip
Connection: keep-alive
Age: 4421
ETag: "7b1986724414ee451c2c8b1017cdb2d7--gzip"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript;charset=utf-8
Via: 1.1 d0be2eec997f966c9c7eb03ae2f75c30.cloudfront.net (CloudFront)
Cache-Control: max-age=3600,public
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
Timing-Allow-Origin: *
X-Amz-Cf-Id: -Oj819EanzAs_pIW8V2P6uDQf1YPp3de4sIHW8TPxXWK4Px_nhKZLw==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1628441787&t=pageview&_s=1&dl=https%3A%2F%2Ftails.com%2Fde%2Fsettings%2Fcommunication-preferences%3Foosl%3D.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE%26sc_src%3Demail_104863%26sc_lid%3D5992099%26sc_uid%3DKp0iNSDKFs%26sc_llid%3D1632%26sc_eh%3D949c01bcba3824031&dr=https%3A%2F%2Flink.mail.tails.com%2F&ul=en-us&de=UTF-8&dt=tails.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GhAAEABAAAAAC~&jid=1068136954&gjid=1827798497&cid=1164903024.1622279806&tid=UA-52363535-1&_gid=695968506.1622279806&_r=1&gtm=2wg5q15ZNT7J&gcs=G111&gcu=1&z=1368581723

Requested by

Host: tails.com
URL: https://tails.com/discovery/js/vendor.37f6a03aca0a4b60e8aa.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 May 2021 09:16:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tails.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 42ms
19ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZNT7J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

bb88444ba47283a55e6299fb840a0fbdd9bc36289015e414bfe51d517b113ac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14053
x-xss-protection: 0
server: cafe
etag: 4209742185836358702
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 29 May 2021 09:16:45 GMT

GET
H3-29 404 logo-tm.svg
tails.com/de/settings/gc/tails.com/static/images/svgs/logos/ 19 KB
19 KB 276ms
276ms Image
text/html 2606:4700:10::6816:3083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tails.com/de/settings/gc/tails.com/static/images/svgs/logos/logo-tm.svg
Requested by: Host: tails.com
URL: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e216c710dd23fd455f7cbd731344a413949b8b07a5af2eb70e092ab598e841de

Request headers

:path: /de/settings/gc/tails.com/static/images/svgs/logos/logo-tm.svg
pragma: no-cache
cookie: remember_token=960100103|a859cd017df1d55b66bdbfb1be87495708d6936a; session=3030e7adab4b966c_60b2067c.f6cNB-opwAJxZWnLBh4x2IRjn38; optimizelyEndUserId=oeu1622279805427r0.7800654228222703; discovery=665bb72d-ef71-48bb-9b5d-1ced51323ab5; _ga=GA1.2.1164903024.1622279806; _gid=GA1.2.695968506.1622279806; _gat_UA-52363535-1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tails.com
referer: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tails.com/de/settings/communication-preferences?oosl=.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE&sc_src=email_104863&sc_lid=5992099&sc_uid=Kp0iNSDKFs&sc_llid=1632&sc_eh=949c01bcba3824031
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:16:46 GMT
content-encoding: br
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, no-cache
set-cookie: session=3030e7adab4b966c_60b2067c.f6cNB-opwAJxZWnLBh4x2IRjn38; Expires=Sun, 29-May-2022 09:16:46 GMT; Secure; HttpOnly; Path=/
cf-ray: 656ea0330c704e74-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a590273e200004e743cbe5000000001

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 38ms
13ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-52363535-1&cid=1164903024.1622279806&jid=1068136954&gjid=1827798497&_gid=695968506.1622279806&_u=6GhAAEABAAAAAC~&z=2129053530

Requested by

Host: tails.com
URL: https://tails.com/discovery/js/vendor.37f6a03aca0a4b60e8aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 29 May 2021 09:16:45 GMT
content-type: text/plain
access-control-allow-origin: https://tails.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK wploader.js Show response
static.scarabresearch.com/wpjs/ 31 KB
11 KB 48ms
15ms Script
application/javascript 13.226.159.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.scarabresearch.com/wpjs/wploader.js?ts=2682
Requested by: Host: cdn.scarabresearch.com
URL: https://cdn.scarabresearch.com/js/18CBED0E9A2E6FF9/scarab-v2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-121.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a8924a2e08a71add2ccf0daa228dbd4f0a0ae6e3e8af9bdc104b12cdb04b46a

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 May 2021 18:15:04 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 12 Apr 2021 13:51:20 GMT
Server: AmazonS3
Age: 54103
ETag: W/"f9a6268aab50e09577db222186ac6c49"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
Cache-Control: max-age=86400
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: oymj697c1BsgxiyyxTlTOTCBBLNGBdWjurcb-hX9q5Lrn632M6pu2g==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/966987607/ 3 KB
2 KB 37ms
18ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966987607/?random=1622279805974&cv=9&fst=1622279805974&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5q1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ftails.com%2Fde%2Fsettings%2Fcommunication-preferences%3Foosl%3D.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE%26sc_src%3Demail_104863%26sc_lid%3D5992099%26sc_uid%3DKp0iNSDKFs%26sc_llid%3D1632%26sc_eh%3D949c01bcba3824031&ref=https%3A%2F%2Flink.mail.tails.com%2F&tiba=tails.com&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af6bdc140128c37753b82406c406d12cbee582f5598aa148e777c54862b43848

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 09:16:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 17ms
16ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-52363535-1&cid=1164903024.1622279806&jid=1068136954&_u=6GhAAEABAAAAAC~&z=655293290

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 09:16:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 38ms
20ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-52363535-1&cid=1164903024.1622279806&jid=1068136954&_u=6GhAAEABAAAAAC~&z=655293290

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 09:16:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 write Show response
hits-i.iubenda.com/ 0
395 B 69ms
68ms XHR
text/plain 178.62.192.243
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hits-i.iubenda.com/write?db=hits1
Requested by: Host: tails.com
URL: https://tails.com/discovery/js/vendor.37f6a03aca0a4b60e8aa.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.62.192.243 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tails.com/
Authorization: Basic aGl0czFfdTpoaXRzMV91cHdk
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 29 May 2021 09:16:46 GMT
server: nginx
x-influxdb-build: OSS
access-control-allow-methods: DELETE, GET, OPTIONS, POST, PUT
access-control-allow-origin: https://tails.com
access-control-expose-headers: Date, X-InfluxDB-Version, X-InfluxDB-Build
request-id: 973887d8-c05e-11eb-b26f-0242ac110002
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Length, Content-Type, X-CSRF-Token, X-HTTP-Method-Override
x-influxdb-version: 1.8.2
x-request-id: 973887d8-c05e-11eb-b26f-0242ac110002

OPTIONS
H2 204 write
hits-i.iubenda.com/ Frame 0
0 96ms
31ms Preflight
text/plain 178.62.192.243
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hits-i.iubenda.com/write?db=hits1
Protocol: H2
Server: 178.62.192.243 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Origin: https://tails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 29 May 2021 09:16:46 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: *, authorization
access-control-max-age: 1728000
access-control-allow-credentials: true
content-length: 0
content-type: text/plain charset=UTF-8

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/966987607/ 42 B
64 B 32ms
31ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/966987607/?random=1622279805974&cv=9&fst=1622278800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5q1&sendb=1&frm=0&url=https%3A%2F%2Ftails.com%2Fde%2Fsettings%2Fcommunication-preferences%3Foosl%3D.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE%26sc_src%3Demail_104863%26sc_lid%3D5992099%26sc_uid%3DKp0iNSDKFs%26sc_llid%3D1632%26sc_eh%3D949c01bcba3824031&ref=https%3A%2F%2Flink.mail.tails.com%2F&tiba=tails.com&async=1&fmt=3&is_vtc=1&random=214379786&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 09:16:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/966987607/ 42 B
64 B 36ms
20ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/966987607/?random=1622279805974&cv=9&fst=1622278800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5q1&sendb=1&frm=0&url=https%3A%2F%2Ftails.com%2Fde%2Fsettings%2Fcommunication-preferences%3Foosl%3D.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE%26sc_src%3Demail_104863%26sc_lid%3D5992099%26sc_uid%3DKp0iNSDKFs%26sc_llid%3D1632%26sc_eh%3D949c01bcba3824031&ref=https%3A%2F%2Flink.mail.tails.com%2F&tiba=tails.com&async=1&fmt=3&is_vtc=1&random=214379786&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 09:16:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK wpes6.js Show response
static.scarabresearch.com/wpjs/ 108 KB
35 KB 22ms
22ms Script
application/javascript 13.226.159.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.scarabresearch.com/wpjs/wpes6.js?ts=2682
Requested by: Host: cdn.scarabresearch.com
URL: https://cdn.scarabresearch.com/js/18CBED0E9A2E6FF9/scarab-v2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-121.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6ebbfeb3598b6a9b356eb1518e07cc4719db079b20c5feaabf3a7c907d9c5c61

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 May 2021 19:40:47 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 12 Apr 2021 13:51:22 GMT
Server: AmazonS3
Age: 48960
ETag: W/"a3ec89efc7be314d67a415a8cdbbf324"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
Cache-Control: max-age=86400
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: yWLHUwyz39LsCzwSpwnzveYEDmRz4IZAmDRKE_GFai1zYi567kvArw==

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ Frame 0
0 402ms
100ms Preflight
text/plain 52.45.34.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Server: 52.45.34.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-34-218.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://tails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://tails.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Content-Type: text/plain
Date: Sat, 29 May 2021 09:16:46 GMT
Content-Length: 13
Connection: keep-alive

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
235 B 102ms
101ms XHR
text/plain 52.45.34.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: tails.com
URL: https://tails.com/discovery/js/vendor.37f6a03aca0a4b60e8aa.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.34.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-34-218.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://tails.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Sat, 29 May 2021 09:16:46 GMT
Content-Type: text/plain

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1628441787&t=event&ni=1&_s=1&dl=https%3A%2F%2Ftails.com%2Fde%2Fsettings%2Fcommunication-preferences%3Foosl%3D.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE%26sc_src%3Demail_104863%26sc_lid%3D5992099%26sc_uid%3DKp0iNSDKFs%26sc_llid%3D1632%26sc_eh%3D949c01bcba3824031&dr=https%3A%2F%2Flink.mail.tails.com%2F&ul=en-us&de=UTF-8&dt=tails.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scrolling&ea=percentage&el=scrolled-10-percent&_u=6GjAAEABAAAAAC~&jid=&gjid=&cid=1164903024.1622279806&tid=UA-52363535-1&_gid=695968506.1622279806&gtm=2wg5q15ZNT7J&gcs=G111&z=1764607494

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 01:27:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28184
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1628441787&t=event&ni=1&_s=1&dl=https%3A%2F%2Ftails.com%2Fde%2Fsettings%2Fcommunication-preferences%3Foosl%3D.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE%26sc_src%3Demail_104863%26sc_lid%3D5992099%26sc_uid%3DKp0iNSDKFs%26sc_llid%3D1632%26sc_eh%3D949c01bcba3824031&dr=https%3A%2F%2Flink.mail.tails.com%2F&ul=en-us&de=UTF-8&dt=tails.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scrolling&ea=percentage&el=scrolled-25-percent&_u=6GjAAEABAAAAAC~&jid=&gjid=&cid=1164903024.1622279806&tid=UA-52363535-1&_gid=695968506.1622279806&gtm=2wg5q15ZNT7J&gcs=G111&z=1874270153

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 01:27:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28184
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1628441787&t=event&ni=1&_s=1&dl=https%3A%2F%2Ftails.com%2Fde%2Fsettings%2Fcommunication-preferences%3Foosl%3D.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE%26sc_src%3Demail_104863%26sc_lid%3D5992099%26sc_uid%3DKp0iNSDKFs%26sc_llid%3D1632%26sc_eh%3D949c01bcba3824031&dr=https%3A%2F%2Flink.mail.tails.com%2F&ul=en-us&de=UTF-8&dt=tails.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scrolling&ea=percentage&el=scrolled-50-percent&_u=6GjAAEABAAAAAC~&jid=&gjid=&cid=1164903024.1622279806&tid=UA-52363535-1&_gid=695968506.1622279806&gtm=2wg5q15ZNT7J&gcs=G111&z=831645388

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 01:27:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28184
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 126ms
31ms XHR
text/plain 34.254.140.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=53eb732eabe53dee5c66f4eb&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=1&nS=0&cS=151&cE=161&dLE=151&dLS=151&fS=150&hS=151&rE=150&rS=1&reS=161&resS=525&resE=526&uEE=-1&uES=-1&dL=528&dI=1065&dCLES=1065&dCLEE=1081&dC=1529&lES=1529&lEE=1534&s=nt&title=tails.com&path=https%3A%2F%2Ftails.com%2Fde%2Fsettings%2Fcommunication-preferences&ref=https%3A%2F%2Flink.mail.tails.com%2F&sId=wsadnkoc&sST=1622279806&sIS=1&rV=0&v=1.4.1
Requested by: Host: tails.com
URL: https://tails.com/discovery/js/vendor.37f6a03aca0a4b60e8aa.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.140.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Sat, 29 May 2021 09:16:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1 200
OK / Show response
recommender.scarabresearch.com/merchants/18CBED0E9A2E6FF9/ 89 B
639 B 59ms
15ms XHR
application/json 52.29.111.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recommender.scarabresearch.com/merchants/18CBED0E9A2E6FF9/?pv=1548615185&xp=1&cp=1&eh=949c01bcba3824031&ecid=104863&elid=5992099&ellid=1632&euid=Kp0iNSDKFs&prev_url=https%3A%2F%2Flink.mail.tails.com%2F
Requested by: Host: tails.com
URL: https://tails.com/discovery/js/vendor.37f6a03aca0a4b60e8aa.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.111.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: af437660032ce851fd6f7e3096daf1508235f1595cf7cac97ca82f18370e0be6

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 May 2021 09:16:46 GMT
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Vary: Accept-Encoding, User-Agent
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://tails.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 89
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 campaigns Show response
webchannel-content.eservice.emarsys.net/customer/873590635/ 10 B
296 B 43ms
19ms XHR
application/json 34.117.30.199
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://webchannel-content.eservice.emarsys.net/customer/873590635/campaigns?url=https:%2F%2Ftails.com%2Fde%2Fsettings%2Fcommunication-preferences%3Foosl%3D.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE%26sc_src%3Demail_104863%26sc_lid%3D5992099%26sc_uid%3DKp0iNSDKFs%26sc_llid%3D1632%26sc_eh%3D949c01bcba3824031&prev_url=https:%2F%2Flink.mail.tails.com%2F&lang=de&uli=true&eh=949c01bcba3824031

Requested by

Host: tails.com
URL: https://tails.com/discovery/js/vendor.37f6a03aca0a4b60e8aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.30.199 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

199.30.117.34.bc.googleusercontent.com

Software

nginx/1.19.8 /

Resource Hash

f3c689523d23693d898b0fff66ef380027572e1896e28552f0e029a5626dd46b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 09:16:46 GMT
via: 1.1 google
x-content-type-options: nosniff
alt-svc: clear
server: nginx/1.19.8
x-frame-options: DENY
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-xss-protection: 1; mode=block
expires: 0

GET
H/1.1 200
OK / Show response
recommender-eu.scarabresearch.com/merchants/16361422FBEB0548/ 208 B
759 B 63ms
17ms XHR
application/json 18.157.63.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recommender-eu.scarabresearch.com/merchants/16361422FBEB0548/?pv=818830129&f=f%3AWEBPERSONALIZATION%2Cl%3A50%2Co%3A0%7Cf%3AWP_EH_CI%2Cl%3A50%2Co%3A0&cp=1&lang=de&eh=949c01bcba3824031&fields=item%7Cc_campaign_id%7Cc_campaign_priority%7Cc_campaign_rank%7Cc_content_v3&ta=%7B%22name%22%3A%22localtime%22%2C%22attributes%22%3A%7B%22localtime%22%3A1622279806472%7D%7D&ta=%7B%22name%22%3A%22userLoginInfo%22%2C%22attributes%22%3A%7B%22isUserLoggedIn%22%3Atrue%7D%7D&prev_url=https%3A%2F%2Flink.mail.tails.com%2F&url=https%3A%2F%2Ftails.com%2Fde%2Fsettings%2Fcommunication-preferences%3Foosl%3D.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE%26sc_src%3Demail_104863%26sc_lid%3D5992099%26sc_uid%3DKp0iNSDKFs%26sc_llid%3D1632%26sc_eh%3D949c01bcba3824031
Requested by: Host: tails.com
URL: https://tails.com/discovery/js/vendor.37f6a03aca0a4b60e8aa.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.63.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7ddc3bcf0ee91d2715b57dd1f1537840756df767eb18ca4fb7e0e8e6c416c071

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 May 2021 09:16:46 GMT
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Vary: Accept-Encoding, User-Agent
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://tails.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 208
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 consenTag.js Show response
consentag.eu/public/3.0.1/ 6 KB
3 KB 44ms
7ms Script
text/javascript 34.107.173.171
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://consentag.eu/public/3.0.1/consenTag.js
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.30.3/core-de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.173.171 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 967ebd236caa82e3ba66c9b1343a40d85e43dc00b159a12995b6e1acf0a8fa67

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 08:18:51 GMT
content-encoding: gzip
age: 3476
x-guploader-uploadid: ABg5-UwbFNxf0isXTfxPR1rvxKonWqJcA-sUWLH5U4vPHovo4Ao02C4BEV6ZvSQpsU8IXQPlaNPWm5WDJf-N_E8eaA
x-goog-storage-class: REGIONAL
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 2539
x-goog-meta-
last-modified: Mon, 09 Nov 2020 15:40:59 GMT
server: UploadServer
etag: "bc89e4656f5f6a0c817c68e59c8db3f8"
vary: Accept-Encoding
x-goog-hash: crc32c=41+Qcg==, md5=vInkZW9fagyBfGjlnI2z+A==
x-goog-generation: 1604936459712725
cache-control: public, max-age=3600
x-goog-stored-content-length: 2539
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 29 May 2021 09:18:51 GMT

GET
H2 200 popup_silent.html Show response
consentag.eu/public/3.0.1/ Frame F763 12 KB
4 KB 38ms
38ms Document
text/html 34.107.173.171
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://consentag.eu/public/3.0.1/popup_silent.html
Requested by: Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/consenTag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.173.171 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8478c027e3ef713c28d00960958a38c5345981a413a0621bde7252a0d4ae1085

Request headers

:method: GET
:authority: consentag.eu
:scheme: https
:path: /public/3.0.1/popup_silent.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tails.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tails.com/

Response headers

x-guploader-uploadid: ABg5-Ux9_dnIqo7aNIr_tlSKjtJBISXObO7Y5FNQQINw-W5aKH6F7s6xQf98qKl6nniEvWITf364_hHeWXLVHIBWuvDN2XBT3g
date: Thu, 20 May 2021 15:00:48 GMT
cache-control
expires: Fri, 20 May 2022 15:00:48 GMT
last-modified: Tue, 04 Aug 2020 11:50:31 GMT
etag: "4ab28b36a78d727c029853fee0e7ecba"
x-goog-generation: 1596541831576611
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 3940
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-type: text/html
content-encoding: gzip
content-disposition
content-language
x-goog-hash: crc32c=WarlyQ== md5=SrKLNqeNcnwCmFP+4Ofsug==
x-goog-storage-class: REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 3940
server: UploadServer
age: 756959
alt-svc: clear

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ Frame F763 84 KB
27 KB 30ms
16ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/popup_silent.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://consentag.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1140059
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26909
cf-request-id: 0a59027a5900004d8955b1e000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14e4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6d9ZlZXdk7LVuhM7Oty9FHX0hMAO1dy3Q6OTHUaoY3uJKjsd6S%2BI6ajtPUlVY85B38dOXEVg%2F9Km7EcJwh4v6TD1VOaPOFFJ770E6N8%2BQX63GruZrttM0J2aQ3iZufJgDL7cgfBpwXGMVDd4EA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 656ea03d5f844d89-FRA
expires: Thu, 19 May 2022 09:16:47 GMT

GET
H2 200 fingerprint2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/1.5.1/ Frame F763 34 KB
9 KB 35ms
22ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/1.5.1/fingerprint2.min.js

Requested by

Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/popup_silent.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

973c41770723e02cb80d35336660171f74e31602a63f52fc22165190e94b0a7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://consentag.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3977677
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9015
cf-request-id: 0a59027a5a00004d8968923000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5c-8648"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nMK50kWlwLd3D8t3UxWg3OeIY%2B4CZ6wALRSEdPiIe9ff5utBKqr0OxrGiYAI6qyIPEGa%2Bwc9uSH46GE1Qlaq2EBW%2Bfjz11xW9bVoELu0tqR352g8lj43%2B7J6krYtqMX7mCsrMs65ImvQybge4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 656ea03d5f874d89-FRA
expires: Thu, 19 May 2022 09:16:47 GMT

GET
H2 200 mustache.min.js Show response
cdnjs.cloudflare.com/ajax/libs/mustache.js/2.3.0/ Frame F763 9 KB
3 KB 31ms
18ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mustache.js/2.3.0/mustache.min.js

Requested by

Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/popup_silent.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89aa9f3b9b9ed156d219c122427f8e797c67c4030adbe4201d72030396d6b462

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://consentag.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5832928
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2513
cf-request-id: 0a59027a5900004d8929180000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:29 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f29-2538"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uMkeeGc8gh%2Fy1XSTK4FWID%2B2ykeLMYCERa4dAoDO2GUVixqnvkUM5ru3EACygKnze%2Ft9R6LTVTSDz6CqPpwb7FM%2FLggqWmmyJsdhlHGEvF7lqcUSoIEQNQeSLRu%2FIGK8Q%2Fr%2Bbx17c2WumYOeuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 656ea03d5f884d89-FRA
expires: Thu, 19 May 2022 09:16:47 GMT

POST
H2 200 getuam Show response
consentag.eu/manager/consent/user/ Frame F763 2 KB
2 KB 16ms
16ms XHR
application/json 34.107.173.171
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://consentag.eu/manager/consent/user/getuam
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.173.171 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: de4582bc521a73c97c3592e65b9dbbe278df80ddafaf8927ec934a800c75c4eb

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://consentag.eu/public/3.0.1/popup_silent.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sat, 29 May 2021 09:16:47 GMT
via: 1.1 google
etag: uk-1622279807-4767a1817e234a78b998ef841ef53096
server: Apache-Coyote/1.1
alt-svc: clear
content-length: 2257
content-type: application/json

GET
H2 200 5f05d3d0fca4a700010b1c55.js Show response
assets.reflow.tv/pixels/5f05d3c0fca4a700010b1c54/ 23 KB
7 KB 24ms
6ms Script
text/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.reflow.tv/pixels/5f05d3c0fca4a700010b1c54/5f05d3d0fca4a700010b1c55.js?caid=31859af84a7f49e690a4c945b84b700b&cst=true&gdpr_consent=&version=6
Requested by: Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/consenTag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: d548178d47147f9d6af9bb8ad4c0a81dd09f982fc3b9553884d9a3330175abcb

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 09:16:47 GMT
via: 1.1 google
server: keycdn-engine
x-edge-location: defr
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
content-encoding: gzip
expires: Mon, 28 Jun 2021 09:16:47 GMT

GET
H2 200 798622919a81afae48b27bdca0d10d5a.js Show response
cdn.ctnsnet.com/ase/fetch/scraper/65841260/ 23 KB
6 KB 31ms
6ms Script
application/json 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ctnsnet.com/ase/fetch/scraper/65841260/798622919a81afae48b27bdca0d10d5a.js?caid=31859af84a7f49e690a4c945b84b700b&cst=true&gdpr_consent=
Requested by: Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/consenTag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 373fc3fef42a6603c7f7f2e56d2b9c44088b96f90a398544df29913f19637a15

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: AcO1rzVfhmLv/hABAA==
date: Sat, 29 May 2021 09:16:47 GMT
via: 1.1 google
server: CDN77-Turbo
x-77-nzt-ray: 2N+sCOEQxHk=
x-77-cache: HIT
content-type: application/json
x-cache: HIT
x-age: 69886
content-encoding: br
x-77-pop: frankfurtDE
expires: Mon, 31 May 2021 13:52:01 GMT

POST
H2 200 ad Show response
insight.reflow.tv/log/ 847 B
1 KB 47ms
16ms XHR
text/html 2600:1901:0:2bdd::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.reflow.tv/log/ad?ev=scrape&advid=5f05d3c0fca4a700010b1c54&ad=5f05d3d0fca4a700010b1c55&caid=31859af84a7f49e690a4c945b84b700b&cst=true&loc=https%3A%2F%2Ftails.com%2Fde%2Fsettings%2Fcommunication-preferences%3Foosl%3D.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE%26sc_src%3Demail_104863%26sc_lid%3D5992099%26sc_uid%3DKp0iNSDKFs%26sc_llid%3D1632%26sc_eh%3D949c01bcba3824031&ref=https%3A%2F%2Flink.mail.tails.com%2F&x=1622279808711
Requested by: Host: tails.com
URL: https://tails.com/discovery/js/vendor.37f6a03aca0a4b60e8aa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:2bdd:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 8c91d275f24d4831a89199400bbceb2c9f2e612242dccfd34dca3d97b7a26702

Request headers

Accept: text/html
Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 29 May 2021 09:16:48 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tails.com
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 847
x-reflow-time: 2

POST
H2 200 uas Show response
i.ctnsnet.com/int/ 0
317 B 44ms
16ms XHR
text/html 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ctnsnet.com/int/uas?pixel=65841260&cont=f&event=scrape&caid=31859af84a7f49e690a4c945b84b700b&cst=true&loc=https%3A%2F%2Ftails.com%2Fde%2Fsettings%2Fcommunication-preferences%3Foosl%3D.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE%26sc_src%3Demail_104863%26sc_lid%3D5992099%26sc_uid%3DKp0iNSDKFs%26sc_llid%3D1632%26sc_eh%3D949c01bcba3824031&ref=https%3A%2F%2Flink.mail.tails.com%2F&x=1622279808719
Requested by: Host: tails.com
URL: https://tails.com/discovery/js/vendor.37f6a03aca0a4b60e8aa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: text/html
Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 29 May 2021 09:16:48 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin: https://tails.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
content-type: text/html
alt-svc: clear
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integration Show response
i.ctnsnet.com/int/ Frame 21B7 0
154 B 16ms
15ms Script
text/javascript 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ctnsnet.com/int/integration?pixel=65425711&nid=304041&cont=s&eventType=pageView&pageType=other&countryCode=&advertiserUserId=&_ssluid=a3982a4f-4ccc-4567-afd4-75ced9e12477&_sslreqid=86191161-4c64-4ce4-a5f2-5e7e9347b506&loc=https%3a%2f%2ftails.com%2fde%2fsettings%2fcommunication-preferences%3foosl%3d.eJwVyVsKgCAQRuG9zLOBEQS5GZHplwQdxctDRHvP4Lx8nId4tJ4Tqg0nmWPXq55titzol23gHrKQIc4pDQnsfi-lwqNCGI0UBZm3RHTYLPEm411seD_HFiEI.E4lksw.i4fibW06JuCoelBFUn_zYLKcjDE%26sc_src%3demail_104863%26sc_lid%3d5992099%26sc_uid%3dKp0iNSDKFs%26sc_llid%3d1632%26sc_eh%3d949c01bcba3824031&ref=https%3a%2f%2flink.mail.tails.com%2f&caid=31859af84a7f49e690a4c945b84b700b&cst=true&gdpr_consent=
Requested by: Host: assets.reflow.tv
URL: https://assets.reflow.tv/pixels/5f05d3c0fca4a700010b1c54/5f05d3d0fca4a700010b1c55.js?caid=31859af84a7f49e690a4c945b84b700b&cst=true&gdpr_consent=&version=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 May 2021 09:16:48 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
cache-control: no-cache, must-revalidate
content-type: text/javascript
alt-svc: clear
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ Frame 21B7 43 B
964 B 95ms
32ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10137890

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 May 2021 09:16:48 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Sat, 29 May 2021 09:16:48 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tails.com/	1970-01-19 18:37:59	Name: _gat_UA-52363535-1 Value: 1
.tails.com/	1970-01-19 18:39:26	Name: _gid Value: GA1.2.695968506.1622279806
.tails.com/	1970-01-20 12:09:11	Name: _ga Value: GA1.2.1164903024.1622279806
tails.com/	1970-01-20 03:23:35	Name: discovery Value: 665bb72d-ef71-48bb-9b5d-1ced51323ab5
tails.com/	1970-01-20 03:23:35	Name: session Value: 3030e7adab4b966c_60b2067c.f6cNB-opwAJxZWnLBh4x2IRjn38
tails.com/	1970-01-20 03:23:35	Name: remember_token Value: 960100103\|a859cd017df1d55b66bdbfb1be87495708d6936a
.tails.com/	1970-01-19 22:57:11	Name: optimizelyEndUserId Value: oeu1622279805427r0.7800654228222703
tails.com/de/settings	1970-01-19 18:38:09	Name: pa-l Value: pa-l=sid%3Dwsadnkoc%26sst%3D1622279806%26sis%3D1%26rv%3D0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://tails.com/1.0/js/main.c7f0b97826d606b34bcf.js(Line 1) Message: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
console-api	log	URL: https://tails.com/discovery/js/vendor.37f6a03aca0a4b60e8aa.js(Line 43) Message: controller [warn]: Cannot find definition for "comms-prefs"
console-api	log	URL: https://tails.com/discovery/js/vendor.37f6a03aca0a4b60e8aa.js(Line 43) Message: controller [warn]: Cannot find definition for "notifications"
console-api	log	URL: https://tails.com/discovery/js/vendor.37f6a03aca0a4b60e8aa.js(Line 43) Message: controller [warn]: Cannot find definition for "top-nav"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.reflow.tv
cdn.ctnsnet.com
cdn.iubenda.com
cdn.optimizely.com
cdn.scarabresearch.com
cdnjs.cloudflare.com
consentag.eu
errors.client.optimizely.com
googleads.g.doubleclick.net
hits-i.iubenda.com
i.ctnsnet.com
insight.reflow.tv
link.mail.tails.com
o13887.ingest.sentry.io
o8y.tails.com
recommender-eu.scarabresearch.com
recommender.scarabresearch.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
s3-eu-west-1.amazonaws.com
services.postcodeanywhere.co.uk
sp.analytics.yahoo.com
static.scarabresearch.com
stats.g.doubleclick.net
tails.com
webchannel-content.eservice.emarsys.net
widget.trustpilot.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.iubenda.com
104.111.214.240
13.226.159.121
13.226.159.122
13.226.159.25
142.250.185.98
178.62.192.243
18.157.63.213
212.82.100.181
217.175.192.51
2600:1901:0:2bdd::
2606:4700:10::6814:15ef
2606:4700:10::6816:3083
2606:4700::6810:125e
2606:4700::6811:ab24
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2008
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:400c:c0c::9a
2a02:26f0:6c00:2a0::13b8
2a02:6ea0:c700::4
2a0b:4d07:102::1
34.107.173.171
34.117.233.127
34.117.30.199
34.120.195.249
34.254.140.182
35.186.193.173
52.218.25.27
52.29.111.22
52.45.34.218
0264d9ad44f32f05534a6ba89ef11366da56f7c1a3ecfb91e01df2daf1b0471b
03b52a1594b643f27fdfc0ad86291bf36368dde44df9f07e1206b6fd3563bcab
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10c394bb383709abdef8ecd28b74369fcd3af71c672b1fc3bc6c93c8a6e5ccd6
15a3116c62d691fe4ebf0f26c7070eeeb76fcfd5c35e1b1734c2b3a767cf0b1c
1dff8401cfad8003b79df3d241b98af256a7a0c9e4316e4a03720013f46d398c
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
373fc3fef42a6603c7f7f2e56d2b9c44088b96f90a398544df29913f19637a15
3c75b9bf203d89747c90df796c9cb689f3b8547d54688b5eb93d838b7a3bf8f3
45a388fe1a760fe946a2e876571854996913023a299244ec7e32edfbf4546010
497686ff9f639ad2f229371c721f48c11823bd1c81d76cbfbdecd1ad68279cdc
6aee104ee9726dbd3364a148683c1ef0d5f9204c21c41605b2e418d948e4fe01
6ebbfeb3598b6a9b356eb1518e07cc4719db079b20c5feaabf3a7c907d9c5c61
739545028ec84ff1a2a8489e27058ec23dec426439564ad31f2708f4c25a91ef
75125e19525c550e582dc4b888e8afa085db3479bfdab35c42955720cd751695
7682dde32db50ed8ff2f595e4c86d9a4c1767eb663a51ae59f31ed4974bdc585
7768acb9e3c519c18df75980e946776618591d8ab624775b56cbba28bef9dc9b
79da9921ec327d511385505cec2e6619f26fd6484349ead391e7129b7ba231a9
7ddc3bcf0ee91d2715b57dd1f1537840756df767eb18ca4fb7e0e8e6c416c071
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8478c027e3ef713c28d00960958a38c5345981a413a0621bde7252a0d4ae1085
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89aa9f3b9b9ed156d219c122427f8e797c67c4030adbe4201d72030396d6b462
8a8924a2e08a71add2ccf0daa228dbd4f0a0ae6e3e8af9bdc104b12cdb04b46a
8c91d275f24d4831a89199400bbceb2c9f2e612242dccfd34dca3d97b7a26702
8ed3a91653237bec9b0b48f7fc1fce4bbc8e42b014d4f335d5d440085c8a1163
967ebd236caa82e3ba66c9b1343a40d85e43dc00b159a12995b6e1acf0a8fa67
96d62719a8762564c255f8c8783a446c61914b926f21a29eac5d10179b283945
973c41770723e02cb80d35336660171f74e31602a63f52fc22165190e94b0a7c
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
af437660032ce851fd6f7e3096daf1508235f1595cf7cac97ca82f18370e0be6
af6bdc140128c37753b82406c406d12cbee582f5598aa148e777c54862b43848
b03ee0bc4df68cdf71de26d7e26770991f53c3178ea06ee97ca55cf4b9b0f614
bb88444ba47283a55e6299fb840a0fbdd9bc36289015e414bfe51d517b113ac9
c19455754ead9313cc2221c64f1c66e8378501d8099bdcb3d90bb0b1a170b5ec
c649b91d19952fac777c1928a0af893cbdb3bb5160b7ef48798997f4eca87933
ca23773dd4bf46922200e40b31cbedf7d237f19b320309f32e8e62f87086f420
d1b7090243fe861d17764cdce54e2896754778c9d479bdee6137067c5ec47b53
d548178d47147f9d6af9bb8ad4c0a81dd09f982fc3b9553884d9a3330175abcb
daa6a02031289fb7fb3bbdabe83aecb152b236c81342322302609a7e42ed35e4
dd0d7cee23a4d08e20b34618a04b6b5dbd9df489bb630c218e22ba2b319e41a7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de4582bc521a73c97c3592e65b9dbbe278df80ddafaf8927ec934a800c75c4eb
e216c710dd23fd455f7cbd731344a413949b8b07a5af2eb70e092ab598e841de
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3c689523d23693d898b0fff66ef380027572e1896e28552f0e029a5626dd46b
f7a5af2a351f684a05994714f8e9c7fb24dbcf785b790531fb333d15ce2cdde8
faeb6f447decbc66c748b9f4a3ad69fa3a08a63a6b3e789dcd53c6aad32785a1

tails.com Open in urlscan Pro 2606:4700:10::6816:3083 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

100 %HTTPS

44 %IPv6

21 Domains

33 Subdomains

32 IPs

8 Countries

1126 kBTransfer

4769 kBSize

8 Cookies

5 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tails.com Open in urlscan Pro
2606:4700:10::6816:3083 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

100 %
HTTPS

44 %
IPv6

21
Domains

33
Subdomains

32
IPs

8
Countries

1126 kB
Transfer

4769 kB
Size

8
Cookies

63 HTTP transactions
0 data transactions